Throw MavenParsingException when a POM is missing groupId or version#7480
Merged
Throw MavenParsingException when a POM is missing groupId or version#7480
Conversation
steve-aom-elliott
added
bug
RawPom.toPom previously called Objects.requireNonNull on the project's groupId and version, producing a context-free NullPointerException when either coordinate was absent. The NPE bubbled all the way out of mod build / parse without naming the offending artifact, making diagnosis painful. Treat blank (null or whitespace-only) values as missing in getGroupId / getVersion, and throw MavenParsingException naming the artifact and source repository when either coordinate cannot be resolved from the POM or its <parent> element.
steve-aom-elliott
force-pushed
the
fix/rawpom-missing-coordinates
branch
from
e094931 to
c8ac0ec
Compare
timtebeek
approved these changes
May 4, 2026
Member
timtebeek
left a comment
timtebeek
left a comment
There was a problem hiding this comment.
Great to capture these with more details, thanks!
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
RawPom.toPomcallsObjects.requireNonNullon the project'sgroupIdandversion(RawPom.java:437,439). When either is absent, the resultingNullPointerExceptionpropagates out ofmod build/MavenParser.parseInputswith no artifact context, only this stack:There is no signal as to which transitive dependency's POM was malformed.
Why
A POM can legitimately omit a
<groupId>or<version>element (relying on<parent>inheritance), but it can also be invalid — for example:mvn install:install-fileor REST upload (which bypassesModelValidator)<groupId/>or<groupId></groupId>instead of omitting the element (Jackson-XML'sEMPTY_ELEMENT_AS_NULLdeserializes those tonull)<version> </version>(whichMavenXmlMapper'sStringTrimModulereduces to"", then sailed past every downstream null-check)In each of these cases the resolver cannot construct a usable
Pom, but the user has no way of telling which artifact is the source.How
Two contained changes inside
RawPom:getGroupId()andgetVersion()now treat blank (null or whitespace-only) values as missing, so an empty<groupId/>or<version> </version>is treated the same as an omitted element. Scope is limited to these two methods; nothing outsideRawPomis affected.toPom()checks the resolved coordinates and throwsMavenParsingException(already used at sibling validation points inResolvedPom) naming the artifact and source repository:MavenParsingExceptionis unchecked, so no signature changes ripple out toMavenPomDownloader,MavenParser,Assertions, or tests.Tests
Added five tests to
RawPomTest:missingGroupIdThrowsParsingExceptionmissingVersionThrowsParsingExceptionemptyGroupIdElementThrowsParsingExceptionwhitespaceVersionElementThrowsParsingExceptiongroupIdInheritedFromParentStillResolves(regression check that legitimate parent inheritance still works)