Errors when parsing Swift Package Manager dependencies

[martinhoeller]

When analyzing our project with many SPM dependencies we get a lot of different parsing errors. Some examples below:

15:12:46  [ INFO] Analyzing swift project at *****/derivedData/SourcePackages/checkouts/lottie-ios/
15:12:46  [ WARN] ----------
15:12:46    An error occurred:
15:12:46  
15:12:46        Error parsing file *****/derivedData/SourcePackages/checkouts/lottie-ios/Package.swift:
15:12:46            *****/derivedData/SourcePackages/checkouts/lottie-ios/Package.swift:19:1:
15:12:46               |
15:12:46            19 | <empty line>
15:12:46               | ^
15:12:46            unexpected end of input
15:12:46            expecting "dependencies:"
15:12:46  
15:12:46  
15:12:46        Traceback:
15:12:46          - Parsing file '*****/derivedData/SourcePackages/checkouts/lottie-ios/Package.swift'
15:12:46          - Identifying dependencies in Package.swift
15:12:46          - Project Analysis

15:12:46  [ INFO] Analyzing swift project at *****/derivedData/SourcePackages/checkouts/abseil-cpp-SwiftPM/
15:12:46  [ WARN] ----------
15:12:46    An error occurred:
15:12:46  
15:12:46        Error parsing file *****/derivedData/SourcePackages/checkouts/abseil-cpp-SwiftPM/Package.swift:
15:12:46            *****/derivedData/SourcePackages/checkouts/abseil-cpp-SwiftPM/Package.swift:254:9:
15:12:46                |
15:12:46            254 |         "abseil",
15:12:46                |         ^
15:12:46            unexpected '"'
15:12:46            expecting ".package" or ']'
15:12:46  
15:12:46  
15:12:46        Traceback:
15:12:46          - Parsing file '*****/derivedData/SourcePackages/checkouts/abseil-cpp-SwiftPM/Package.swift'
15:12:46          - Identifying dependencies in Package.swift
15:12:46          - Project Analysis

15:12:46  [ INFO] Analyzing swift project at *****/derivedData/SourcePackages/checkouts/swift-protobuf/FuzzTesting/
15:12:46  [ WARN] ----------
15:12:46    An error occurred:
15:12:46  
15:12:46        Error parsing file *****/derivedData/SourcePackages/checkouts/swift-protobuf/FuzzTesting/Package.swift:
15:12:46            *****/derivedData/SourcePackages/checkouts/swift-protobuf/FuzzTesting/Package.swift:9:41:
15:12:46              |
15:12:46            9 |         .package(name: "SwiftProtobuf", path: ".."),
15:12:46              |                                         ^^^^
15:12:46            unexpected "path"
15:12:46            expecting "url:"
15:12:46  
15:12:46  
15:12:46        Traceback:
15:12:46          - Parsing file '*****/derivedData/SourcePackages/checkouts/swift-protobuf/FuzzTesting/Package.swift'
15:12:46          - Identifying dependencies in Package.swift
15:12:46          - Project Analysis

Out of 47 dependencies, 21 produce those kind of warnings. I'm happy to provide an exhaustive list of all Swift packages that cause troubles, if needed.

[meghfossa]

@martinhoeller Would you be able to provide package.swift file and debug logs?

You can create debug logs by running: fossa analyze --output --debug, this will create .fossa.debug.json file. You will need CLI version v2.17.0 or greater for this.

[martinhoeller]

Upon further investigation it seems that fossa is just completely ignoring excluded paths in .fossa.yml. We configured it to ignore ./derivedData, yet it is analyzing files in that directory. The same happens when passing the --exclude-path ./derivedData parameter.

[meghfossa]

Hi @martinhoeller - fyi, I will be transferring this issue to fossa-cli repository, as spectrometer code is migrated to fossa-cli for all future development.

[zlav]

@martinhoeller could you provide the package.swift file that the fossa-cli is unable to parse?

In relation to ignoring the excluded paths, please update to the latest version of the fossa-cli and let me know if you are still seeing these issues. We have made a lot of improvements to this feature.