Open tr0nand opened 3 years ago
You may have to add CycloneDX Core Java or Jackson Databind to your list of dependencies directly, as it looks like something in the Gradle config is not resolving correctly.
I added both the dependencies to the list of dependencies using both compile and classpath options in build.gradle file as follows -
dependencies {
compile("org.cyclonedx:cyclonedx-core-java:5.0.2")
compile("com.fasterxml.jackson.core:jackson-databind:2.0.1")
}
dependencies {
classpath("org.cyclonedx:cyclonedx-core-java:5.0.2")
classpath("com.fasterxml.jackson.core:jackson-databind:2.0.1")
}
Am I doing it wrong, because the error still persists?
Am I doing it wrong, because the error still persists?
You may also want to add jackson-annotations
to your dependencies as well. Other than that, I do not know, as I don't use Gradle. But I would also encourage you to post a message in the #java-gradle channel in Slack if you don't get any response here.
I had the same issue and this was caused by a conflict between gradle plugin dependencies.
In my case, I was using the gradle-docker-plugin (https://github.com/bmuschko/gradle-docker-plugin) AND having a multi-module gradle build, with the gradle-docker-plugin defined in the root build.gradle file and the cyclonedx plug-in defined in one of the children.
I fixed the issue by only referencing the gradle-docker-plugin in the child projects and making sure it was referenced below the cyclonedx one.
In the case of the gradle-docker-plugin, I traced down the issue with the fact it's using docker-java, that is still referencing a Jackson 2.10 version. I'm creating a PR to update to latest 2.12.x version of Jackson.
Any update about this? I've been facing the same issue. I have a really big list of dependencies, so it seems not feasible to me to check if there's some conflict between them. The project builds normally with or without the org.cyclonedx.bom plugin, I just get the error when executing the command gradle cyclonedxBom
.
I am using the cyclonedx-gradle-plugin version 1.4.0 for Kotlin on Ubuntu 18.0. I get the following output when I run the cycloneDx task -
FAILURE: Build failed with an exception.
Caused by: java.lang.NoSuchMethodError: 'com.fasterxml.jackson.databind.cfg.MutableCoercionConfig com.fasterxml.jackson.dataformat.xml.XmlMapper.coercionConfigDefaults()' at com.fasterxml.jackson.dataformat.xml.XmlMapper.<init>(XmlMapper.java:176) at com.fasterxml.jackson.dataformat.xml.XmlMapper.<init>(XmlMapper.java:145) at com.fasterxml.jackson.dataformat.xml.XmlMapper.<init>(XmlMapper.java:127) at org.cyclonedx.generators.xml.AbstractBomXmlGenerator.<init>(AbstractBomXmlGenerator.java:48) at org.cyclonedx.generators.xml.BomXmlGenerator13.<init>(BomXmlGenerator13.java:42) at org.cyclonedx.BomGeneratorFactory.createXml(BomGeneratorFactory.java:46) at org.cyclonedx.gradle.CycloneDxTask.writeXMLBom(CycloneDxTask.java:384) at org.cyclonedx.gradle.CycloneDxTask.writeBom(CycloneDxTask.java:373) at org.cyclonedx.gradle.CycloneDxTask.createBom(CycloneDxTask.java:176) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at org.gradle.internal.reflect.JavaMethod.invoke(JavaMethod.java:104)