[Warning] No dependency information available

tsendee0409 commented 3 years ago

I have recently installed Jhipster v7.2.0 and generated a simple microservice application. But some warnings appeared when it was running.

[WARNING] The POM for org.apache.logging.log4j:log4j-api-java9:zip:2.14.1 is missing, no dependency information available Downloading from spring-libs-release: https://repo.spring.io/libs-release/org/springframework/roo/org.springframework.roo.annotations/1.2.3.RELEASE/org.springframework.roo.annotations-1.2.3.RELEASE.pom Downloading from spring-libs-snapshot: https://repo.spring.io/libs-snapshot/org/springframework/roo/org.springframework.roo.annotations/1.2.3.RELEASE/org.springframework.roo.annotations-1.2.3.RELEASE.pom [WARNING] Rule 0: org.apache.maven.plugins.enforcer.DependencyConvergence failed with message: Could not build dependency tree Could not collect dependencies: mn.novelsoft:addressing:jar:0.0.1-SNAPSHOT ()

mraible commented 3 years ago

I've see this too recently.

On Sep 16, 2021, at 20:17, tsendee0409 @.***> wrote:

I have recently installed Jhipster v7.2.0 and generated a simple microservice application. But some warnings appeared when it was running.

[WARNING] The POM for org.apache.logging.log4j:log4j-api-java9:zip:2.14.1 is missing, no dependency information available Downloading from spring-libs-release: https://repo.spring.io/libs-release/org/springframework/roo/org.springframework.roo.annotations/1.2.3.RELEASE/org.springframework.roo.annotations-1.2.3.RELEASE.pom Downloading from spring-libs-snapshot: https://repo.spring.io/libs-snapshot/org/springframework/roo/org.springframework.roo.annotations/1.2.3.RELEASE/org.springframework.roo.annotations-1.2.3.RELEASE.pom [WARNING] Rule 0: org.apache.maven.plugins.enforcer.DependencyConvergence failed with message: Could not build dependency tree Could not collect dependencies: mn.novelsoft:addressing:jar:0.0.1-SNAPSHOT ()

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or unsubscribe.

iconben commented 3 years ago

I was upgrading a legacy app from jhipster 4.x to 7.2.0 and ran into this error too.

[INFO] --- maven-resources-plugin:3.2.0:resources (default-resources) @ rms ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] Using 'UTF-8' encoding to copy filtered properties files.
[INFO] Copying 4 resources
[INFO] Copying 117 resources
[INFO] 
[INFO] --- maven-enforcer-plugin:3.0.0:enforce (enforce-versions) @ rms ---
[INFO] 
[INFO] --- maven-enforcer-plugin:3.0.0:enforce (enforce-dependencyConvergence) @ rms ---
Downloading from central: https://repo.maven.apache.org/maven2/org/apache/logging/log4j/log4j-api-java9/2.14.1/log4j-api-java9-2.14.1.pom
[WARNING] The POM for org.apache.logging.log4j:log4j-api-java9:zip:2.14.1 is missing, no dependency information available
......

It is a 404 page of above pom url. I further inspected the parent package directories, it turned out that there is no "https://repo.maven.apache.org/maven2/org/apache/logging/log4j/log4j-api-java9/**" up there. You can check https://repo.maven.apache.org/maven2/org/apache/logging/log4j/

It's also strange that artifact log4j-api-java9 is listed on this page: https://logging.apache.org/log4j/2.x/log4j-api/dependencies.html , but its link: https://logging.apache.org/log4j/2.x/log4j-api-java9/ doesn't work, a 404 page again.

pmverma commented 3 years ago

I have not looked deeper into it but I remember that this issue occurred when upgrading the maven enforcer plugin from 3.0.0-M3 to 3.0.0 You can check by switching the versions.

iconben commented 3 years ago

Yes, switching to 3.0.0-M3 of maven enforcer plugin works for now. Thanks for sharing @pmverma

github-actions[bot] commented 3 years ago

This issue is stale because it has been open 30 days with no activity. Our core developers tend to be more verbose on denying. If there is no negative comment, possibly this feature will be accepted. We are accepting PRs :smiley:. Comment or this will be closed in 7 days

rehmetjan commented 2 years ago

in the POM.xml add -M3 change this:

3.0.0 to: 3.0.0-M3 now it works!!

nomuna commented 2 years ago

Ok, this is no longer a warning but an error/a build failure now...

May be just add the working version for the enforcer in the template? I am using Jhipster 7.4.0 and getting this error and have to use the workaround to make the build work.

ManuelTS commented 2 years ago

I can confirm this issue with the following dependencies:

<!-- ... -->
    <properties>
        <java.version>11</java.version>
        <maven.compiler.source>${java.version}</maven.compiler.source>
        <maven.compiler.target>${java.version}</maven.compiler.target>
        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
        <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
        <spring.boot.version>2.5.5</spring.boot.version>
    </properties>

    <dependencyManagement>
        <dependencies>
            <dependency>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-dependencies</artifactId>
                <version>${spring.boot.version}</version>
                <type>pom</type>
                <scope>import</scope>
            </dependency>
            <dependency>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-starter-web</artifactId>
                <version>${spring.boot.version}</version>
                <exclusions>
                    <exclusion>
                        <groupId>org.hibernate</groupId>
                        <artifactId>hibernate-validator</artifactId>
                    </exclusion>
                </exclusions>
            </dependency>
            <dependency>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-actuator</artifactId>
                <version>${spring.boot.version}</version>
            </dependency>
            <dependency>
                <groupId>javax.servlet</groupId>
                <artifactId>javax.servlet-api</artifactId>
                <scope>provided</scope>
            </dependency>
            <dependency>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-configuration-processor</artifactId>
                <version>${spring.boot.version}</version>
                <exclusions>
                    <exclusion>
                        <groupId>commons-logging</groupId>
                        <artifactId>commons-logging</artifactId>
                    </exclusion>
                </exclusions>
            </dependency>
            <dependency>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-starter-data-mongodb</artifactId>
                <version>${spring.boot.version}</version>
            </dependency>

            <dependency>
                <groupId>org.apache.commons</groupId>
                <artifactId>commons-lang3</artifactId>
                <version>3.8.1</version>
            </dependency>
            <dependency>
                <groupId>commons-lang</groupId>
                <artifactId>commons-lang</artifactId>
                <version>2.6</version>
            </dependency>

            <dependency>
                <groupId>org.apache.commons</groupId>
                <artifactId>commons-collections4</artifactId>
                <version>4.2</version>
            </dependency>
            <dependency>
                <groupId>commons-collections</groupId>
                <artifactId>commons-collections</artifactId>
                <version>3.2.2</version>
            </dependency>
            <dependency>
                <groupId>commons-codec</groupId>
                <artifactId>commons-codec</artifactId>
                <version>1.15</version>
            </dependency>
            <dependency>
                <groupId>commons-io</groupId>
                <artifactId>commons-io</artifactId>
                <version>2.6</version>
            </dependency>

            <dependency>
                <groupId>org.apache.commons</groupId>
                <artifactId>commons-csv</artifactId>
                <version>1.6</version>
            </dependency>

            <dependency>
                <groupId>commons-validator</groupId>
                <artifactId>commons-validator</artifactId>
                <version>1.6</version>
            </dependency>

            <dependency>
                <groupId>org.apache.commons</groupId>
                <artifactId>commons-math3</artifactId>
                <version>3.6.1</version>
            </dependency>

            <dependency>
                <groupId>org.apache.commons</groupId>
                <artifactId>commons-text</artifactId>
                <version>1.9</version>
            </dependency>

            <dependency>
                <groupId>org.apache.commons</groupId>
                <artifactId>commons-compress</artifactId>
                <version>1.20</version>
            </dependency>

            <dependency>
                <groupId>com.google.guava</groupId>
                <artifactId>guava</artifactId>
                <version>21.0</version>
            </dependency>
        </dependencies>
    </dependencyManagement>
<!-- ... -->

Where using the maven-enforcer-plugin version 3.0.0 causes the error and 3.0.0-M3 not. However, I don't get a warning within the git actions pipeline, but an error

Failed to execute goal org.apache.maven.plugins:maven-enforcer-plugin:3.0.0:enforce (check-prerequisites) on project api: Some Enforcer rules have failed. Look above for specific messages explaining why the rule failed.

mraible commented 2 years ago

It seems like we should revert to 3.0.0-M3. I entered an issue for this in the Maven Enforcer Plugin's JIRA. https://issues.apache.org/jira/browse/MENFORCER-413

michael-o commented 2 years ago

Unless someone provides me a minimal working example in MENFORCER I will close the issue. The mentioned Logging artifact does not exist and likely never did. I consider this case as invalid.

mraible commented 2 years ago

@michael-o: here's how to reproduce:

git clone https://github.com/oktadev/auth0-full-stack-java-example.git
cd auth0-full-stack-java-example

You will see that this version uses maven-enforcer-plugin version 3.0.0:

$ cat pom.xml| grep enforcer
        <maven-enforcer-plugin.version>3.0.0</maven-enforcer-plugin.version>
                <artifactId>maven-enforcer-plugin</artifactId>
                    <artifactId>maven-enforcer-plugin</artifactId>
                    <version>${maven-enforcer-plugin.version}</version>

Run it to see the warning:

 ./mvnw package

You will see warnings about dependencies from the enforcer plugin:

...
[INFO] --- maven-enforcer-plugin:3.0.0:enforce (enforce-dependencyConvergence) @ flickr-2 ---
Downloading from central: https://repo.maven.apache.org/maven2/org/apache/logging/log4j/log4j-api-java9/2.14.1/log4j-api-java9-2.14.1.pom
[WARNING] The POM for org.apache.logging.log4j:log4j-api-java9:zip:2.14.1 is missing, no dependency information available
Downloading from central: https://repo.maven.apache.org/maven2/org/springframework/roo/org.springframework.roo.annotations/1.2.3.RELEASE/org.springframework.roo.annotations-1.2.3.RELEASE.pom
Downloading from spring-libs-release: https://repo.spring.io/libs-release/org/springframework/roo/org.springframework.roo.annotations/1.2.3.RELEASE/org.springframework.roo.annotations-1.2.3.RELEASE.pom
Downloading from spring-libs-snapshot: https://repo.spring.io/libs-snapshot/org/springframework/roo/org.springframework.roo.annotations/1.2.3.RELEASE/org.springframework.roo.annotations-1.2.3.RELEASE.pom

Update pom.xml to use M3:

<maven-enforcer-plugin.version>3.0.0-M3</maven-enforcer-plugin.version>

Run ./mvnw package again and you won't see these warnings.

michael-o commented 2 years ago

I was able to build the project without NPM. What am I supposed to say? You did not try hard enough.

Verbose logging:

Caused by: org.eclipse.aether.collection.DependencyCollectionException: Failed to collect dependencies at com.auth0.flickr2:flickr-2:jar:0.0.1-SNAPSHOT -> tech.jhipster:jhipster-framework:jar:7.4.1 -> org.s     pringframework.boot:spring-boot-starter-validation:jar:2.5.7 -> org.springframework.boot:spring-boot-starter:jar:2.5.7 -> org.springframework.boot:spring-boot-starter-logging:jar:2.5.7 -> org.apache.logging     .log4j:log4j-to-slf4j:jar:2.14.1 -> org.apache.logging.log4j:log4j-api:jar:2.14.1 -> org.apache.logging.log4j:log4j-api-java9:zip:2.14.1

It is declared in: https://search.maven.org/artifact/org.apache.logging.log4j/log4j-api/2.14.1/jar
https://github.com/apache/logging-log4j2/blob/001b22706080a4f7946fc6fe08f37580db44afbe/log4j-api-java9/pom.xml

The Apache Logging team failed to upload that POM to central. Don't ask me why. Without any further analysis I assume that the Enforcer update just triggered this issue of complete project resolution and missing POM.

I have built Log4J2 2.14.1 from source. After that I was able to build your example project. I'd close the MENFORCER issue in a few days unless you provide me arguments against.

Likely cause: https://issues.apache.org/jira/browse/MENFORCER-277

mraible commented 2 years ago

I'm not worried about log4j, that one is understandable. It's Spring Roo that concerns me.

On Thu, Feb 17, 2022 at 09:10 Michael Osipov @.***> wrote:

I was able to build the project without NPM. What am I supposed to say? You did not try hard enough.

Verbose logging:

Caused by: org.eclipse.aether.collection.DependencyCollectionException: Failed to collect dependencies at com.auth0.flickr2:flickr-2:jar:0.0.1-SNAPSHOT -> tech.jhipster:jhipster-framework:jar:7.4.1 -> org.s pringframework.boot:spring-boot-starter-validation:jar:2.5.7 -> org.springframework.boot:spring-boot-starter:jar:2.5.7 -> org.springframework.boot:spring-boot-starter-logging:jar:2.5.7 -> org.apache.logging .log4j:log4j-to-slf4j:jar:2.14.1 -> org.apache.logging.log4j:log4j-api:jar:2.14.1 -> org.apache.logging.log4j:log4j-api-java9:zip:2.14.1

It is declared in: https://search.maven.org/artifact/org.apache.logging.log4j/log4j-api/2.14.1/jar

https://github.com/apache/logging-log4j2/blob/001b22706080a4f7946fc6fe08f37580db44afbe/log4j-api-java9/pom.xml

The Apache Logging team failed to upload that POM to central. Don't ask me why. Without any further analysis I assume that the Enforcer update just triggered this issue of complete project resolution and missing POM.

I have built Log4J2 2.14.1 from source. After that I was able to build your example project. I'd close the MENFORCER issue in a few days unless you provide me arguments against.

— Reply to this email directly, view it on GitHub https://github.com/jhipster/generator-jhipster/issues/16318#issuecomment-1043132605, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAAELZGALQHVFE6BCEKQUZDU3UMWBANCNFSM5EGABCSQ . You are receiving this because you commented.Message ID: @.***>

michael-o commented 2 years ago

@mraible I don't understand your statement:

$ find ~/.m2/repository/ -name org.springframework.roo.annotations-1.2.3.RELEASE.pom
/net/home/osipovmi/.m2/repository/org/springframework/roo/org.springframework.roo.annotations/1.2.3.RELEASE/org.springframework.roo.annotations-1.2.3.RELEASE.pom

I don't understand the problem with Roo.

mraible commented 2 years ago

We don't depend on it:

mvn dependency:tree | grep roo

But the enforcer plugin logs requests to try and download it.

Downloading from central: https://repo.maven.apache.org/maven2/org/springframework/roo/org.springframework.roo.annotations/1.2.3.RELEASE/org.springframework.roo.annotations-1.2.3.RELEASE.pom
Downloading from spring-libs-release: https://repo.spring.io/libs-release/org/springframework/roo/org.springframework.roo.annotations/1.2.3.RELEASE/org.springframework.roo.annotations-1.2.3.RELEASE.pom
Downloading from spring-libs-snapshot: https://repo.spring.io/libs-snapshot/org/springframework/roo/org.springframework.roo.annotations/1.2.3.RELEASE/org.springframework.roo.annotations-1.2.3.RELEASE.pom

michael-o commented 2 years ago

Do a reverse query and you know who depends on it:

$ grep -r  --include='*.pom' org.springframework.roo.annotations ~/.m2/repository/
/net/home/osipovmi/.m2/repository/com/querydsl/querydsl-apt/4.4.0/querydsl-apt-4.4.0.pom:      <artifactId>org.springframework.roo.annotations</artifactId>
/net/home/osipovmi/.m2/repository/com/querydsl/querydsl-apt/4.4.0/querydsl-apt-4.4.0.pom:    <!--for org.springframework.roo:org.springframework.roo.annotations -->
/net/home/osipovmi/.m2/repository/org/springframework/roo/org.springframework.roo.annotations/1.2.3.RELEASE/org.springframework.roo.annotations-1.2.3.RELEASE.pom:    <artifactId>org.springframework.roo.annotations</artifactId>
osipovmi@deblndw011x:~/var/Projekte/auth0-full-stack-java-example (main %=)
$ grep -r  --include='*.pom' querydsl-apt ~/.m2/repository/
/net/home/osipovmi/.m2/repository/com/querydsl/querydsl-bom/5.0.0/querydsl-bom-5.0.0.pom:        <artifactId>querydsl-apt</artifactId>
/net/home/osipovmi/.m2/repository/com/querydsl/querydsl-apt/4.4.0/querydsl-apt-4.4.0.pom:  <artifactId>querydsl-apt</artifactId>
...

jhipster / generator-jhipster

[Warning] No dependency information available #16318