[ https://issues.apache.org/jira/browse/MRESOLVER-94?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16945661#comment-16945661 ]
Bence Sipka commented on MRESOLVER-94: -------------------------------------- The code doesn't have packages in a way, that the ClassLoader that loads the maven-resolves classes, doesn't call ClassLoader.definePackage for the loaded classes. This will result in getClass().getPackage() to return null. Therefore, this.getClass().getPackage().getImplementationVersion() will result in a NPE. According to the documentation of Class.getPackage(), the method can return null, however the implementations in DefaultSuperPomProvider and DefaultReportingConverter doesn't handle this scenario. I don't use the default packages. An example for reproducing this: {code:java} public static void main(String[] args) throws Exception { Path jarpath = Paths.get("maven-resolver-fat-jar.jar"); try (JarFile jar = new JarFile(jarpath.toFile())) { ClassLoader cl = new ClassLoader(null) { @Override protected Class<?> findClass(String name) throws ClassNotFoundException { ZipEntry entry = jar.getEntry(name.replace('.', '/') + ".class"); if (entry != null) { try (InputStream is = jar.getInputStream(entry)) { ByteArrayOutputStream baos = new ByteArrayOutputStream(); byte[] buf = new byte[4096]; for (int read; (read = is.read(buf)) > 0;) { baos.write(buf, 0, read); } byte[] classbytes = baos.toByteArray(); return defineClass(name, classbytes, 0, classbytes.length); } catch (IOException e) { } } return super.findClass(name); } }; Class<?> defaultreportinconverterclass = cl.loadClass("org.apache.maven.model.plugin.DefaultReportingConverter"); System.out.println("App.main() " + defaultreportinconverterclass); System.out.println("App.main() " + defaultreportinconverterclass.getPackage()); defaultreportinconverterclass.getConstructor().newInstance(); } } {code} Minimal example for loading an affected class via a custom classloader from a fat JAR. The maven-resolver-fat-jar.jar contains all classes required by the maven-resolver to operate. The anonymous ClassLoader inner class loads the classes from the appropriate JAR entries. The program will produce the following output: {code:java} App.main() class org.apache.maven.model.plugin.DefaultReportingConverter App.main() null Exception in thread "main" java.lang.reflect.InvocationTargetException at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) at java.lang.reflect.Constructor.newInstance(Constructor.java:423) at example.saker.maven.support.App.main(App.java:191) Caused by: java.lang.NullPointerException at org.apache.maven.model.plugin.DefaultReportingConverter.<init>(DefaultReportingConverter.java:56) ... 5 more {code} As you can see, a NullPointerException occurs when the DefaultReportingConverter class is being instantiated, as it will call this.getClass().getPackage().getImplementationVersion(). But due to the fact, that no definePackage is called by the ClassLoader, it throws a NPE. The same kind of error occurs when using DefaultSuperPomProvider. > NullPointerException if no Package is defined for the current class > ------------------------------------------------------------------- > > Key: MRESOLVER-94 > URL: https://issues.apache.org/jira/browse/MRESOLVER-94 > Project: Maven Resolver > Issue Type: Bug > Components: resolver > Affects Versions: 1.4.1 > Environment: Windows 10, Java 8, custom classloading > Reporter: Bence Sipka > Priority: Minor > > When the maven-resolver and related classes are used with a {{ClassLoader}} > that doesn't define a java.lang.Package object for the loaded classes, the > library throws a {{NullPointerException}}. > Scenario: I'm using the maven-resolver classes to resolver artifacts from > various repositories. I package the app, and deploy it to a custom > environment where the {{ClassLoader}} for the app doesn't define a > {{Package}} for the loaded classes. In these cases, when the maven-resolver > library calls {{this.getClass().getPackage().getImplementationVersion()}} > then a {{NullPointerException}} will occurr. > The following classes are affected: > {{DefaultSuperPomProvider.getSuperModel():81}} > {{DefaultReportingConverter.<init>:56}} > Code around the locations: > {code:java} > String modelId = "org.apache.maven:maven-model-builder:" > + this.getClass().getPackage().getImplementationVersion() + ":super-pom"; > InputSource inputSource = new InputSource(); > inputSource.setModelId( modelId ); > {code} > This exception makes the library unportable to different environments. > Workaround: > Implement a custom variant of the above classes that circumvent these parts > of the code. > Possible solution: > Null checks, and hard coding the version number. -- This message was sent by Atlassian Jira (v8.3.4#803005)