如何在我的项目中修复sonarqube guava版本不兼容(closeQuietly)?

时间:2016-08-31 02:30:28

标签: maven sonarqube sonarqube-scan

当我在本地编译和测试我的自定义sonarqube插件时,它工作正常,但是当在服务器上运行分析时,构建失败并出现以下错误:

Caused by: java.lang.NoSuchMethodError: com.google.common.io.Closeables.closeQuietly(Ljava/io/Closeable;)V
at org.sonar.java.resolve.BytecodeCompleter.loadClass(BytecodeCompleter.java:220)
at org.sonar.java.resolve.Symbols.<init>(Symbols.java:175)
at org.sonar.java.resolve.SemanticModel.createFor(SemanticModel.java:56)
at org.sonar.java.model.VisitorsBridge.visitFile(VisitorsBridge.java:112)
at org.sonar.java.ast.JavaAstScanner.simpleScan(JavaAstScanner.java:84)
at org.sonar.java.ast.JavaAstScanner.scan(JavaAstScanner.java:67)
at org.sonar.java.JavaSquid.scanSources(JavaSquid.java:136)
at org.sonar.java.JavaSquid.scan(JavaSquid.java:129)
at org.sonar.plugins.java.JavaSquidSensor.analyse(JavaSquidSensor.java:90)
at org.sonar.batch.phases.SensorsExecutor.executeSensor(SensorsExecutor.java:58)
at org.sonar.batch.phases.SensorsExecutor.execute(SensorsExecutor.java:50)
at org.sonar.batch.phases.AbstractPhaseExecutor.execute(AbstractPhaseExecutor.java:83)
at org.sonar.batch.scan.ModuleScanContainer.doAfterStart(ModuleScanContainer.java:192)
at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:142)
at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:127)
at org.sonar.batch.scan.ProjectScanContainer.scan(ProjectScanContainer.java:241)
at org.sonar.batch.scan.ProjectScanContainer.scanRecursively(ProjectScanContainer.java:236)
at org.sonar.batch.scan.ProjectScanContainer.scanRecursively(ProjectScanContainer.java:234)
at org.sonar.batch.scan.ProjectScanContainer.doAfterStart(ProjectScanContainer.java:226)
at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:142)
at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:127)
at org.sonar.batch.task.ScanTask.execute(ScanTask.java:47)
at org.sonar.batch.task.TaskContainer.doAfterStart(TaskContainer.java:86)
at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:142)
at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:127)
at org.sonar.batch.bootstrap.GlobalContainer.executeTask(GlobalContainer.java:106)
at org.sonar.batch.bootstrapper.Batch.executeTask(Batch.java:119)
at org.sonarsource.scanner.api.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:62)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.sonarsource.scanner.api.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:60)
at com.sun.proxy.$Proxy74.execute(Unknown Source)
at org.sonarsource.scanner.api.EmbeddedScanner.doExecute(EmbeddedScanner.java:240)
at org.sonarsource.scanner.api.EmbeddedScanner.runAnalysis(EmbeddedScanner.java:151)
at org.sonarsource.scanner.maven.bootstrap.ScannerBootstrapper.execute(ScannerBootstrapper.java:78)
at org.sonarsource.scanner.maven.SonarQubeMojo.execute(SonarQubeMojo.java:112)
at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(DefaultBuildPluginManager.java:134)
... 32 more

运行mvn dependency:tree -Dverbose=true给了我番石榴的所有用法,其中:

  • org.sonarsource.sslr:sslr-testing-harness:1.21需要10.0.1
  • org.sonarsource.java:sonar-java-plugin:4.2需要19.0
  • org.sonarsource.scanner.maven:sonar-maven-plugin:3.0.2需要18.0

1 个答案:

答案 0 :(得分:0)

有两种方法可以解决这个问题:

解决方案#1

通过降低项目中的guava来解决问题:

...

<dependencies>

    ...

    <dependency>
        <groupId>com.google.guava</groupId>
        <artifactId>guava</artifactId>
        <version>10.0.1</version>
    </dependency>

    <dependency>
        <groupId>org.sonarsource.scanner.maven</groupId>
        <artifactId>sonar-maven-plugin</artifactId>
        <version>3.0.2</version>
        <exclusions>

            <exclusion>
                <groupId>com.google.guava</groupId>
                <artifactId>guava</artifactId>
            </exclusion>

        </exclusions>
    </dependency>

    <dependency>
        <scope>provided</scope>
        <groupId>org.sonarsource.java</groupId>
        <artifactId>sonar-java-plugin</artifactId>
        <version>${version.sonar.java}</version>
        <exclusions>

            <exclusion>
                <groupId>com.google.guava</groupId>
                <artifactId>guava</artifactId>
            </exclusion>

        </exclusions>
    </dependency>

    ...

</dependencies>

...

注意:sonar-plugin-java条目的排除有点矫枉过正,但我​​总是喜欢小心瞬态。此外,番石榴库可能会被标记为提供,但我没有测试过。

解决方案#2

sslr插件似乎是它的原因,并且由于迁移到java 7,它已经尝试使用资源来替换Closeables#closeQuietly

有一个打开拉取请求来删除番石榴依赖:https://github.com/SonarSource/sslr/pull/1

投票并让SonarSource开发人员实施修复。

我知道这不是一个很好的解决方案,但希望有足够多的人能够对请求进行投票,以便他们能够做点什么。在平均时间内,选项1是完全有效的解决方法。

相关讨论: