Uploaded image for project: 'Maven Dependency Plugin'
  1. Maven Dependency Plugin
  2. MDEP-761

Tree plugin does not terminate with 3.2.0

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 3.2.0
    • 3.3.0
    • tree
    • None
    • Windows 10

    Description

      We use a tool called WhiteSource that analyzes our dependencies for security issues. It uses the the following call to maven deps plugin to get the dependencies:

      mvn dependency:tree -DoutputFile=whitesource_mvn_dependency_tree.txt -Dverbose -DoutputType=text -T1 -B

      This works and takes ~15seconds with version 3.1.2, after upgrading to 3.2.0, this call does not terminate after 15 minutes and runs into a timeout.

      When starting maven with "-X" I can see thousands of those debug messages flowing through, it looks like it is scanning the whole local maven repository:

      [DEBUG] Writing tracking file C:\Users\myuser\.m2\repository\org\jboss\spec\jboss-specs-parent\1.0.0.Beta2\_remote.repositories
[DEBUG] Using transporter WagonTransporter with priority -1.0 for https://my-repo
[DEBUG] Using connector BasicRepositoryConnector with priority 0.0 for https://my-repo with username=myuser, password=*** via localhost:8888
[DEBUG] Writing tracking file C:\Users\myuser\.m2\repository\org\jboss\spec\javax\interceptor\jboss-interceptors-api_1.1_spec\1.0.0.Beta1\_remote.repositories
[DEBUG] Using transporter WagonTransporter with priority -1.0 for https://my-repo
[DEBUG] Using connector BasicRepositoryConnector with priority 0.0 for https://my-repo with username=myuser, password=*** via localhost:8888
[DEBUG] Writing tracking file C:\Users\myuser\.m2\repository\org\jboss\spec\jboss-specs-parent\1.0.0.Beta1\_remote.repositories
[DEBUG] Using transporter WagonTransporter with priority -1.0 for https://my-repo
[DEBUG] Using connector BasicRepositoryConnector with priority 0.0 for https://my-repo with username=myuser, password=*** via localhost:8888
[DEBUG] Writing tracking file C:\Users\myuser\.m2\repository\org\testng\testng\5.10\_remote.repositories
[DEBUG] Verifying availability of C:\Users\myuser\.m2\repository\org\apache\derby\derby\10.12.1.1\derby-10.12.1.1.pom from [devcloud-bci-mvn (https://my-repo, default, releases+snapshots), artifactory-central-mirror (https://my-repo, default, releases), central (https://repo.maven.apache.org/maven2, default, releases)]
[DEBUG] Using transporter WagonTransporter with priority -1.0 for https://my-repo
[DEBUG] Using connector BasicRepositoryConnector with priority 0.0 for https://my-repo with username=myuser, password=*** via localhost:8888
[DEBUG] Writing tracking file C:\Users\myuser\.m2\repository\org\apache\derby\derby\10.12.1.1\_remote.repositories

      Attachments

        Issue Links

          relates to

          New Feature - A new feature of the product, which has yet to be developed. MDEP-644 Reintroduce the verbose option for dependency:tree

          • Major - Major loss of function.
          • Closed
          links to

          Web Link GitHub Pull Request #173

          Activity

            People

              slachiewicz Sylwester Lachiewicz
              Wedel Jan
              Votes:
              5 Vote for this issue
              Watchers:
              10 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: