From 9647309cbc00ff8c94bd671dc679f98a414520c0 Mon Sep 17 00:00:00 2001 From: Patrick Mirwald Date: Tue, 19 Dec 2023 10:21:15 +0100 Subject: [PATCH] fix: serialization error directDependencies The "directDependency" String from the response of project/lookup can be null. to fix the error, we make this attribute nullable and warn the user in GetOutdatedDependenciesTask if the project has no direct dependencies. also fix an issue in the riskScore task, when the sbom analyse failed and the project then has no direct dependencies. --- src/main/kotlin/com/liftric/dtcp/model/DependencyTrack.kt | 2 +- .../com/liftric/dtcp/tasks/GetOutdatedDependenciesTask.kt | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/src/main/kotlin/com/liftric/dtcp/model/DependencyTrack.kt b/src/main/kotlin/com/liftric/dtcp/model/DependencyTrack.kt index 898cc3f..cfde742 100644 --- a/src/main/kotlin/com/liftric/dtcp/model/DependencyTrack.kt +++ b/src/main/kotlin/com/liftric/dtcp/model/DependencyTrack.kt @@ -24,7 +24,7 @@ data class Project( val version: String, val active: Boolean, val classifier: String, - val directDependencies: String, + val directDependencies: String? = null, val lastInheritedRiskScore: Double? = null, ) diff --git a/src/main/kotlin/com/liftric/dtcp/tasks/GetOutdatedDependenciesTask.kt b/src/main/kotlin/com/liftric/dtcp/tasks/GetOutdatedDependenciesTask.kt index b285706..10c944f 100644 --- a/src/main/kotlin/com/liftric/dtcp/tasks/GetOutdatedDependenciesTask.kt +++ b/src/main/kotlin/com/liftric/dtcp/tasks/GetOutdatedDependenciesTask.kt @@ -51,6 +51,10 @@ abstract class GetOutdatedDependenciesTask : DefaultTask() { else -> throw GradleException("Either projectUUID or projectName and projectVersion must be set") } + if (project.directDependencies == null) { + throw GradleException("Project does not have direct dependencies") + } + val directDependencies = Json { ignoreUnknownKeys = true }.decodeFromString>(project.directDependencies)