You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
org.cyclonedx.exception.ParseException: com.fasterxml.jackson.databind.JsonMappingException: Cannot deserialize value of type `[Lorg.cyclonedx.model.Component;` from Object value (token `JsonToken.START_OBJECT`)
at [Source: UNKNOWN; byte offset: #UNKNOWN] (through reference chain: org.cyclonedx.model.Component["pedigree"]->org.cyclonedx.model.Pedigree["ancestors"]) (through reference chain: org.cyclonedx.model.Bom["metadata"])
at org.cyclonedx.parsers.XmlParser.parse(XmlParser.java:89)
at org.cyclonedx.parsers.XmlParserTest.testValid12BomWithMetadataPedigree(XmlParserTest.java:135)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
at java.base/java.util.ArrayList.forEach(ArrayList.java:1541)
at java.base/java.util.ArrayList.forEach(ArrayList.java:1541)
Caused by: com.fasterxml.jackson.databind.JsonMappingException: Cannot deserialize value of type `[Lorg.cyclonedx.model.Component;` from Object value (token `JsonToken.START_OBJECT`)
at [Source: UNKNOWN; byte offset: #UNKNOWN] (through reference chain: org.cyclonedx.model.Component["pedigree"]->org.cyclonedx.model.Pedigree["ancestors"]) (through reference chain: org.cyclonedx.model.Bom["metadata"])
at com.fasterxml.jackson.databind.JsonMappingException.wrapWithPath(JsonMappingException.java:402)
at com.fasterxml.jackson.databind.JsonMappingException.wrapWithPath(JsonMappingException.java:361)
at com.fasterxml.jackson.databind.deser.BeanDeserializerBase.wrapAndThrow(BeanDeserializerBase.java:1853)
at com.fasterxml.jackson.databind.deser.BeanDeserializer.vanillaDeserialize(BeanDeserializer.java:316)
at com.fasterxml.jackson.databind.deser.BeanDeserializer.deserialize(BeanDeserializer.java:177)
at com.fasterxml.jackson.dataformat.xml.deser.WrapperHandlingDeserializer.deserialize(WrapperHandlingDeserializer.java:122)
at com.fasterxml.jackson.dataformat.xml.deser.XmlDeserializationContext.readRootValue(XmlDeserializationContext.java:91)
at com.fasterxml.jackson.databind.ObjectMapper._readMapAndClose(ObjectMapper.java:4825)
at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:3833)
at org.cyclonedx.parsers.XmlParser.parse(XmlParser.java:87)
... 4 more
Caused by: java.lang.IllegalArgumentException: Cannot deserialize value of type `[Lorg.cyclonedx.model.Component;` from Object value (token `JsonToken.START_OBJECT`)
at [Source: UNKNOWN; byte offset: #UNKNOWN] (through reference chain: org.cyclonedx.model.Component["pedigree"]->org.cyclonedx.model.Pedigree["ancestors"])
at com.fasterxml.jackson.databind.ObjectMapper._convert(ObjectMapper.java:4544)
at com.fasterxml.jackson.databind.ObjectMapper.convertValue(ObjectMapper.java:4475)
at org.cyclonedx.util.deserializer.MetadataDeserializer.deserialize(MetadataDeserializer.java:53)
at org.cyclonedx.util.deserializer.MetadataDeserializer.deserialize(MetadataDeserializer.java:28)
at com.fasterxml.jackson.databind.deser.impl.MethodProperty.deserializeAndSet(MethodProperty.java:129)
at com.fasterxml.jackson.databind.deser.BeanDeserializer.vanillaDeserialize(BeanDeserializer.java:314)
... 10 more
Caused by: com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot deserialize value of type `[Lorg.cyclonedx.model.Component;` from Object value (token `JsonToken.START_OBJECT`)
at [Source: UNKNOWN; byte offset: #UNKNOWN] (through reference chain: org.cyclonedx.model.Component["pedigree"]->org.cyclonedx.model.Pedigree["ancestors"])
at com.fasterxml.jackson.databind.exc.MismatchedInputException.from(MismatchedInputException.java:59)
at com.fasterxml.jackson.databind.DeserializationContext.reportInputMismatch(DeserializationContext.java:1752)
at com.fasterxml.jackson.databind.DeserializationContext.handleUnexpectedToken(DeserializationContext.java:1526)
at com.fasterxml.jackson.databind.DeserializationContext.handleUnexpectedToken(DeserializationContext.java:1473)
at com.fasterxml.jackson.databind.deser.std.ObjectArrayDeserializer.handleNonArray(ObjectArrayDeserializer.java:345)
at com.fasterxml.jackson.databind.deser.std.ObjectArrayDeserializer.deserialize(ObjectArrayDeserializer.java:197)
at com.fasterxml.jackson.databind.deser.std.ObjectArrayDeserializer.deserialize(ObjectArrayDeserializer.java:27)
at com.fasterxml.jackson.databind.deser.DefaultDeserializationContext.readRootValue(DefaultDeserializationContext.java:323)
at com.fasterxml.jackson.databind.ObjectMapper._readValue(ObjectMapper.java:4801)
at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:2974)
at com.fasterxml.jackson.core.JsonParser.readValueAs(JsonParser.java:2363)
at org.cyclonedx.util.deserializer.ComponentWrapperDeserializer.deserialize(ComponentWrapperDeserializer.java:75)
at org.cyclonedx.util.deserializer.ComponentWrapperDeserializer.deserialize(ComponentWrapperDeserializer.java:34)
at com.fasterxml.jackson.databind.deser.impl.MethodProperty.deserializeAndSet(MethodProperty.java:129)
at com.fasterxml.jackson.databind.deser.BeanDeserializer.vanillaDeserialize(BeanDeserializer.java:314)
at com.fasterxml.jackson.databind.deser.BeanDeserializer.deserialize(BeanDeserializer.java:177)
at com.fasterxml.jackson.databind.deser.impl.MethodProperty.deserializeAndSet(MethodProperty.java:129)
at com.fasterxml.jackson.databind.deser.BeanDeserializer.vanillaDeserialize(BeanDeserializer.java:314)
at com.fasterxml.jackson.databind.deser.BeanDeserializer.deserialize(BeanDeserializer.java:177)
at com.fasterxml.jackson.databind.ObjectMapper._convert(ObjectMapper.java:4539)
... 15 more
The library has special deserialization code to handle component elements within ancestors (and a few other cases).
See org.cyclonedx.util.deserializer.ComponentWrapperDeserializer.
A change in the library or perhaps in Jackson has changed the type of the parser such that it is no longer an instance of FromXmlParser when this code is reached (it is now an internal Jackson token buffer parser class instance).
Affected version: 8.0.3 and possible earlier 8.x.
Sample SBOM that fails to parse.
Exception:
The library has special deserialization code to handle
component
elements withinancestors
(and a few other cases).See
org.cyclonedx.util.deserializer.ComponentWrapperDeserializer
.A change in the library or perhaps in Jackson has changed the type of the parser such that it is no longer an instance of
FromXmlParser
when this code is reached (it is now an internal Jackson token buffer parser class instance).Hence the alternate branch assuming JSON parsing is taken, which fails since the
component
encountered is an Object not an Array of Objects.The text was updated successfully, but these errors were encountered: