Gemnasium-maven gradle scanning runs the dependencies task twice
Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.
I ran into this problem while debugging a failed scanning job for a large project. When enabling debug logging, I saw the system run the :dependencies task, followed by another call to gradle to run the :htmlDependencyReport task (which I believe automatically depends on the dependencies task?). The result (with SECURE_LOG_LEVEL=debug) is a job log about 70k lines long, instead of 35k lines, that was truncated by gitlab itself as it went past the 4 MB limit. I managed to obtain the end of the log as I'm the gitlab administrator for our instance and have access to the runner itself, but I imagine this is often not possible.
The fix would be to not run the :dependencies task in a separate gradle call before running the htmlDependencyReport task. I'm sure there is a reason why this happens, so I'm curious as to why? At best running 2 gradle calls after one another will cost a few seconds of JVM initialize, at worst 10-15 seconds more as there may not be a gradle daemon running in a container-based pipeline, as well as an additional configure step for gradle.