gradle-license-plugin icon indicating copy to clipboard operation
gradle-license-plugin copied to clipboard

Published 20 hours ago verified publisher icon jaredsburrows

Fix recursion stack overflows

Open jonapoul opened this issue 1 year ago • 3 comments

Addresses issue #283.

I applied an (arbitrary!) upper limit of 5 to recursion when finding licenses, but this is obviously subject to change if you reckon so.

Also applied the same patch to the findVersion method, since the same issues was possible there too.

jonapoul avatar Apr 11 '23 17:04 jonapoul

Can you add tests for this?

jaredsburrows avatar Apr 13 '23 15:04 jaredsburrows

That's strange. I am the guy who originally implemented recursive scanning of POMs in https://github.com/jaredsburrows/gradle-license-plugin/pull/27 and I've never seen this behavior. Well, we haven't updated the plugin in a while, so maybe there is a bug that has been introduced recently...

Anyway, I think applying an arbitrary recursion depth seems wrong. This issue can only happen if there are circular references between POMs and I've never seen that in the wild. But even if this actually happens, I think this should be handled by keeping a queue of encountered POMs so that we can show a proper error message (visualizing the circular dependencies by printing the queue) as soon as we encounter the same POM twice.

ChristianCiach avatar Apr 18 '23 14:04 ChristianCiach

@ChristianCiach That and this should not be a problem if the POMs are configured correctly.

jaredsburrows avatar Apr 19 '23 23:04 jaredsburrows

See https://github.com/jaredsburrows/gradle-license-plugin/issues/283.

jaredsburrows avatar Jan 29 '24 19:01 jaredsburrows