search

dependency-check / dependency-check-gradle

The dependency-check gradle plugin is a Software Composition Analysis (SCA) tool that allows projects to monitor dependent libraries for known, published vulnerabilities.
http://jeremylong.github.io/DependencyCheck/
Apache License 2.0
361 stars 93 forks source link

Gradle Kotlin DSL - Gradle plugin version 8.0 #355

Open VictorAlbertos opened 1 year ago

VictorAlbertos commented 1 year ago

When I try to run any task from this Plugin, using the Kotlin DSL and Gradle Plugin version 8.0, such as ./gradlew dependencyCheckUpdate, I get his error related with Jackson:

Execution failed for task ':dependencyCheckUpdate'.
> class com.fasterxml.jackson.databind.deser.SettableBeanProperty$Delegating overrides final method com.fasterxml.jackson.databind.deser.SettableBeanProperty.getDeclaringClass()Ljava/lang/Class;

I tried multiple combinations of forcing the Jackson version, also adding additional Jackson dependencies -based on suggestions that I found on StackOverflow. But none of this it worked:

buildscript {
    dependencies {
        classpath("com.fasterxml.jackson.core:jackson-databind:multiple-versions-tried-here")
        classpath("com.fasterxml.jackson.core:jackson-core:multiple-versions-tried-here")
        classpath("com.fasterxml.jackson.core:jackson-annotations:multiple-versions-tried-here")
    }

    configurations.all {
        resolutionStrategy {
            force("com.fasterxml.jackson.core:jackson-databind:multiple-versions-tried-here")
            force("com.fasterxml.jackson.core:jackson-core:multiple-versions-tried-here")
            force("com.fasterxml.jackson.core:jackson-annotations:multiple-versions-tried-here")
        }
    }
}

Any idea how could I fix this issue? The thing is that jackson version that this plugin uses is really old, maybe it is worth it bumping it?