Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

spotlessXmlApply task is never completing

See original GitHub issue

Running ./gradlew spotlessXmlApply the :spotlessXml task is never completing.

spotless {
    xml {
        eclipse()
    }
}

This is a little bit of the output running with the gradle --info flag:

All projects evaluated.
Selected primary task ':spotlessXmlApply' from project :
Tasks to be executed: [task ':spotlessXml', task ':spotlessXmlApply']
:spotlessXml (Thread[Task worker for ':',5,main]) started.

> Task :spotlessXml
Caching disabled for task ':spotlessXml': Caching has not been enabled for the task
Task ':spotlessXml' is not up-to-date because:
  No history is available.
All input files are considered out-of-date for incremental task ':spotlessXml'.
<-------------> 0% EXECUTING [1m 17s]
> :spotlessXml

After this, the process gets hung up.

Spotless version: 3.15.0.

------------------------------------------------------------
Gradle 4.10.1
------------------------------------------------------------

Build time:   2018-09-12 11:33:27 UTC
Revision:     76c9179ea9bddc32810f9125ad97c3315c544919

Kotlin DSL:   1.0-rc-6
Kotlin:       1.2.61
Groovy:       2.4.15
Ant:          Apache Ant(TM) version 1.9.11 compiled on March 23 2018
JVM:          1.8.0_92 (Oracle Corporation 25.92-b14)
OS:           Mac OS X 10.13.6 x86_64

Issue Analytics

  • State:closed
  • Created 5 years ago
  • Comments:18 (16 by maintainers)

github_iconTop GitHub Comments

2reactions
JLLeitschuhcommented, Feb 13, 2019
12:48:55.013 [DEBUG] [sun.net.www.protocol.http.HttpURLConnection] Redirected from http://java.sun.com/xml/ns/javaee/javaee_5.xsd to http://www.oracle.com/webfolder/technetwork/jsc/xml/ns/javaee/javaee_5.xsd

Hold on. @fvgh. If you’re seeing HTTP get requests inside of your XML parser that means that the parser is vulnerable to XXE.

We need to fix this so that the spotless XML formatter is not making external entity requests.

We can’t have our linting infrastructure making web requests. Especially web requests over HTTP as those can be maliciously intercepted by a MITM.

Here’s an example where this has been a serious problem in the past.

https://research.checkpoint.com/parsedroid-targeting-android-development-research-community/

CC: @nedtwigg

0reactions
nedtwiggcommented, Jun 26, 2019

Congrats! Gradle is very lucky, and so are the rest of us! Since this issue is unlikely to see more action, I’ll close it for now.

Read more comments on GitHub >

github_iconTop Results From Across the Web

No results found

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Support author name in LicenseHeaderStep

Next page

Gradle configuration time taking too long in windows