Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Some Black Duck projects include circular dependencies #90

Open
timovandeput opened this issue Jul 28, 2021 · 1 comment
Open

Some Black Duck projects include circular dependencies #90

timovandeput opened this issue Jul 28, 2021 · 1 comment
Labels
bug Something isn't working

Comments

@timovandeput
Copy link
Contributor

The Black Duck export exhaustively recurses dependencies to collect all transitive dependencies. This is necessary because of two components depend on the same sub-component, the transitive dependencies behind this sub-component can differ. (This has been observed in many projects.)

For most projects this works nicely, and the export does not get trapped in a recursive loop (even when the resulting dependency tree does include loops). But for various Maven projects with Spring Boot 2.x, a loop in the component dependencies was encountered, causing the Black Duck export to get stuck in an infinite loop.
@timovandeput timovandeput added the bug Something isn't working label Jul 28, 2021
@timovandeput
Copy link
Contributor Author

Suggestion is to check if the "hierarchical id" can be used to detect if the exact same dependency was encountered before, and recursion should therefore be aborted.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@timovandeput