Spring Security Format check fails on fresh repo checkout

Describe the bug After checking out the repository I want to run the ./gradlew format check to make sure everything is ok before starting a new PR like described in the contribution documentation, but it fails with

$ ./gradlew format check
> Task :spring-security-aspects:checkFormatTest FAILED

FAILURE: Build failed with an exception.

* What went wrong:
Some problems were found with the configuration of task ':spring-security-aspects:checkFormatTest' (type 'CheckFormat').
  - Gradle detected a problem with the following location: '/Users/.../spring-security/aspects/src/test/java'.

    Reason: Task ':spring-security-aspects:checkFormatTest' uses this output of task ':spring-security-aspects:formatTest' without declaring an explicit or implicit dependency. This can lead to incorrect results being produced, depending on what order the tasks are executed.

    Possible solutions:
      1. Declare task ':spring-security-aspects:formatTest' as an input of ':spring-security-aspects:checkFormatTest'.
      2. Declare an explicit dependency on ':spring-security-aspects:formatTest' from ':spring-security-aspects:checkFormatTest' using Task#dependsOn.
      3. Declare an explicit dependency on ':spring-security-aspects:formatTest' from ':spring-security-aspects:checkFormatTest' using Task#mustRunAfter.

    For more information, please refer to https://docs.gradle.org/8.6/userguide/validation_problems.html#implicit_dependency in the Gradle documentation.
  - Gradle detected a problem with the following location: '/Users/.../spring-security/aspects/src/test/aspectj'.

    Reason: Task ':spring-security-aspects:checkFormatTest' uses this output of task ':spring-security-aspects:formatTest' without declaring an explicit or implicit dependency. This can lead to incorrect results being produced, depending on what order the tasks are executed.

    Possible solutions:
      1. Declare task ':spring-security-aspects:formatTest' as an input of ':spring-security-aspects:checkFormatTest'.
      2. Declare an explicit dependency on ':spring-security-aspects:formatTest' from ':spring-security-aspects:checkFormatTest' using Task#dependsOn.
      3. Declare an explicit dependency on ':spring-security-aspects:formatTest' from ':spring-security-aspects:checkFormatTest' using Task#mustRunAfter.

    For more information, please refer to https://docs.gradle.org/8.6/userguide/validation_problems.html#implicit_dependency in the Gradle documentation.

Running it with a ./gradlew clean build works without issues, but also invoking the ./gradlew format check after this fails with the same issue

To Reproduce do a new git clone of the spring security main branch and run the ./gradlew format check in the folder

Expected behavior I would expect the gradle task to finish without issues like described in the contribution documentation

Sample

Sample is in this case the main branch of the repository

Comment From: marcusdacoregio

Hi, @willemvd. Thanks for the report.

Does the problem still happen? What OS are you testing it? Are you using the latest version of the code?

Comment From: willemvd

@marcusdacoregio yes this is still a problem. Just did a fresh clone of the repo and using on Mac 14.4.1

 ➜  spring-security git:(main) java -version
openjdk version "17.0.9" 2023-10-17
OpenJDK Runtime Environment Temurin-17.0.9+9 (build 17.0.9+9)
OpenJDK 64-Bit Server VM Temurin-17.0.9+9 (build 17.0.9+9, mixed mode)

➜  spring-security git:(main) ./gradlew format check
> Task :spring-security-acl:checkFormatMain FAILED
> Task :spring-security-crypto:compileJava FAILED

FAILURE: Build completed with 2 failures.

1: Task failed with an exception.
-----------
* What went wrong:
A problem was found with the configuration of task ':spring-security-acl:checkFormatMain' (type 'CheckFormat').
  - Gradle detected a problem with the following location: '/Users/.../spring-security/acl/src/main/java'.

    Reason: Task ':spring-security-acl:checkFormatMain' uses this output of task ':spring-security-acl:formatMain' without declaring an explicit or implicit dependency. This can lead to incorrect results being produced, depending on what order the tasks are executed.

    Possible solutions:
      1. Declare task ':spring-security-acl:formatMain' as an input of ':spring-security-acl:checkFormatMain'.
      2. Declare an explicit dependency on ':spring-security-acl:formatMain' from ':spring-security-acl:checkFormatMain' using Task#dependsOn.
      3. Declare an explicit dependency on ':spring-security-acl:formatMain' from ':spring-security-acl:checkFormatMain' using Task#mustRunAfter.

    For more information, please refer to https://docs.gradle.org/8.7/userguide/validation_problems.html#implicit_dependency in the Gradle documentation.

* Try:
> Run with --stacktrace option to get the stack trace.
> Run with --info or --debug option to get more log output.
> Get more help at https://help.gradle.org.
==============================================================================

2: Task failed with an exception.
-----------
* What went wrong:
A problem was found with the configuration of task ':spring-security-crypto:compileJava' (type 'JavaCompile').
  - Gradle detected a problem with the following location: '/Users/.../spring-security/crypto/src/main/java'.

    Reason: Task ':spring-security-crypto:compileJava' uses this output of task ':spring-security-crypto:formatMain' without declaring an explicit or implicit dependency. This can lead to incorrect results being produced, depending on what order the tasks are executed.

    Possible solutions:
      1. Declare task ':spring-security-crypto:formatMain' as an input of ':spring-security-crypto:compileJava'.
      2. Declare an explicit dependency on ':spring-security-crypto:formatMain' from ':spring-security-crypto:compileJava' using Task#dependsOn.
      3. Declare an explicit dependency on ':spring-security-crypto:formatMain' from ':spring-security-crypto:compileJava' using Task#mustRunAfter.

    For more information, please refer to https://docs.gradle.org/8.7/userguide/validation_problems.html#implicit_dependency in the Gradle documentation.

* Try:
> Run with --stacktrace option to get the stack trace.
> Run with --info or --debug option to get more log output.
> Get more help at https://help.gradle.org.
==============================================================================

Deprecated Gradle features were used in this build, making it incompatible with Gradle 9.0.

You can use '--warning-mode all' to show the individual deprecation warnings and determine if they come from your own scripts or plugins.

For more on this, please refer to https://docs.gradle.org/8.7/userguide/command_line_interface.html#sec:command_line_warnings in the Gradle documentation.

BUILD FAILED in 2s
47 actionable tasks: 6 executed, 41 up-to-date```

**Comment From: nielsbasjes**

I was about to report the exact same thing. Fresh clone, main branch, exact same errors.

I have Ubuntu 22.04.4 LTS with the Ubuntu packaged Java 21 on an Intel x86_64 class CPU (In my case in a VM on an Intel 11th gen i5 based NUC)

I have noticed that I sometimes only get the error for spring-security-crypto and sometimes for both `spring-security-acl` and `spring-security-crypto`.
The errors I get are identical to what was posted before.


**Comment From: marcusdacoregio**

Hi everyone. Is it possible to consistently reproduce this error? I tried on my side with different environments but the build always passed.

**Comment From: willemvd**

hi @marcusdacoregio , yes just did the following : 

➜ spring-security git:(main) ./gradlew --version

---

Gradle 8.10

Build time: 2024-08-14 11:07:45 UTC Revision: fef2edbed8af1022cefaf44d4c0514c5f89d7b78

Kotlin: 1.9.24 Groovy: 3.0.22 Ant: Apache Ant(TM) version 1.10.14 compiled on August 16 2023 Launcher JVM: 21.0.3 (Eclipse Adoptium 21.0.3+9-LTS) Daemon JVM: /Users//.sdkman/candidates/java/21.0.3-tem (no JDK specified, using current Java home) OS: Mac OS X 14.6.1 aarch64

using a clean clone of the project

/tmp git clone git@github.com:spring-projects/spring-security.git Cloning into 'spring-security'... remote: Enumerating objects: 359844, done. remote: Counting objects: 100% (2203/2203), done. remote: Compressing objects: 100% (1055/1055), done. remote: Total 359844 (delta 880), reused 1814 (delta 626), pack-reused 357641 (from 1) Receiving objects: 100% (359844/359844), 76.07 MiB | 10.81 MiB/s, done. Resolving deltas: 100% (179110/179110), done. ➜ /tmp cd spring-security ➜ spring-security git:(main) ./gradlew format check

Welcome to Gradle 8.10!

Here are the highlights of this release: - Support for Java 23 - Faster configuration cache - Better configuration cache reports

For more details see https://docs.gradle.org/8.10/release-notes.html

Starting a Gradle Daemon (subsequent builds will be faster)

Task :spring-security-cas:checkFormatMain FAILED Task :spring-security-aspects:checkFormatTest FAILED

Task :checkExpectedBranchVersion Branch version [main] does not match *.x, ignoring

FAILURE: Build completed with 2 failures.

1: Task failed with an exception.

• What went wrong: A problem was found with the configuration of task ':spring-security-cas:checkFormatMain' (type 'CheckFormat').

• Gradle detected a problem with the following location: '/private/tmp/spring-security/cas/src/main/java'.

  Reason: Task ':spring-security-cas:checkFormatMain' uses this output of task ':spring-security-cas:formatMain' without declaring an explicit or implicit dependency. This can lead to incorrect results being produced, depending on what order the tasks are executed.

  Possible solutions: 1. Declare task ':spring-security-cas:formatMain' as an input of ':spring-security-cas:checkFormatMain'. 2. Declare an explicit dependency on ':spring-security-cas:formatMain' from ':spring-security-cas:checkFormatMain' using Task#dependsOn. 3. Declare an explicit dependency on ':spring-security-cas:formatMain' from ':spring-security-cas:checkFormatMain' using Task#mustRunAfter.

  For more information, please refer to https://docs.gradle.org/8.10/userguide/validation_problems.html#implicit_dependency in the Gradle documentation.

• Try:

  Run with --stacktrace option to get the stack trace. Run with --info or --debug option to get more log output. Get more help at https://help.gradle.org. ==============================================================================

2: Task failed with an exception.

• What went wrong: Some problems were found with the configuration of task ':spring-security-aspects:checkFormatTest' (type 'CheckFormat').

• Gradle detected a problem with the following location: '/private/tmp/spring-security/aspects/src/test/java'.

  Reason: Task ':spring-security-aspects:checkFormatTest' uses this output of task ':spring-security-aspects:formatTest' without declaring an explicit or implicit dependency. This can lead to incorrect results being produced, depending on what order the tasks are executed.

  Possible solutions: 1. Declare task ':spring-security-aspects:formatTest' as an input of ':spring-security-aspects:checkFormatTest'. 2. Declare an explicit dependency on ':spring-security-aspects:formatTest' from ':spring-security-aspects:checkFormatTest' using Task#dependsOn. 3. Declare an explicit dependency on ':spring-security-aspects:formatTest' from ':spring-security-aspects:checkFormatTest' using Task#mustRunAfter.

  For more information, please refer to https://docs.gradle.org/8.10/userguide/validation_problems.html#implicit_dependency in the Gradle documentation. - Gradle detected a problem with the following location: '/private/tmp/spring-security/aspects/src/test/aspectj'.

  Reason: Task ':spring-security-aspects:checkFormatTest' uses this output of task ':spring-security-aspects:formatTest' without declaring an explicit or implicit dependency. This can lead to incorrect results being produced, depending on what order the tasks are executed.

  Possible solutions: 1. Declare task ':spring-security-aspects:formatTest' as an input of ':spring-security-aspects:checkFormatTest'. 2. Declare an explicit dependency on ':spring-security-aspects:formatTest' from ':spring-security-aspects:checkFormatTest' using Task#dependsOn. 3. Declare an explicit dependency on ':spring-security-aspects:formatTest' from ':spring-security-aspects:checkFormatTest' using Task#mustRunAfter.

  For more information, please refer to https://docs.gradle.org/8.10/userguide/validation_problems.html#implicit_dependency in the Gradle documentation.

• Try:

  Run with --stacktrace option to get the stack trace. Run with --info or --debug option to get more log output. Get more help at https://help.gradle.org. ==============================================================================

Deprecated Gradle features were used in this build, making it incompatible with Gradle 9.0.

You can use '--warning-mode all' to show the individual deprecation warnings and determine if they come from your own scripts or plugins.

For more on this, please refer to https://docs.gradle.org/8.10/userguide/command_line_interface.html#sec:command_line_warnings in the Gradle documentation.

BUILD FAILED in 1m 15s 44 actionable tasks: 43 executed, 1 from cache

**Comment From: nielsbasjes**

Hi @marcusdacoregio,

This is the best I have so you can reproduce this problem. I'm reusing the [docker images](https://github.com/kasmtech/workspaces-images) provided by [Kasm](https://kasmweb.com/).

Assume you have an x86_64 based Linux machine with docker that you can run.
(So I'm skipping the sudo parts).

Create a `Dockerfile` with

FROM kasmweb/ubuntu-jammy-desktop:1.15.0

USER root RUN apt-get update \ && apt-get install -y sudo \ && echo 'kasm-user ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers \ && rm -rf /var/lib/apt/list/* RUN apt install -y openjdk-11-jdk openjdk-17-jdk openjdk-21-jdk

USER 1000 ```

Now build this so we have an Ubuntu desktop image with JDKs installed

docker build -t spring-jammy .

Now you can run this and open a 'remote desktop' via your browser.

So you start it:

docker run -it --shm-size=8192m -p 6901:6901 -e VNC_PW=password spring-jammy

Open a browser on https://localhost:6901 (ignore the self signed certificate errors).

Login using user kasm_user and password password (was on command line)

Then on that Docker based Ubuntu desktop right click op the desktop to open a terminal.

 git clone https://github.com/spring-projects/spring-security
 cd spring-security/
 ./gradlew format check

And a minute later I see this: