@OutputDirectory conflicts with other plug-ins #482
Description
Gradle 8.14.3
Plug-In 12.1.8 (works fine in 12.1.7)
plugins {
id 'application'
id 'org.cyclonedx.bom' version '2.4.1'
id 'org.owasp.dependencycheck' version '12.1.8'
}
// add SBOM to jar file
tasks.named('processResources') {
into('META-INF/sbom') {
from(tasks.cyclonedxBom)
}
}
installDist.dependsOn dependencyCheckAnalyzeresults in
> .\gradlew installDist
...snip...
> Task :processResources FAILED
FAILURE: Build failed with an exception.
* What went wrong:
Some problems were found with the configuration of task ':processResources' (type 'ProcessResources').
- Gradle detected a problem with the following location: '...snip...\build\reports\bom.json'.
Reason: Task ':processResources' uses this output of task ':dependencyCheckAnalyze' without declaring an explicit or implicit dependency. This can lead to incorrect results being produced, depending on what order the tasks are executed.
Possible solutions:
1. Declare task ':dependencyCheckAnalyze' as an input of ':processResources'.
2. Declare an explicit dependency on ':dependencyCheckAnalyze' from ':processResources' using Task#dependsOn.
3. Declare an explicit dependency on ':dependencyCheckAnalyze' from ':processResources' using Task#mustRunAfter.
For more information, please refer to https://docs.gradle.org/8.14.3/userguide/validation_problems.html#implicit_dependency in the Gradle documentation.
- Gradle detected a problem with the following location: '...snip...\build\reports\bom.xml'.
Reason: Task ':processResources' uses this output of task ':dependencyCheckAnalyze' without declaring an explicit or implicit dependency. This can lead to incorrect results being produced, depending on what order the tasks are executed.
Possible solutions:
1. Declare task ':dependencyCheckAnalyze' as an input of ':processResources'.
2. Declare an explicit dependency on ':dependencyCheckAnalyze' from ':processResources' using Task#dependsOn.
3. Declare an explicit dependency on ':dependencyCheckAnalyze' from ':processResources' using Task#mustRunAfter.
For more information, please refer to https://docs.gradle.org/8.14.3/userguide/validation_problems.html#implicit_dependency in the Gradle documentation.
* Try:
> Declare task ':dependencyCheckAnalyze' as an input of ':processResources'
> Declare an explicit dependency on ':dependencyCheckAnalyze' from ':processResources' using Task#dependsOn
> Declare an explicit dependency on ':dependencyCheckAnalyze' from ':processResources' using Task#mustRunAfter
> Run with --scan to get full insights.
And no, processResources should not have a dependency to dependencyCheckAnalyze.
Problem is that dependencyCheckAnalyze declares the build/reports directory as an output (#476) . So if any other plug-in also uses that (which in this case cyclonedxBom does, but there are plenty others doing so), Gradle freaks out with the above error (since dependencyCheckAnalyze could potentially write to any file in there).
Either use your own sub-directory as the output (which might break scripts when people hard-coded that) or only declare the files as output.