bStats
bStats copied to clipboard
Bastian
SecurityException - invalid signature file... - bStats-bukkit, server version 1.15.2
I've been using bStats (-bungeecord artifact ID) for my BungeeCord plugin for a while and few days ago, I decided to add it also to my other plugin, this time it's Bukkit (Spigot) plugin. I copied the bStats part from Bungee plugins's pom.xml and edited what is needed, so the pom file looks like the one here. However, when I start up the server, it crashes with SecurityException posted below (the same error on both 1.15.2 and 1.11.2):
java.lang.SecurityException: Invalid signature file digest for Manifest main attributes at sun.security.util.SignatureFileVerifier.processImpl(Unknown Source) at sun.security.util.SignatureFileVerifier.process(Unknown Source) at java.util.jar.JarVerifier.processEntry(Unknown Source) at java.util.jar.JarVerifier.update(Unknown Source) at java.util.jar.JarFile.initializeVerifier(Unknown Source) at java.util.jar.JarFile.getInputStream(Unknown Source) at org.bukkit.plugin.java.JavaPluginLoader.getPluginDescription(JavaPluginLoader.java:163) at org.bukkit.plugin.SimplePluginManager.loadPlugins(SimplePluginManager.java:138) at org.bukkit.craftbukkit.v1_15_R1.CraftServer.loadPlugins(CraftServer.java:351) at net.minecraft.server.v1_15_R1.DedicatedServer.init(DedicatedServer.java:203) at net.minecraft.server.v1_15_R1.MinecraftServer.run(MinecraftServer.java:784) at java.lang.Thread.run(Unknown Source)
So I went into investigation, why this is happening. I found out that if some dependency is signed and Maven shades it, I need to exclude signature files (.SF, .DSA and .RSA) from that dependency. I just want to make sure if this is the correct way of fixing this issue. (Yes, bStats is the problem as when I remove it from my pom, the plugin and server behave as they are supposed to.)
Could you post the full pom.xml file for your Bukkit plugin? Many Bukkit plugins shade bStats through Maven and don't run into this issue, which suggests your setup isn't correct.
Here it is (... are a replacement for things that aren't relevant to this issue - other dependencies, repositories etc.):
<?xml version="1.0" encoding="UTF-8"?> <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> <modelVersion>4.0.0</modelVersion>
...
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.8.0</version>
<configuration>
<source>8</source>
<target>8</target>
</configuration>
</plugin>
<!-- bStats shading -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-shade-plugin</artifactId>
<version>3.2.0</version>
<configuration>
<relocations>
<relocation>
<pattern>org.bstats</pattern>
<shadedPattern>...utils.metrics</shadedPattern>
</relocation>
</relocations>
</configuration>
<executions>
<execution>
<phase>package</phase>
<goals>
<goal>shade</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
<!-- Repositories -->
<repositories>
...
<!-- bStats -->
<repository>
<id>CodeMC</id>
<url>https://repo.codemc.org/repository/maven-public</url>
</repository>
</repositories>
<dependencies>
...
<!-- bStats -->
<dependency>
<groupId>org.bstats</groupId>
<artifactId>bstats-bukkit</artifactId>
<version>1.7</version>
<scope>compile</scope>
</dependency>
</dependencies>
`
Update: I tried to reinstall my IDE and Maven, so just to exclude this option, the issue is still here.