@willmurphy I found the the file where syft is haning. It is haning on one pom file. I was confused why it was hanging. Pom is so simple that it contains only one dependency.
Also, it is resolved after changing “max-parent-recursive-depth” to 1. We were initially not setting any value. Also, our system is disconnected from internet. So, thinking that there might be a bug in Syft where it might be hung when internet is not available.
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>${groupId}</groupId>
<artifactId>${artifactId}</artifactId>
<version>${version}</version>
<packaging>war</packaging>
<name>basicWebapp</name>
<!-- Start elements of Oracle products and licenses -->
<description>Oracle WebLogic Maven Archetype</description>
<url>http://www.oracle.com/us/products/middleware/cloud-app-foundation/weblogic/suite/overview/index.html</url>
<inceptionYear>1997</inceptionYear>
<organization>
<name>Oracle America, Inc.</name>
<url>http://www.oracle.com</url>
</organization>
<licenses>
<license>
<name>
The "Oracle Technology Network License Agreement - Oracle
Maven Repository" is the license for this Project Object
Model (POM) file and the associated software and documentation
unless you have accepted or agreed to different license terms
with Oracle when you obtained the right to use the POM file,
software and documentation. Please refer to the comments below
for additional information.
</name>
<url>https://www.oracle.com/webapps/maven/register/license.html</url>
<distribution>repo</distribution>
<comments>
Copyright (c) 2014, 2015, Oracle and/or its affiliates. All rights
reserved.
This Project Object Model (POM) file and the associated software and
documentation are provided under a license agreement containing
restrictions on use and disclosure and are protected by intellectual
property laws. You acknowledge that your use of this POM file and the
associated software and documentation is subject to the license terms
that you accepted or agreed to when you obtained the right to use the
POM file, software and documentation. In the event you have not
accepted or agreed to any such license terms, you cannot use this
POM file or the associated software and documentation without first
accepting the Oracle Technology Network License Agreement - Oracle
Maven Repository terms and conditions set forth at the above-listed
URL.
Except as expressly permitted in your license agreement or allowed
by law, you may not:
- use, copy, reproduce, translate, broadcast, modify, license,
transmit, distribute, exhibit, perform, publish, or display any part,
in any form, or by any means, the POM file or the associated software
or documentation; and
- deploy the POM file or the associated software or documentation to
any Maven or other repositories except for your local Maven repository
that is not accessible to any third party (other than contractors
acting on your behalf if expressly permitted in your license
agreement), including but not limited to the Maven Central Repository
or any other public Maven repository.
Reverse engineering, disassembly, or decompilation of this software,
unless required by law for interoperability, is prohibited.
Additional Notices
The information contained herein is subject to change without notice
and is not warranted to be error-free. If you find any errors, please
report them to us in writing.
If this is software or related documentation that is delivered to the
U.S. Government or anyone licensing it on behalf of the
U.S. Government, the following notice is applicable:
U.S. GOVERNMENT END USERS: Oracle programs, including any operating
system, integrated software, any programs installed on the hardware,
and/or documentation, delivered to U.S. Government end users are
"commercial computer software" pursuant to the applicable Federal
Acquisition Regulation and agency-specific supplemental regulations.
As such, use, duplication, disclosure, modification, and adaptation
of the programs, including any operating system, integrated software,
any programs installed on the hardware, and/or documentation, shall be
subject to the license terms and license restrictions applicable to the
programs. No other rights are granted to the U.S. Government.
Oracle and Java are registered trademarks of Oracle and/or its
affiliates. Other names may be trademarks of their respective owners.
This software or hardware and documentation may provide access to or
information about content, products, and services from third parties.
Oracle Corporation and its affiliates are not responsible for and
expressly disclaim all warranties of any kind with respect to
third-party content, products, and services unless otherwise set
forth in an applicable agreement between you and Oracle. Oracle
Corporation and its affiliates will not be responsible for any loss,
costs, or damages incurred due to your access to or use of third-party
content, products, or services, except as set forth in an applicable
agreement between you and Oracle.
</comments>
</license>
</licenses>
<!-- End elements of Oracle products and licenses -->
<parent>
<groupId>com.oracle.weblogic.archetype</groupId>
<artifactId>wls-common</artifactId>
<version>14.1.2-0-0</version>
</parent>
<dependencies>
<dependency>
<groupId>javax</groupId>
<artifactId>javaee-web-api</artifactId>
<version>6.0</version>
<scope>provided</scope>
</dependency>
</dependencies>
<build>
<finalName>basicWebapp</finalName>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>2.3.2</version>
<configuration>
<source>1.8</source>
<target>1.8</target>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId>
<version>3.3.1</version>
<configuration>
<failOnMissingWebXml>false</failOnMissingWebXml>
</configuration>
</plugin>
<plugin>
<groupId>com.oracle.weblogic</groupId>
<artifactId>weblogic-maven-plugin</artifactId>
<version>14.1.2-0-0</version>
<!--
You can find and redefine the following variables in the parent pom file arccording to your environment.
oracleMiddlewareHome
oracleServerUrl
oracleUsername
oraclePassword
oracleServerName
-->
<configuration>
<middlewareHome>${oracleMiddlewareHome}</middlewareHome>
</configuration>
<executions>
<!--Deploy the application to the server-->
<execution>
<phase>pre-integration-test</phase>
<goals>
<goal>deploy</goal>
</goals>
<configuration>
<!--The admin URL where the app is deployed. Here use the plugin's default value t3://localhost:7001-->
<!--adminurl>${oracleServerUrl}</adminurl-->
<user>${oracleUsername}</user>
<password>${oraclePassword}</password>
<!--The location of the file or directory to be deployed-->
<source>${project.build.directory}/${project.build.finalName}.${project.packaging}</source>
<!--The target servers where the application is deployed. Here use the plugin's default value AdminServer-->
<!--targets>${oracleServerName}</targets-->
<verbose>true</verbose>
<name>${project.build.finalName}</name>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>