When analyzing a Maven project with ort 82.2.0 (and earlier), an IlegalArgumentException occurs while building the dependency graph in AnalyzerResultBuilder.kt.
require(duplicates.isEmpty()) fails because the analysis found the same dependencies twice.
In one case, the dependency could be resolved successfully, and in the other, it could not (for whatever reason).
As a result, the same package appears twice, and the ort analysis aborts.
when a package is analysed correctly, a second attempt to resolve the package should be prevented.
Exception in thread "main" java.lang.IllegalArgumentException: Unable to create the AnalyzerResult as it contains packages and projects with the same ids:
...
at org.ossreviewtoolkit.analyzer.AnalyzerResultBuilder.build(AnalyzerResultBuilder.kt:48)
at org.ossreviewtoolkit.analyzer.AnalyzerState.buildResult(Analyzer.kt:276)
at org.ossreviewtoolkit.analyzer.Analyzer.analyzeInParallel(Analyzer.kt:201)
at org.ossreviewtoolkit.analyzer.Analyzer.analyze(Analyzer.kt:143)
at org.ossreviewtoolkit.plugins.commands.analyzer.AnalyzeCommand.run(AnalyzeCommand.kt:212)
at com.github.ajalt.clikt.core.CoreCliktCommandKt.parse(CoreCliktCommand.kt:107)
at com.github.ajalt.clikt.core.CoreCliktCommandKt.main(CoreCliktCommand.kt:78)
at com.github.ajalt.clikt.core.CoreCliktCommandKt.main(CoreCliktCommand.kt:90)
at org.ossreviewtoolkit.cli.OrtMainKt.main(OrtMain.kt:89)
an example: the same package is resolved correctly first with binaryArtifact,
[Package(id=Identifier(type=Maven, namespace=de.semvox.genios.backbone.ontologies, name=widget-types, version=12.20.0-SNAPSHOT), purl=pkg:maven/de.semvox.genios.backbone.ontologies/widget-types@12.20.0-SNAPSHOT, cpe=null, authors=[semvox GmbH], declaredLicenses=[], declaredLicensesProcessed=ProcessedDeclaredLicense(spdxExpression=null, mapped={}, unmapped=[]), concludedLicense=null, description=Types for the geni:OS Widget UI, homepageUrl=, binaryArtifact=RemoteArtifact(url=https://XXX/nexus/repository/public/de/semvox/genios/backbone/ontologies/widget-types/12.20.0-SNAPSHOT/widget-types-12.20.0-20260326.040432-116.jar, hash=Hash(value=b16f53ec2d38890d8c53eac913b3b017df47c37d, algorithm=SHA-1)), sourceArtifact=RemoteArtifact(url=https://XXX/nexus/repository/public/de/semvox/genios/backbone/ontologies/widget-types/12.20.0-SNAPSHOT/widget-types-12.20.0-20260326.040432-116-sources.jar, hash=Hash(value=6b90e0acae680470f63ee435c6e76cbe7b0cbf93, algorithm=SHA-1)), vcs=VcsInfo(type=Git, url=ssh://git@XXX/gos/genios.git, revision=, path=), vcsProcessed=VcsInfo(type=Git, url=ssh://git@XXX/gos/genios.git, revision=, path=), isMetadataOnly=false, isModified=false, sourceCodeOrigins=null, labels={}),
Package(id=Identifier(type=Maven, namespace=de.semvox.genios.backbone.ontologies, name=widget-types, version=12.20.0-SNAPSHOT), purl=pkg:maven/de.semvox.genios.backbone.ontologies/widget-types@12.20.0-SNAPSHOT, cpe=null, authors=[semvox GmbH], declaredLicenses=[], declaredLicensesProcessed=ProcessedDeclaredLicense(spdxExpression=null, mapped={}, unmapped=[]), concludedLicense=null, description=Types for the geni:OS Widget UI, homepageUrl=, binaryArtifact=RemoteArtifact(url=, hash=Hash(value=, algorithm=)), sourceArtifact=RemoteArtifact(url=, hash=Hash(value=, algorithm=)), vcs=VcsInfo(type=Git, url=ssh://git@XXX/gos/genios.git, revision=, path=), vcsProcessed=VcsInfo(type=Git, url=ssh://XXX/gos/genios.git, revision=, path=), isMetadataOnly=false, isModified=false, sourceCodeOrigins=null, labels={})],
Describe the bug
When analyzing a Maven project with ort 82.2.0 (and earlier), an IlegalArgumentException occurs while building the dependency graph in AnalyzerResultBuilder.kt.
require(duplicates.isEmpty()) fails because the analysis found the same dependencies twice.
In one case, the dependency could be resolved successfully, and in the other, it could not (for whatever reason).
As a result, the same package appears twice, and the ort analysis aborts.
To Reproduce
Steps to reproduce the behavior:
no idea why the package was analysed twice
Expected behavior
when a package is analysed correctly, a second attempt to resolve the package should be prevented.
Console / log output
Exception in thread "main" java.lang.IllegalArgumentException: Unable to create the AnalyzerResult as it contains packages and projects with the same ids:
...
at org.ossreviewtoolkit.analyzer.AnalyzerResultBuilder.build(AnalyzerResultBuilder.kt:48)
at org.ossreviewtoolkit.analyzer.AnalyzerState.buildResult(Analyzer.kt:276)
at org.ossreviewtoolkit.analyzer.Analyzer.analyzeInParallel(Analyzer.kt:201)
at org.ossreviewtoolkit.analyzer.Analyzer.analyze(Analyzer.kt:143)
at org.ossreviewtoolkit.plugins.commands.analyzer.AnalyzeCommand.run(AnalyzeCommand.kt:212)
at com.github.ajalt.clikt.core.CoreCliktCommandKt.parse(CoreCliktCommand.kt:107)
at com.github.ajalt.clikt.core.CoreCliktCommandKt.main(CoreCliktCommand.kt:78)
at com.github.ajalt.clikt.core.CoreCliktCommandKt.main(CoreCliktCommand.kt:90)
at org.ossreviewtoolkit.cli.OrtMainKt.main(OrtMain.kt:89)
Environment