Unable to resolve dependencies for soot-infoflow-2.11.1

[aoli-al]

Hi developers,

I'm trying to use FlowDroid in my gradle project:

    implementation group: 'de.fraunhofer.sit.sse.flowdroid', name: 'soot-infoflow', version: '2.11.1'

Unfortunately, gradle cannot resolve soot-infoflow properly:

* What went wrong:
Execution failed for task ':static-analyzer:compileKotlin'.
> Error while evaluating property 'filteredArgumentsMap' of task ':static-analyzer:compileKotlin'
   > Could not resolve all files for configuration ':static-analyzer:compileClasspath'.
      > Could not resolve de.fraunhofer.sit.sse.flowdroid:soot-infoflow:2.11.1.
        Required by:
            project :static-analyzer
         > Could not resolve de.fraunhofer.sit.sse.flowdroid:soot-infoflow:2.11.1.
            > Could not parse POM https://repo.maven.apache.org/maven2/de/fraunhofer/sit/sse/flowdroid/soot-infoflow/2.11.1/soot-infoflow-2.11.1.pom
               > Could not find de.fraunhofer.sit.sse.flowdroid:parent:2.11.1.
                 Searched in the following locations:
                   - https://repo.maven.apache.org/maven2/de/fraunhofer/sit/sse/flowdroid/parent/2.11.1/parent-2.11.1.pom
                   - file:/home/aoli/.m2/repository/de/fraunhofer/sit/sse/flowdroid/parent/2.11.1/parent-2.11.1.pom
                   - https://plugins.gradle.org/m2/de/fraunhofer/sit/sse/flowdroid/parent/2.11.1/parent-2.11.1.pom
         > Could not resolve de.fraunhofer.sit.sse.flowdroid:soot-infoflow:2.11.1.
            > Could not parse POM https://plugins.gradle.org/m2/de/fraunhofer/sit/sse/flowdroid/soot-infoflow/2.11.1/soot-infoflow-2.11.1.pom
               > Could not find de.fraunhofer.sit.sse.flowdroid:parent:2.11.1.
         > Could not resolve de.fraunhofer.sit.sse.flowdroid:soot-infoflow:2.11.1.
            > Could not parse POM https://repo.maven.apache.org/maven2/de/fraunhofer/sit/sse/flowdroid/soot-infoflow/2.11.1/soot-infoflow-2.11.1.pom
               > Could not find de.fraunhofer.sit.sse.flowdroid:parent:2.11.1.

The error is that gradle cannot find soot-infoflow-parent, which is referenced in https://github.com/secure-software-engineering/FlowDroid/blob/fe240f90debf5836fba484c5f618b2c3b26a4418/soot-infoflow/pom.xml#L13 but not published in maven central: https://repo.maven.apache.org/maven2/de/fraunhofer/sit/sse/flowdroid/

Note that I'm able to build and compile my project if I download FlowDroid and install the packages in my local repository. Could you please also upload the missing package to maven central?

Thanks

[StevenArzt]

Thank you for the issue report. We did not uploaded the parent POM for our previous releases, because Maven doesn't need it. In pure Maven, you can reference the individual modules (soot-infoflow, soot-infoflow-android, etc.). If Gradle needs the parent POM, that's a perfectly valid argument to change this policy.

We will deploy the parent POM in future releases. I have changed the build and release pipeline. However, since this required changes, we can't simple deploy it for the old version without nasty tricks. We can't easily run the pipeline on old tags, merge in the changes I have done to the POM, and then get this published on Maven Central somehow. We will just run the adapted pipeline for the next release, and then you'll have a parent POM.

[aoli-al]

Thanks for the quick fix!