Does not work with either -T1C or mvnd

[bmarwell]

This plugin is not threadsafe.
When executing on a larg(er) project with multiple modules, where each module can be built in parallel with others, you will see those messages:

[WARN] artifact 'mygroup:myproject-submoduleB:json:cyclonedx:1.10.1-SNAPSHOT' already attached, replacing previous instance
[ERROR] Failed to execute goal org.cyclonedx:cyclonedx-maven-plugin:2.7.1:makeAggregateBom (default) on project myproject-moduleB: The BOM does not conform to the CycloneDX BOM standard as defined by the XSD 

The build will then fail.

[stevespringett]

Thanks for identifying the issue. Any suggestions on how to fix?

[hboutemy]

@bmarwell see #242 , it's not specific to any advanced parallel configuration: happens with stock Maven mono-threaded

[fabianfrz]

In our case, it does not crash but we get this warning:

[WARNING] *****************************************************************
[WARNING] * Your build is requesting parallel execution, but project      *
[INFO] 
[WARNING] * contains the following plugin(s) that have goals not marked   *
[WARNING] * as @threadSafe to support parallel building.                  *
[WARNING] * While this /may/ work fine, please look for plugin updates    *
[WARNING] * and/or request plugins be made thread-safe.                   *
[WARNING] * If reporting an issue, report it against the plugin in        *
[WARNING] * question, not against maven-core                              *
[WARNING] *****************************************************************
[WARNING] The following plugins are not marked @threadSafe in redacted:
[WARNING] org.cyclonedx:cyclonedx-maven-plugin:2.7.4
[WARNING] Enable debug to see more precisely which goals are not marked @threadSafe.
[WARNING] *****************************************************************

If you think it works, you just need to add a thread safe annotation / property to the MoJo:
https://maven.apache.org/developers/mojo-api-specification.html

[hboutemy]

@bmarwell can you check with cyclonedx-maven-plugin 2.7.4, please? It should be fixed by #242

[hboutemy]

@fabianfrz the warning has been fixed in #264, not in 2.7.4 but 2.7.5-SNAPSHOT for now

[bmarwell]

@hboutemy no because I run into another issue now. 😄

It will for some reason try to resolve plugins not from my local $HOME/.m2/settings.xml repositories, instead downloading them directly from other repositories (which will fail b/c I am behind a firewall).

CDX Plugin


[WARN] An unexpected issue occurred attempting to resolve the effective pom for  com.typesafe:config:1.4.1
org.apache.maven.project.ProjectBuildingException: Some problems were encountered while processing the POMs:
[ERROR] Unknown packaging: bundle @ line 6, column 16

        at org.apache.maven.project.CachingProjectBuilder.build(CachingProjectBuilder.java:197)
        at org.apache.maven.project.CachingProjectBuilder.build(CachingProjectBuilder.java:312)
        at org.apache.maven.project.CachingProjectBuilder.build(CachingProjectBuilder.java:275)
        at org.cyclonedx.maven.BaseCycloneDxMojo.getEffectiveMavenProject(BaseCycloneDxMojo.java:449)
        at org.cyclonedx.maven.BaseCycloneDxMojo.convert(BaseCycloneDxMojo.java:406)
        at org.cyclonedx.maven.CycloneDxAggregateMojo.analyze(CycloneDxAggregateMojo.java:144)
        at org.cyclonedx.maven.BaseCycloneDxMojo.execute(BaseCycloneDxMojo.java:609)
        at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(DefaultBuildPluginManager.java:137)
        at org.apache.maven.lifecycle.internal.MojoExecutor.doExecute2(MojoExecutor.java:370)
        at org.apache.maven.lifecycle.internal.MojoExecutor.doExecute(MojoExecutor.java:351)



[WARN] An unexpected issue occurred attempting to resolve the effective pom for  com.typesafe:config:1.4.1
org.apache.maven.project.ProjectBuildingException: Some problems were encountered while processing the POMs:
[ERROR] Unknown packaging: bundle @ line 6, column 16

        at org.apache.maven.project.CachingProjectBuilder.build(CachingProjectBuilder.java:197)
        at org.apache.maven.project.CachingProjectBuilder.build(CachingProjectBuilder.java:312)
        at org.apache.maven.project.CachingProjectBuilder.build(CachingProjectBuilder.java:275)
        at org.cyclonedx.maven.BaseCycloneDxMojo.getEffectiveMavenProject(BaseCycloneDxMojo.java:449)
        at org.cyclonedx.maven.BaseCycloneDxMojo.convert(BaseCycloneDxMojo.java:406)
        at org.cyclonedx.maven.CycloneDxAggregateMojo.analyze(CycloneDxAggregateMojo.java:144)
        at org.cyclonedx.maven.BaseCycloneDxMojo.execute(BaseCycloneDxMojo.java:609)
        at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(DefaultBuildPluginManager.java:137)
        at org.apache.maven.lifecycle.internal.MojoExecutor.doExecute2(MojoExecutor.java:370)
        at org.apache.maven.lifecycle.internal.MojoExecutor.doExecute(MojoExecutor.java:351)
        at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:215)
        at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:171)
        at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:163)
        at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:117)
        at org.mvndaemon.mvnd.builder.SmartBuilderImpl.buildProject(SmartBuilderImpl.java:178)
        at org.mvndaemon.mvnd.builder.SmartBuilderImpl$ProjectBuildTask.run(SmartBuilderImpl.java:198)
        at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:539)
        at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
        at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
        at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
        at java.base/java.lang.Thread.run(Thread.java:857)
Caused by: org.apache.maven.model.building.ModelBuildingException: 1 problem was encountered while building the effective model for com.typesafe:config:1.4.1
[ERROR] Unknown packaging: bundle @ line 6, column 16

        at org.apache.maven.model.building.DefaultModelProblemCollector.newModelBuildingException(DefaultModelProblemCollector.java:197)
        at org.apache.maven.model.building.DefaultModelBuilder.build(DefaultModelBuilder.java:568)
        at org.apache.maven.model.building.DefaultModelBuilder.build(DefaultModelBuilder.java:454)
        at org.apache.maven.model.building.DefaultModelBuilder.build(DefaultModelBuilder.java:267)
        at org.apache.maven.project.CachingProjectBuilder.build(CachingProjectBuilder.java:169)
        ... 20 common frames omitted

I reverted back to 2.7.1 for now (which for some odd reason will work now) and the error went away.

Interestingly, typesafe config is NOT a bundle:

      <dependency>
        <groupId>com.typesafe</groupId>
        <artifactId>config</artifactId>
        <version>${dependency.typesafeconfig.version}</version>
        <type>jar</type>
      </dependency>

[hboutemy]

@bmarwell IIUC, this is not related to issue title = parallel build, isn't it?

the new warning (that lists errors) is #272

[bmarwell]

Correct. It must be something else. I'd say close this one for now, works for me. 😇