Support dependency verification

[AlexanderBartash]

What happened?

Gradle dependency verification does not work with this plugin.

Multiple issues may be at play (see #1779 (comment) for correction & clarification):

1. If we signature verification i.e. <verify-metadata>true</verify-metadata> and pgp option in CLI. It fails with Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/JPA' as it does not exist. with may or may not be a bug in Gradle.
2. If we do not use signature verification and verify only hashes <verify-metadata>false</verify-metadata> and no pgp option in CLI. Hashes for the actual artifacts are missing for dependencies created by this plugin, like bundledPlugin:*. Only hashes for ivy.xml are being generated by Gradle.

FAILURE: Build failed with an exception.

* What went wrong:
Configuration cache state could not be cached: field `__intellijPlatform__` of `org.jetbrains.intellij.platform.gradle.artifacts.transform.CollectorTransformer$Parameters` bean found in field `elements` of `org.gradle.internal.serialize.codecs.core.ResolutionBackedFileCollectionSpec` bean found in field `provider` of `org.gradle.internal.serialize.codecs.core.ProviderBackedFileCollectionSpec` bean found in field `element` of `java.util.Collections$SingletonList` bean found in field `elements` of `org.gradle.internal.serialize.codecs.core.ResolutionBackedFileCollectionSpec` bean found in field `__classpathSnapshot__` of `org.jetbrains.kotlin.gradle.tasks.KotlinCompile$ClasspathSnapshotProperties` bean found in field `__classpathSnapshotProperties__` of task `:compileKotlin` of type `org.jetbrains.kotlin.gradle.tasks.KotlinCompile`: error writing value of type 'org.gradle.api.internal.file.collections.DefaultConfigurableFileCollection'
> Dependency verification failed for configuration ':intellijPlatformDependency'
  One artifact failed verification: /home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/javaee-appServers-tomcat-2023.3.8+84.directory (bundledPlugin:Tomcat:2023.3.8+84) from repository Local IntelliJ Platform Artifacts Repository
  If the artifacts are trustworthy, you will need to update the gradle/verification-metadata.xml file. For more on how to do this, please refer to https://docs.gradle.org/8.10.2/userguide/dependency_verification.html#sec:troubleshooting-verification in the Gradle documentation.
  
  Open this report for more details: file:///home/sasha/sources/intellij-platform-plugin-template/build/reports/dependency-verification/at-1727732690404/dependency-verification-report.html

bundledPlugin:Tomcat:2023.3.8+84	
/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/javaee-appServers-tomcat-2023.3.8+84.directory
Checksums are missing from verification metadata 

Context information

I have a strong suspicion that the cause is somewhere among the usages of org.jetbrains.intellij.platform.gradle.utils.UtilsKt#safelyCreatePlugin.

Now a little guide on how to use dependency verification:

• I do not recommend to enable both verification & locking from Support for dependency locking, do not use absolute paths #1778 since both suffer from issue(s) It will be overwhelming.
• Dependency locking protects when there is a changing version in dependencies, i.e. dynamic version in gradle terminology. And verification protects for a slightly different case: when the coordinates stay the same but the actual dependency files change, or they are compromised (signature fails, it is an optional verification).
• Verification is configured simply by creating gradle/verification-metadata.xml

<?xml version="1.0" encoding="UTF-8"?>
<verification-metadata xmlns="https://schema.gradle.org/dependency-verification" 
                       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
                       xsi:schemaLocation="https://schema.gradle.org/dependency-verification https://schema.gradle.org/dependency-verification/dependency-verification-1.3.xsd">
   <configuration>
      <verify-metadata>true</verify-metadata>
      <verify-signatures>false</verify-signatures>
      <keyring-format>armored</keyring-format>
      <key-servers>
         <key-server uri="https://keyserver.ubuntu.com"/>
      </key-servers>
   </configuration>
</verification-metadata>

• Then you run Gradle commands which appends configuration to that file. It is important to understand that it appends, not overwrites. Because of that if you run the same command multiple times you will get different results. So for testing purposes make sure always to revert gradle/verification-metadata.xml to the state above.
• Verification basically has two (three) features: verification of file hashes and verification of file signatures. The third feature is metadata i.e. pom.xml etc verification in addition to jar files or other artifacts, which is enabled by <verify-metadata>true</verify-metadata>.
• First try to use it without signature verification, because it will be owerwhelming. It can be disabled by <verify-signatures>false</verify-signatures> in gradle/verification-metadata.xml and running the next command:

./gradlew clean build --continue --rerun-tasks --no-build-cache --no-configuration-cache --no-configure-on-demand --write-locks --refresh-keys --export-keys --write-verification-metadata md5,sha1,sha256,sha512

• It will generate a lot of content in gradle/verification-metadata.xml do not forget to revert it before the next run.
• Try to use it with the signatures, do that by simply running (notice there is pgp at the end):

./gradlew clean build --continue --rerun-tasks --no-build-cache --no-configuration-cache --no-configure-on-demand --write-locks --refresh-keys --export-keys --write-verification-metadata md5,sha1,sha256,sha512,pgp

• It will automatically change <verify-signatures>true</verify-signatures> in gradle/verification-metadata.xml so do not forget to change it back because it will be creating errors even if you do not list pgp in the command line.
• It will generate a lot of content in gradle/verification-metadata.xml do not forget to revert it before the next run.

Relevant log output or stack trace

Below.

Steps to reproduce

Repo

https://github.com/AlexanderBartash/intellij-platform-plugin-template/tree/dep-verification-bug
Also see ignored tests in #1780

Without Signatures

First try to use it without pgp:

./gradlew clean build --continue --rerun-tasks --no-build-cache --no-configuration-cache --no-configure-on-demand --write-locks --refresh-keys --export-keys --write-verification-metadata md5,sha1,sha256,sha512

DO NOT change gradle/verification-metadata.xml manually!

./gradlew clean build 

FAILURE: Build failed with an exception.

* What went wrong:
Configuration cache state could not be cached: field `__intellijPlatform__` of `org.jetbrains.intellij.platform.gradle.artifacts.transform.CollectorTransformer$Parameters` bean found in field `elements` of `org.gradle.internal.serialize.codecs.core.ResolutionBackedFileCollectionSpec` bean found in field `provider` of `org.gradle.internal.serialize.codecs.core.ProviderBackedFileCollectionSpec` bean found in field `element` of `java.util.Collections$SingletonList` bean found in field `elements` of `org.gradle.internal.serialize.codecs.core.ResolutionBackedFileCollectionSpec` bean found in field `__classpathSnapshot__` of `org.jetbrains.kotlin.gradle.tasks.KotlinCompile$ClasspathSnapshotProperties` bean found in field `__classpathSnapshotProperties__` of task `:compileKotlin` of type `org.jetbrains.kotlin.gradle.tasks.KotlinCompile`: error writing value of type 'org.gradle.api.internal.file.collections.DefaultConfigurableFileCollection'
> Dependency verification failed for configuration ':intellijPlatformDependency'
  One artifact failed verification: /home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/javaee-appServers-tomcat-2023.3.8+84.directory (bundledPlugin:Tomcat:2023.3.8+84) from repository Local IntelliJ Platform Artifacts Repository
  If the artifacts are trustworthy, you will need to update the gradle/verification-metadata.xml file. For more on how to do this, please refer to https://docs.gradle.org/8.10.2/userguide/dependency_verification.html#sec:troubleshooting-verification in the Gradle documentation.
  
  Open this report for more details: file:///home/sasha/sources/intellij-platform-plugin-template/build/reports/dependency-verification/at-1727732690404/dependency-verification-report.html

In the report for this failure I see:

bundledPlugin:Tomcat:2023.3.8+84	
/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/javaee-appServers-tomcat-2023.3.8+84.directory
Checksums are missing from verification metadata 

And in the verification-metadata.xml file I see some possible discrepancies:

<?xml version="1.0" encoding="UTF-8"?>
<verification-metadata xmlns="https://schema.gradle.org/dependency-verification" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="https://schema.gradle.org/dependency-verification https://schema.gradle.org/dependency-verification/dependency-verification-1.3.xsd">
   <configuration>
      <verify-metadata>true</verify-metadata>
      <verify-signatures>false</verify-signatures>
      <keyring-format>armored</keyring-format>
      <key-servers>
         <key-server uri="https://keyserver.ubuntu.com"/>
      </key-servers>
   </configuration>
   <components>
      <!-- This is a clipped file, there were many other components here. -->
      <component group="bundledPlugin" name="Tomcat" version="2023.3.8+84">
         <artifact name="ivy-2023.3.8+84.xml">
            <md5 value="0315fbe6c213b753f79381b0e5a18b02" origin="Generated by Gradle"/>
            <sha1 value="1a6e7dd7eaff3a3c9ed514b454a3a4ac0f985402" origin="Generated by Gradle"/>
            <sha256 value="9197a957995f195ac2ff3e56cf1720e195d61401223577ce513653cb918388dd" origin="Generated by Gradle"/>
            <sha512 value="bba0126c3d9251ac5bbe765b4daab6a467c54a38b8096130389d8af453a495f080543dff2168d22100fcfa11d51e5e21c7d24498b86e7e45a54899a4e2f8ad1e" origin="Generated by Gradle"/>
         </artifact>
         <!-- I think here should be another entry for that .directory, but it does not get generated. This is what the error is about. -->
      </component>

      <!-- See below examples of how other artifacts look like.  -->
      <component group="com.google.guava" name="guava" version="32.1.3-jre">
         <artifact name="guava-32.1.3-jre.jar">
            <md5 value="adc3cf557a48d15cb71be90948558923" origin="Generated by Gradle"/>
            <sha1 value="0f306708742ce2bf0fb0901216183bc14073feae" origin="Generated by Gradle"/>
            <sha256 value="6d4e2b5a118aab62e6e5e29d185a0224eed82c85c40ac3d33cf04a270c3b3744" origin="Generated by Gradle"/>
            <sha512 value="f575321aa79046f2c12bdf9895db7e235cbaaa8e913389ae48ec4bb5f387d6bf066ed98c5f2c7854bf0c56bb38b59b005ca3c16d68e314743491a223a18cee47" origin="Generated by Gradle"/>
         </artifact>
         <artifact name="guava-32.1.3-jre.module">
            <md5 value="e6794493e3bcab67b0c6b8448f4e92bf" origin="Generated by Gradle"/>
            <sha1 value="4c853bdbbb6f44e3a1674fb4ca931e4720f158b1" origin="Generated by Gradle"/>
            <sha256 value="f5fff7642c12e7627bc14289fd267e2602c17f9590e23522c3e63107f61c2942" origin="Generated by Gradle"/>
            <sha512 value="8ce0d85f4466999263bea74b62f583a6dcd7008531a7a4c89f4387adbae605986a48735161d96ad1d329ef43dee15812baae4ec4cf5bb086efddaa0e2209b2aa" origin="Generated by Gradle"/>
         </artifact>
      </component>
      <component group="com.google.guava" name="guava-parent" version="26.0-android">
         <artifact name="guava-parent-26.0-android.pom">
            <md5 value="cb15100f42049979dd296ae701e4ef4e" origin="Generated by Gradle"/>
            <sha1 value="a2c0df489614352b7e8e503e274bd1dee5c42a64" origin="Generated by Gradle"/>
            <sha256 value="f8698ab46ca996ce889c1afc8ca4f25eb8ac6b034dc898d4583742360016cc04" origin="Generated by Gradle"/>
            <sha512 value="1d786f14fbfa5c90eedcc160d1e0a71acb2141f372049b22ce62b0bd1e883c17cc24a59dc8b00e5037e959cccdb54d4d8dc8f252302d4bb7ce82dfdaff764476" origin="Generated by Gradle"/>
         </artifact>
      </component>
      <component group="com.jetbrains.intellij.idea" name="ideaIU" version="2023.3.8">
         <artifact name="ideaIU-2023.3.8.pom">
            <md5 value="23def2f158ab129eb5355e6fbe4997e2" origin="Generated by Gradle"/>
            <sha1 value="95f09d04f4652c8b9a80c1f72baed43ba7be2d0f" origin="Generated by Gradle"/>
            <sha256 value="713cf2aaf872406cc0d5c03a6985382a0c9819cc080ed8f4024411a99118ad0f" origin="Generated by Gradle"/>
            <sha512 value="8d58edca55fc09f4bd8e49372e870ba912b6590a56dd5204db3c5d7f3d38d0dba74ea0deee35083a148f453789c38c07bd0f2246c43645a6a602c7952aeec93a" origin="Generated by Gradle"/>
         </artifact>
         <artifact name="ideaIU-2023.3.8.zip">
            <md5 value="d90a44d9ce142e1bd45f74cbc811858e" origin="Generated by Gradle"/>
            <sha1 value="7cb6ca200b78b921b30a70b5057b952b5bfebd2a" origin="Generated by Gradle"/>
            <sha256 value="27b011801301c0e7dfb903b447a2dacd5803d9734e45a97b0f6c5947c57a5699" origin="Generated by Gradle"/>
            <sha512 value="b4c3771c8155f5620be264867c6f93096d52b9c550d47371f687de2bf6062775a2353022ecdb8f3c0937c2716cb0522945f007fbd1c735ea768c2587698c1e2e" origin="Generated by Gradle"/>
         </artifact>
      </component>
   </components>
</verification-metadata>

Now if you add bundledModule & bundledPlugin to ignore rules it will work. But it defeats the purpose since now it won't verify intellij artifacts. It is just to demonstrate that it can work in general.

<verification-metadata xmlns="https://schema.gradle.org/dependency-verification"
                       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
                       xsi:schemaLocation="https://schema.gradle.org/dependency-verification https://schema.gradle.org/dependency-verification/dependency-verification-1.3.xsd">
   <configuration>
      <verify-metadata>true</verify-metadata>
      <verify-signatures>false</verify-signatures>
      <keyring-format>armored</keyring-format>
      <key-servers>
         <key-server uri="https://keyserver.ubuntu.com"/>
      </key-servers>
      <trusted-artifacts>
         <trust group="bundledModule" reason="Because they are created dynamically by the IntelliJ Platform Gradle Plugin from the resolved IDEA zip archive. Also they create absolute paths in this file."/>
         <trust group="bundledPlugin" reason="Because they are created dynamically by the IntelliJ Platform Gradle Plugin from the resolved IDEA zip archive. Also they create absolute paths in this file."/>
      </trusted-artifacts>
   </configuration>
</verification-metadata>

./gradlew clean build --stacktrace --continue --rerun-tasks --no-build-cache --no-configuration-cache --no-configure-on-demand --write-locks --refresh-keys --export-keys --write-verification-metadata md5,sha1,sha256,sha512
./gradlew clean build 

With Signatures

Revert gradle/verification-metadata.xml back to the original state.
Try now with pgp.

./gradlew clean build --stacktrace --continue --rerun-tasks --no-build-cache --no-configuration-cache --no-configure-on-demand --write-locks --refresh-keys --export-keys --write-verification-metadata md5,sha1,sha256,sha512,pgp

With pgp added it is even worse than without. Because here even if you also add bundledModule & bundledPlugin to ignore rules it will NOT work, because this command is supposed to bootstrap a list of trusted keys, it is too big to create manually from scratch. And the below errors interrupt that process. It may be actually a bug in Gradle, because it seems like it confuses a dir for a file, or maybe the plugin just registers is wrong, or dirs are not supposed to be there at all.

Do not forget to revert gradle/verification-metadata.xml after using the pgp option because it changes <verify-signatures>false</verify-signatures> to true.

with-pgp.log

FAILURE: Build failed with an exception.

* What went wrong:
Multiple build operations failed.
    Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/javaee-app-servers-impl' as it does not exist.
    Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/microservices-jvm' as it does not exist.
    Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/javaee-el-core' as it does not exist.
    Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/DatabaseTools' as it does not exist.
    Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/restClient' as it does not exist.
    Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/javaee-appServers-tomcat' as it does not exist.
    Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/javascript-debugger' as it does not exist.
    Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/microservices-ui' as it does not exist.
    Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/JPA' as it does not exist.
    Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/hibernate' as it does not exist.
    ...and 43 more failures.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/javaee-app-servers-impl' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/microservices-jvm' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/javaee-el-core' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/DatabaseTools' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/restClient' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/javaee-appServers-tomcat' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/javascript-debugger' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/microservices-ui' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/JPA' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/hibernate' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/uml' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/Spring' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/JavaEE' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/javaee-persistence-impl' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/java-byteCodeViewer' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/javaee-web-impl' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/junit' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/java-coverage' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/aopCommon' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/maven' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/sh' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/javascript-impl' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/terminal' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/markdown' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/grazie' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/properties' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/completionMlRanking' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/indexing-shared-ultimate-plugin-bundled' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/platform-langInjection' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/testng' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/grid-core-impl' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/indexing-shared' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/platform-images' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/css-impl' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/toml' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/featuresTrainer' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/gradle' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/vcs-git' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/Groovy' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/java-i18n' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/copyright' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/performanceTesting' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/repository-search' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/maven-server' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/grid-impl' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/yaml' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/eclipse' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/xpath' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/java' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/jsonpath' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/maven-model' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/configurationScript' as it does not exist.
> Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/webDeployment' as it does not exist.

* Try:
> Run with --debug option to get more log output.
> Run with --scan to get full insights.
> Get more help at https://help.gradle.org.

* Exception is:
org.gradle.internal.operations.MultipleBuildOperationFailures: Multiple build operations failed.
    Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/javaee-app-servers-impl' as it does not exist.
    Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/microservices-jvm' as it does not exist.
    Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/javaee-el-core' as it does not exist.
    Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/DatabaseTools' as it does not exist.
    Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/restClient' as it does not exist.
    Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/javaee-appServers-tomcat' as it does not exist.
    Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/javascript-debugger' as it does not exist.
    Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/microservices-ui' as it does not exist.
    Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/JPA' as it does not exist.
    Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/hibernate' as it does not exist.
    ...and 43 more failures.
        at org.gradle.internal.operations.DefaultBuildOperationQueue.markFinished(DefaultBuildOperationQueue.java:158)
        at org.gradle.internal.operations.DefaultBuildOperationQueue.lambda$waitForWorkToComplete$0(DefaultBuildOperationQueue.java:148)
        at org.gradle.internal.Factories$1.create(Factories.java:31)
        at org.gradle.internal.work.DefaultWorkerLeaseService.withoutLocks(DefaultWorkerLeaseService.java:335)
        at org.gradle.internal.work.DefaultWorkerLeaseService.withoutLocks(DefaultWorkerLeaseService.java:318)
        at org.gradle.internal.work.DefaultWorkerLeaseService.blocking(DefaultWorkerLeaseService.java:230)
        at org.gradle.internal.operations.DefaultBuildOperationQueue.waitForWorkToComplete(DefaultBuildOperationQueue.java:136)
        at org.gradle.internal.operations.DefaultBuildOperationQueue.waitForCompletion(DefaultBuildOperationQueue.java:107)
        at org.gradle.internal.operations.DefaultBuildOperationExecutor.executeInParallel(DefaultBuildOperationExecutor.java:106)
        at org.gradle.internal.operations.DefaultBuildOperationExecutor.runAll(DefaultBuildOperationExecutor.java:65)
        at org.gradle.internal.operations.DefaultBuildOperationExecutor.runAll(DefaultBuildOperationExecutor.java:60)
        at org.gradle.api.internal.artifacts.ivyservice.ivyresolve.verification.writer.WriteDependencyVerificationFile.computeChecksumsConcurrently(WriteDependencyVerificationFile.java:411)
        at org.gradle.api.internal.artifacts.ivyservice.ivyresolve.verification.writer.WriteDependencyVerificationFile.buildFinished(WriteDependencyVerificationFile.java:216)
        at org.gradle.api.internal.artifacts.DependencyManagementBuildScopeServices$3.beforeModelDiscarded(DependencyManagementBuildScopeServices.java:437)
        at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
        at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
        at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
        at org.gradle.internal.event.DefaultListenerManager$ListenerDetails.dispatch(DefaultListenerManager.java:570)
        at org.gradle.internal.event.DefaultListenerManager$ListenerDetails.dispatch(DefaultListenerManager.java:540)
        at org.gradle.internal.event.AbstractBroadcastDispatch.dispatch(AbstractBroadcastDispatch.java:84)
        at org.gradle.internal.event.AbstractBroadcastDispatch.dispatch(AbstractBroadcastDispatch.java:70)
        at org.gradle.internal.event.DefaultListenerManager$EventBroadcast$ListenerDispatch.dispatch(DefaultListenerManager.java:397)
        at org.gradle.internal.event.DefaultListenerManager$EventBroadcast$ListenerDispatch.dispatch(DefaultListenerManager.java:382)
        at org.gradle.internal.dispatch.ProxyDispatchAdapter$DispatchingInvocationHandler.invoke(ProxyDispatchAdapter.java:92)
        at jdk.proxy1/jdk.proxy1.$Proxy42.beforeModelDiscarded(Unknown Source)
        at org.gradle.internal.build.DefaultBuildLifecycleController.lambda$fireBeforeModelDiscarded$5(DefaultBuildLifecycleController.java:161)
        at org.gradle.internal.build.ExecutionResult.maybeFailing(ExecutionResult.java:94)
        at org.gradle.internal.build.DefaultBuildLifecycleController.fireBeforeModelDiscarded(DefaultBuildLifecycleController.java:161)
        at org.gradle.internal.build.DefaultBuildLifecycleController.lambda$beforeModelDiscarded$4(DefaultBuildLifecycleController.java:153)
        at org.gradle.internal.model.StateTransitionController.doTransitionWithFailures(StateTransitionController.java:241)
        at org.gradle.internal.model.StateTransitionController.lambda$transition$12(StateTransitionController.java:224)
        at org.gradle.internal.work.DefaultSynchronizer.withLock(DefaultSynchronizer.java:44)
        at org.gradle.internal.model.StateTransitionController.transition(StateTransitionController.java:221)
        at org.gradle.internal.build.DefaultBuildLifecycleController.beforeModelDiscarded(DefaultBuildLifecycleController.java:153)
        at org.gradle.internal.build.AbstractBuildState.beforeModelDiscarded(AbstractBuildState.java:101)
        at org.gradle.internal.buildtree.DefaultBuildTreeFinishExecutor.lambda$finishBuildTree$1(DefaultBuildTreeFinishExecutor.java:68)
        at org.gradle.composite.internal.DefaultIncludedBuildRegistry.visitBuilds(DefaultIncludedBuildRegistry.java:205)
        at org.gradle.internal.buildtree.DefaultBuildTreeFinishExecutor.finishBuildTree(DefaultBuildTreeFinishExecutor.java:67)
        at org.gradle.composite.internal.OperationFiringBuildTreeFinishExecutor$1.call(OperationFiringBuildTreeFinishExecutor.java:46)
        at org.gradle.composite.internal.OperationFiringBuildTreeFinishExecutor$1.call(OperationFiringBuildTreeFinishExecutor.java:42)
        at org.gradle.internal.operations.DefaultBuildOperationRunner$CallableBuildOperationWorker.execute(DefaultBuildOperationRunner.java:209)
        at org.gradle.internal.operations.DefaultBuildOperationRunner$CallableBuildOperationWorker.execute(DefaultBuildOperationRunner.java:204)
        at org.gradle.internal.operations.DefaultBuildOperationRunner$2.execute(DefaultBuildOperationRunner.java:66)
        at org.gradle.internal.operations.DefaultBuildOperationRunner$2.execute(DefaultBuildOperationRunner.java:59)
        at org.gradle.internal.operations.DefaultBuildOperationRunner.execute(DefaultBuildOperationRunner.java:166)
        at org.gradle.internal.operations.DefaultBuildOperationRunner.execute(DefaultBuildOperationRunner.java:59)
        at org.gradle.internal.operations.DefaultBuildOperationRunner.call(DefaultBuildOperationRunner.java:53)
        at org.gradle.composite.internal.OperationFiringBuildTreeFinishExecutor.finishBuildTree(OperationFiringBuildTreeFinishExecutor.java:42)
        at org.gradle.internal.buildtree.DefaultBuildTreeLifecycleController.lambda$runBuild$4(DefaultBuildTreeLifecycleController.java:125)
        at org.gradle.internal.model.StateTransitionController.lambda$transition$6(StateTransitionController.java:169)
        at org.gradle.internal.model.StateTransitionController.doTransition(StateTransitionController.java:266)
        at org.gradle.internal.model.StateTransitionController.lambda$transition$7(StateTransitionController.java:169)
        at org.gradle.internal.work.DefaultSynchronizer.withLock(DefaultSynchronizer.java:44)
        at org.gradle.internal.model.StateTransitionController.transition(StateTransitionController.java:169)
        at org.gradle.internal.buildtree.DefaultBuildTreeLifecycleController.runBuild(DefaultBuildTreeLifecycleController.java:117)
        at org.gradle.internal.buildtree.DefaultBuildTreeLifecycleController.scheduleAndRunTasks(DefaultBuildTreeLifecycleController.java:77)
        at org.gradle.internal.buildtree.DefaultBuildTreeLifecycleController.scheduleAndRunTasks(DefaultBuildTreeLifecycleController.java:72)
        at org.gradle.tooling.internal.provider.ExecuteBuildActionRunner.run(ExecuteBuildActionRunner.java:31)
        at org.gradle.launcher.exec.ChainingBuildActionRunner.run(ChainingBuildActionRunner.java:35)
        at org.gradle.internal.buildtree.ProblemReportingBuildActionRunner.run(ProblemReportingBuildActionRunner.java:49)
        at org.gradle.launcher.exec.BuildOutcomeReportingBuildActionRunner.run(BuildOutcomeReportingBuildActionRunner.java:65)
        at org.gradle.tooling.internal.provider.FileSystemWatchingBuildActionRunner.run(FileSystemWatchingBuildActionRunner.java:140)
        at org.gradle.launcher.exec.BuildCompletionNotifyingBuildActionRunner.run(BuildCompletionNotifyingBuildActionRunner.java:41)
        at org.gradle.launcher.exec.RootBuildLifecycleBuildActionExecutor.lambda$execute$0(RootBuildLifecycleBuildActionExecutor.java:54)
        at org.gradle.composite.internal.DefaultRootBuildState.run(DefaultRootBuildState.java:130)
        at org.gradle.launcher.exec.RootBuildLifecycleBuildActionExecutor.execute(RootBuildLifecycleBuildActionExecutor.java:54)
        at org.gradle.internal.buildtree.InitDeprecationLoggingActionExecutor.execute(InitDeprecationLoggingActionExecutor.java:62)
        at org.gradle.internal.buildtree.InitProblems.execute(InitProblems.java:36)
        at org.gradle.internal.buildtree.DefaultBuildTreeContext.execute(DefaultBuildTreeContext.java:40)
        at org.gradle.launcher.exec.BuildTreeLifecycleBuildActionExecutor.lambda$execute$0(BuildTreeLifecycleBuildActionExecutor.java:71)
        at org.gradle.internal.buildtree.BuildTreeState.run(BuildTreeState.java:60)
        at org.gradle.launcher.exec.BuildTreeLifecycleBuildActionExecutor.execute(BuildTreeLifecycleBuildActionExecutor.java:71)
        at org.gradle.launcher.exec.RunAsBuildOperationBuildActionExecutor$3.call(RunAsBuildOperationBuildActionExecutor.java:61)
        at org.gradle.launcher.exec.RunAsBuildOperationBuildActionExecutor$3.call(RunAsBuildOperationBuildActionExecutor.java:57)
        at org.gradle.internal.operations.DefaultBuildOperationRunner$CallableBuildOperationWorker.execute(DefaultBuildOperationRunner.java:209)
        at org.gradle.internal.operations.DefaultBuildOperationRunner$CallableBuildOperationWorker.execute(DefaultBuildOperationRunner.java:204)
        at org.gradle.internal.operations.DefaultBuildOperationRunner$2.execute(DefaultBuildOperationRunner.java:66)
        at org.gradle.internal.operations.DefaultBuildOperationRunner$2.execute(DefaultBuildOperationRunner.java:59)
        at org.gradle.internal.operations.DefaultBuildOperationRunner.execute(DefaultBuildOperationRunner.java:166)
        at org.gradle.internal.operations.DefaultBuildOperationRunner.execute(DefaultBuildOperationRunner.java:59)
        at org.gradle.internal.operations.DefaultBuildOperationRunner.call(DefaultBuildOperationRunner.java:53)
        at org.gradle.launcher.exec.RunAsBuildOperationBuildActionExecutor.execute(RunAsBuildOperationBuildActionExecutor.java:57)
        at org.gradle.launcher.exec.RunAsWorkerThreadBuildActionExecutor.lambda$execute$0(RunAsWorkerThreadBuildActionExecutor.java:36)
        at org.gradle.internal.work.DefaultWorkerLeaseService.withLocks(DefaultWorkerLeaseService.java:263)
        at org.gradle.internal.work.DefaultWorkerLeaseService.runAsWorkerThread(DefaultWorkerLeaseService.java:127)
        at org.gradle.launcher.exec.RunAsWorkerThreadBuildActionExecutor.execute(RunAsWorkerThreadBuildActionExecutor.java:36)
        at org.gradle.tooling.internal.provider.continuous.ContinuousBuildActionExecutor.execute(ContinuousBuildActionExecutor.java:110)
        at org.gradle.tooling.internal.provider.SubscribableBuildActionExecutor.execute(SubscribableBuildActionExecutor.java:64)
        at org.gradle.internal.session.DefaultBuildSessionContext.execute(DefaultBuildSessionContext.java:46)
        at org.gradle.internal.buildprocess.execution.BuildSessionLifecycleBuildActionExecutor$ActionImpl.apply(BuildSessionLifecycleBuildActionExecutor.java:92)
        at org.gradle.internal.buildprocess.execution.BuildSessionLifecycleBuildActionExecutor$ActionImpl.apply(BuildSessionLifecycleBuildActionExecutor.java:80)
        at org.gradle.internal.session.BuildSessionState.run(BuildSessionState.java:71)
        at org.gradle.internal.buildprocess.execution.BuildSessionLifecycleBuildActionExecutor.execute(BuildSessionLifecycleBuildActionExecutor.java:62)
        at org.gradle.internal.buildprocess.execution.BuildSessionLifecycleBuildActionExecutor.execute(BuildSessionLifecycleBuildActionExecutor.java:41)
        at org.gradle.internal.buildprocess.execution.StartParamsValidatingActionExecutor.execute(StartParamsValidatingActionExecutor.java:64)
        at org.gradle.internal.buildprocess.execution.StartParamsValidatingActionExecutor.execute(StartParamsValidatingActionExecutor.java:32)
        at org.gradle.internal.buildprocess.execution.SessionFailureReportingActionExecutor.execute(SessionFailureReportingActionExecutor.java:51)
        at org.gradle.internal.buildprocess.execution.SessionFailureReportingActionExecutor.execute(SessionFailureReportingActionExecutor.java:39)
        at org.gradle.internal.buildprocess.execution.SetupLoggingActionExecutor.execute(SetupLoggingActionExecutor.java:47)
        at org.gradle.internal.buildprocess.execution.SetupLoggingActionExecutor.execute(SetupLoggingActionExecutor.java:31)
        at org.gradle.launcher.daemon.server.exec.ExecuteBuild.doBuild(ExecuteBuild.java:70)
        at org.gradle.launcher.daemon.server.exec.BuildCommandOnly.execute(BuildCommandOnly.java:37)
        at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:104)
        at org.gradle.launcher.daemon.server.exec.WatchForDisconnection.execute(WatchForDisconnection.java:39)
        at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:104)
        at org.gradle.launcher.daemon.server.exec.ResetDeprecationLogger.execute(ResetDeprecationLogger.java:29)
        at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:104)
        at org.gradle.launcher.daemon.server.exec.RequestStopIfSingleUsedDaemon.execute(RequestStopIfSingleUsedDaemon.java:35)
        at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:104)
        at org.gradle.launcher.daemon.server.exec.ForwardClientInput.lambda$execute$0(ForwardClientInput.java:40)
        at org.gradle.internal.daemon.clientinput.ClientInputForwarder.forwardInput(ClientInputForwarder.java:80)
        at org.gradle.launcher.daemon.server.exec.ForwardClientInput.execute(ForwardClientInput.java:37)
        at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:104)
        at org.gradle.launcher.daemon.server.exec.LogAndCheckHealth.execute(LogAndCheckHealth.java:64)
        at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:104)
        at org.gradle.launcher.daemon.server.exec.LogToClient.doBuild(LogToClient.java:63)
        at org.gradle.launcher.daemon.server.exec.BuildCommandOnly.execute(BuildCommandOnly.java:37)
        at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:104)
        at org.gradle.launcher.daemon.server.exec.EstablishBuildEnvironment.doBuild(EstablishBuildEnvironment.java:84)
        at org.gradle.launcher.daemon.server.exec.BuildCommandOnly.execute(BuildCommandOnly.java:37)
        at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:104)
        at org.gradle.launcher.daemon.server.exec.StartBuildOrRespondWithBusy$1.run(StartBuildOrRespondWithBusy.java:52)
        at org.gradle.launcher.daemon.server.DaemonStateCoordinator.lambda$runCommand$0(DaemonStateCoordinator.java:321)
        at org.gradle.internal.concurrent.ExecutorPolicy$CatchAndRecordFailures.onExecute(ExecutorPolicy.java:64)
        at org.gradle.internal.concurrent.AbstractManagedExecutor$1.run(AbstractManagedExecutor.java:48)
Cause 1: java.io.UncheckedIOException: Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/javaee-app-servers-impl' as it does not exist.
        at org.gradle.internal.hash.DefaultFileHasher.hash(DefaultFileHasher.java:38)
        at org.gradle.api.internal.changedetection.state.CachingFileHasher.snapshot(CachingFileHasher.java:94)
        at org.gradle.api.internal.changedetection.state.CachingFileHasher.snapshot(CachingFileHasher.java:81)
        at org.gradle.api.internal.changedetection.state.CachingFileHasher.hash(CachingFileHasher.java:71)
        at org.gradle.api.internal.changedetection.state.SplitFileHasher.hash(SplitFileHasher.java:43)
        at org.gradle.api.internal.artifacts.verification.signatures.CrossBuildSignatureVerificationService.verify(CrossBuildSignatureVerificationService.java:85)
        at org.gradle.api.internal.artifacts.ivyservice.ivyresolve.verification.writer.WriteDependencyVerificationFile$2.run(WriteDependencyVerificationFile.java:447)
        at org.gradle.internal.operations.DefaultBuildOperationRunner$2.execute(DefaultBuildOperationRunner.java:66)
        at org.gradle.internal.operations.DefaultBuildOperationRunner$2.execute(DefaultBuildOperationRunner.java:59)
        at org.gradle.internal.operations.DefaultBuildOperationRunner.execute(DefaultBuildOperationRunner.java:166)
        at org.gradle.internal.operations.DefaultBuildOperationRunner.execute(DefaultBuildOperationRunner.java:59)
        at org.gradle.internal.operations.DefaultBuildOperationExecutor$QueueWorker.execute(DefaultBuildOperationExecutor.java:161)
        at org.gradle.internal.operations.DefaultBuildOperationQueue$WorkerRunnable.runOperation(DefaultBuildOperationQueue.java:272)
        at org.gradle.internal.operations.DefaultBuildOperationQueue$WorkerRunnable.doRunBatch(DefaultBuildOperationQueue.java:253)
        at org.gradle.internal.operations.DefaultBuildOperationQueue$WorkerRunnable.lambda$runBatch$0(DefaultBuildOperationQueue.java:238)
        at org.gradle.internal.resources.AbstractResourceLockRegistry.whileDisallowingLockChanges(AbstractResourceLockRegistry.java:50)
        at org.gradle.internal.work.DefaultWorkerLeaseService.whileDisallowingProjectLockChanges(DefaultWorkerLeaseService.java:235)
        at org.gradle.internal.operations.DefaultBuildOperationQueue$WorkerRunnable.lambda$runBatch$1(DefaultBuildOperationQueue.java:238)
        at org.gradle.internal.work.DefaultWorkerLeaseService.withLocks(DefaultWorkerLeaseService.java:263)
        at org.gradle.internal.work.DefaultWorkerLeaseService.runAsWorkerThread(DefaultWorkerLeaseService.java:127)
        at org.gradle.internal.operations.DefaultBuildOperationQueue$WorkerRunnable.runBatch(DefaultBuildOperationQueue.java:224)
        at org.gradle.internal.operations.DefaultBuildOperationQueue$WorkerRunnable.run(DefaultBuildOperationQueue.java:192)
        at org.gradle.internal.concurrent.ExecutorPolicy$CatchAndRecordFailures.onExecute(ExecutorPolicy.java:64)
        at org.gradle.internal.concurrent.AbstractManagedExecutor$1.run(AbstractManagedExecutor.java:48)
Caused by: java.io.FileNotFoundException: /home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/javaee-app-servers-impl (Is a directory)
        at org.gradle.internal.hash.DefaultFileHasher.hash(DefaultFileHasher.java:36)
        ... 23 more
        
... many the same exceptions ...

Cause 53: java.io.UncheckedIOException: Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/webDeployment' as it does not exist.
        at org.gradle.internal.hash.DefaultFileHasher.hash(DefaultFileHasher.java:38)
        at org.gradle.api.internal.changedetection.state.CachingFileHasher.snapshot(CachingFileHasher.java:94)
        at org.gradle.api.internal.changedetection.state.CachingFileHasher.snapshot(CachingFileHasher.java:81)
        at org.gradle.api.internal.changedetection.state.CachingFileHasher.hash(CachingFileHasher.java:71)
        at org.gradle.api.internal.changedetection.state.SplitFileHasher.hash(SplitFileHasher.java:43)
        at org.gradle.api.internal.artifacts.verification.signatures.CrossBuildSignatureVerificationService.verify(CrossBuildSignatureVerificationService.java:85)
        at org.gradle.api.internal.artifacts.ivyservice.ivyresolve.verification.writer.WriteDependencyVerificationFile$2.run(WriteDependencyVerificationFile.java:447)
        at org.gradle.internal.operations.DefaultBuildOperationRunner$2.execute(DefaultBuildOperationRunner.java:66)
        at org.gradle.internal.operations.DefaultBuildOperationRunner$2.execute(DefaultBuildOperationRunner.java:59)
        at org.gradle.internal.operations.DefaultBuildOperationRunner.execute(DefaultBuildOperationRunner.java:166)
        at org.gradle.internal.operations.DefaultBuildOperationRunner.execute(DefaultBuildOperationRunner.java:59)
        at org.gradle.internal.operations.DefaultBuildOperationExecutor$QueueWorker.execute(DefaultBuildOperationExecutor.java:161)
        at org.gradle.internal.operations.DefaultBuildOperationQueue$WorkerRunnable.runOperation(DefaultBuildOperationQueue.java:272)
        at org.gradle.internal.operations.DefaultBuildOperationQueue$WorkerRunnable.doRunBatch(DefaultBuildOperationQueue.java:253)
        at org.gradle.internal.operations.DefaultBuildOperationQueue$WorkerRunnable.lambda$runBatch$0(DefaultBuildOperationQueue.java:238)
        at org.gradle.internal.resources.AbstractResourceLockRegistry.whileDisallowingLockChanges(AbstractResourceLockRegistry.java:50)
        at org.gradle.internal.work.DefaultWorkerLeaseService.whileDisallowingProjectLockChanges(DefaultWorkerLeaseService.java:235)
        at org.gradle.internal.operations.DefaultBuildOperationQueue$WorkerRunnable.lambda$runBatch$1(DefaultBuildOperationQueue.java:238)
        at org.gradle.internal.work.DefaultWorkerLeaseService.withLocks(DefaultWorkerLeaseService.java:263)
        at org.gradle.internal.work.DefaultWorkerLeaseService.runAsWorkerThread(DefaultWorkerLeaseService.java:127)
        at org.gradle.internal.operations.DefaultBuildOperationQueue$WorkerRunnable.runBatch(DefaultBuildOperationQueue.java:224)
        at org.gradle.internal.operations.DefaultBuildOperationQueue$WorkerRunnable.run(DefaultBuildOperationQueue.java:192)
        at org.gradle.internal.concurrent.ExecutorPolicy$CatchAndRecordFailures.onExecute(ExecutorPolicy.java:64)
        at org.gradle.internal.concurrent.AbstractManagedExecutor$1.run(AbstractManagedExecutor.java:48)
        at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1144)
        at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:642)
        at java.base/java.lang.Thread.run(Thread.java:1570)
Caused by: java.io.FileNotFoundException: /home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/webDeployment (Is a directory)
        at java.base/java.io.FileInputStream.open0(Native Method)
        at java.base/java.io.FileInputStream.open(FileInputStream.java:213)
        at java.base/java.io.FileInputStream.<init>(FileInputStream.java:152)
        at org.gradle.internal.hash.DefaultFileHasher.hash(DefaultFileHasher.java:36)
        ... 26 more

Gradle IntelliJ Plugin version

3.1.0

Gradle version

8.10.2

Operating System

Linux

Link to build, i.e. failing GitHub Action job

No response

[AlexanderBartash]

Search https://github.com/gradle/gradle/issues?q=is%3Aissue+is%3Aopen+transform+constraint returns a couple of bugs, these 2 look somewhat similar but not really:

• Dependency constraints on subprojects breaking artifact transforms with dependencies gradle/gradle#18019
• Resolving a transformed configuration at configuration time uses non-existing or stale artifacts and breaks later tasks gradle/gradle#19707

[AlexanderBartash]

The same exception gradle/gradle#10951
According to the comment gradle/gradle#10951 (comment) a directory also was confused for a file.

[AlexanderBartash]

From the stacktrace, which I've provided we can see that the error originated from org.gradle.api.internal.artifacts.ivyservice.ivyresolve.verification.writer.WriteDependencyVerificationFile. In the package org.gradle.api.internal.artifacts.ivyservice.ivyresolve.verification I see classes related to dependency verification logic. So most likely the issue is that we add directories as Ivy artifacts to projects, which then fail to get processed by that class.

In the logs we see dozens of exceptions, because computeChecksumsConcurrently spawns a lot of concurrent computations, that is where they all are coming from.

This only confirms my idea, that the cause is somewhere among the usages of org.jetbrains.intellij.platform.gradle.utils.UtilsKt#safelyCreatePlugin.

org.gradle.internal.operations.MultipleBuildOperationFailures: Multiple build operations failed.
    Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/javaee-app-servers-impl' as it does not exist.
    Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/microservices-jvm' as it does not exist.
    Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/javaee-el-core' as it does not exist.
    Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/DatabaseTools' as it does not exist.
    Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/restClient' as it does not exist.
    Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/javaee-appServers-tomcat' as it does not exist.
    Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/javascript-debugger' as it does not exist.
    Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/microservices-ui' as it does not exist.
    Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/JPA' as it does not exist.
    Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/2f4561d46bc638866dfa4bcb9a564517/transformed/ideaIU-2023.3.8/plugins/hibernate' as it does not exist.
    ...and 43 more failures.
        at org.gradle.internal.operations.DefaultBuildOperationQueue.markFinished(DefaultBuildOperationQueue.java:158)
        at org.gradle.internal.operations.DefaultBuildOperationQueue.lambda$waitForWorkToComplete$0(DefaultBuildOperationQueue.java:148)
        at org.gradle.internal.Factories$1.create(Factories.java:31)
        at org.gradle.internal.work.DefaultWorkerLeaseService.withoutLocks(DefaultWorkerLeaseService.java:335)
        at org.gradle.internal.work.DefaultWorkerLeaseService.withoutLocks(DefaultWorkerLeaseService.java:318)
        at org.gradle.internal.work.DefaultWorkerLeaseService.blocking(DefaultWorkerLeaseService.java:230)
        at org.gradle.internal.operations.DefaultBuildOperationQueue.waitForWorkToComplete(DefaultBuildOperationQueue.java:136)
        at org.gradle.internal.operations.DefaultBuildOperationQueue.waitForCompletion(DefaultBuildOperationQueue.java:107)
        at org.gradle.internal.operations.DefaultBuildOperationExecutor.executeInParallel(DefaultBuildOperationExecutor.java:106)
        at org.gradle.internal.operations.DefaultBuildOperationExecutor.runAll(DefaultBuildOperationExecutor.java:65)
        at org.gradle.internal.operations.DefaultBuildOperationExecutor.runAll(DefaultBuildOperationExecutor.java:60)
        at org.gradle.api.internal.artifacts.ivyservice.ivyresolve.verification.writer.WriteDependencyVerificationFile.computeChecksumsConcurrently(WriteDependencyVerificationFile.java:411)
        at org.gradle.api.internal.artifacts.ivyservice.ivyresolve.verification.writer.WriteDependencyVerificationFile.buildFinished(WriteDependencyVerificationFile.java:216)
        at org.gradle.api.internal.artifacts.DependencyManagementBuildScopeServices$3.beforeModelDiscarded(DependencyManagementBuildScopeServices.java:437)
        at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
        at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
        at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)

[AlexanderBartash]

On the second issue, it may be that Gradle's mechanism for bootstrapping (generating, resolving) hashes of artifacts in verification-metadata.xml file simply does not understand dependencies created by this plugin. It looks like it is doing some custom stuff with custom IvyModule class see

intellij-platform-gradle-plugin/src/main/kotlin/org/jetbrains/intellij/platform/gradle/models/IvyModule.kt

Line 17 in 33af9bd

data class IvyModule(

As I've outlined in the XML file, Gradle generates hashes only for Ivy XML file created from that custom IvyModule. But not from the artifact .directory in our case. Which creates build failure, because Gradle wants that hash.

I tried to set <verify-metadata>false</verify-metadata> and in such case components in that file for those Ivy modules are missing completely, which is expected since there are no hashes for artifacts. But the error stays the same.

<?xml version="1.0" encoding="UTF-8"?>
<verification-metadata xmlns="https://schema.gradle.org/dependency-verification" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="https://schema.gradle.org/dependency-verification https://schema.gradle.org/dependency-verification/dependency-verification-1.3.xsd">
  <configuration>
     <verify-metadata>true</verify-metadata>
     <verify-signatures>false</verify-signatures>
     <keyring-format>armored</keyring-format>
     <key-servers>
        <key-server uri="https://keyserver.ubuntu.com"/>
     </key-servers>
  </configuration>
  <components>
     <!-- This is a clipped file, there were many other components here. -->
     <component group="bundledPlugin" name="Tomcat" version="2023.3.8+84">
        <artifact name="ivy-2023.3.8+84.xml">
           <md5 value="0315fbe6c213b753f79381b0e5a18b02" origin="Generated by Gradle"/>
           <sha1 value="1a6e7dd7eaff3a3c9ed514b454a3a4ac0f985402" origin="Generated by Gradle"/>
           <sha256 value="9197a957995f195ac2ff3e56cf1720e195d61401223577ce513653cb918388dd" origin="Generated by Gradle"/>
           <sha512 value="bba0126c3d9251ac5bbe765b4daab6a467c54a38b8096130389d8af453a495f080543dff2168d22100fcfa11d51e5e21c7d24498b86e7e45a54899a4e2f8ad1e" origin="Generated by Gradle"/>
        </artifact>
        <!-- I think here should be another entry for that .directory, but it does not get generated. This is what the error is about. -->
     </component>

     <!-- See below examples of how other artifacts look like.  -->
     <component group="com.google.guava" name="guava" version="32.1.3-jre">
        <artifact name="guava-32.1.3-jre.jar">
           <md5 value="adc3cf557a48d15cb71be90948558923" origin="Generated by Gradle"/>
           <sha1 value="0f306708742ce2bf0fb0901216183bc14073feae" origin="Generated by Gradle"/>
           <sha256 value="6d4e2b5a118aab62e6e5e29d185a0224eed82c85c40ac3d33cf04a270c3b3744" origin="Generated by Gradle"/>
           <sha512 value="f575321aa79046f2c12bdf9895db7e235cbaaa8e913389ae48ec4bb5f387d6bf066ed98c5f2c7854bf0c56bb38b59b005ca3c16d68e314743491a223a18cee47" origin="Generated by Gradle"/>
        </artifact>
        <artifact name="guava-32.1.3-jre.module">
           <md5 value="e6794493e3bcab67b0c6b8448f4e92bf" origin="Generated by Gradle"/>
           <sha1 value="4c853bdbbb6f44e3a1674fb4ca931e4720f158b1" origin="Generated by Gradle"/>
           <sha256 value="f5fff7642c12e7627bc14289fd267e2602c17f9590e23522c3e63107f61c2942" origin="Generated by Gradle"/>
           <sha512 value="8ce0d85f4466999263bea74b62f583a6dcd7008531a7a4c89f4387adbae605986a48735161d96ad1d329ef43dee15812baae4ec4cf5bb086efddaa0e2209b2aa" origin="Generated by Gradle"/>
        </artifact>
     </component>
     <component group="com.google.guava" name="guava-parent" version="26.0-android">
        <artifact name="guava-parent-26.0-android.pom">
           <md5 value="cb15100f42049979dd296ae701e4ef4e" origin="Generated by Gradle"/>
           <sha1 value="a2c0df489614352b7e8e503e274bd1dee5c42a64" origin="Generated by Gradle"/>
           <sha256 value="f8698ab46ca996ce889c1afc8ca4f25eb8ac6b034dc898d4583742360016cc04" origin="Generated by Gradle"/>
           <sha512 value="1d786f14fbfa5c90eedcc160d1e0a71acb2141f372049b22ce62b0bd1e883c17cc24a59dc8b00e5037e959cccdb54d4d8dc8f252302d4bb7ce82dfdaff764476" origin="Generated by Gradle"/>
        </artifact>
     </component>
     <component group="com.jetbrains.intellij.idea" name="ideaIU" version="2023.3.8">
        <artifact name="ideaIU-2023.3.8.pom">
           <md5 value="23def2f158ab129eb5355e6fbe4997e2" origin="Generated by Gradle"/>
           <sha1 value="95f09d04f4652c8b9a80c1f72baed43ba7be2d0f" origin="Generated by Gradle"/>
           <sha256 value="713cf2aaf872406cc0d5c03a6985382a0c9819cc080ed8f4024411a99118ad0f" origin="Generated by Gradle"/>
           <sha512 value="8d58edca55fc09f4bd8e49372e870ba912b6590a56dd5204db3c5d7f3d38d0dba74ea0deee35083a148f453789c38c07bd0f2246c43645a6a602c7952aeec93a" origin="Generated by Gradle"/>
        </artifact>
        <artifact name="ideaIU-2023.3.8.zip">
           <md5 value="d90a44d9ce142e1bd45f74cbc811858e" origin="Generated by Gradle"/>
           <sha1 value="7cb6ca200b78b921b30a70b5057b952b5bfebd2a" origin="Generated by Gradle"/>
           <sha256 value="27b011801301c0e7dfb903b447a2dacd5803d9734e45a97b0f6c5947c57a5699" origin="Generated by Gradle"/>
           <sha512 value="b4c3771c8155f5620be264867c6f93096d52b9c550d47371f687de2bf6062775a2353022ecdb8f3c0937c2716cb0522945f007fbd1c735ea768c2587698c1e2e" origin="Generated by Gradle"/>
        </artifact>
     </component>
  </components>
</verification-metadata>

[AlexanderBartash]

Actually these two problems are the same issue. It turns out that the same error Failed to create MD5 hash for file '/home/sasha/.gradle/caches/8.10.2/transforms/***/transformed/*/plugins/*' as it does not exist. happens in both cases. It is just when we use pgp option, we see that resulting error. Without pgp option, we do not see any errors at all. I was able to reproduce it in debug mode and confirmed it.

That is why hashes are missing for bundledPlugin dependencies in verification-metadata.xml.

From Gradle sources and the stack trace it looks like it is using https://github.com/gradle/gradle/blob/81c7139e837079a44aa45244268771d978c9f452/subprojects/core/src/main/java/org/gradle/internal/hash/ChecksumHasher.java#L25

Which will not be able to hash a directory simply because of FileInputStream.

It seems to me that in order to support dependency verification this plugin should specify a file (not clear which file if it a dir with jars) instead of a directory for custom artifacts like bundledPlugin. Probably the same is true for bundledModule but I have not tested this one.

One option would be to structure those plugins in the next way:

• ivy.xml e.g. like bom file in maven which lists jars as dependencies

That way Gradle will hash the ivy.xml & jars separately.

It looks like right now this transformer does a similar thing -- collects jars from Ivy artifacts having only dirs in them.

intellij-platform-gradle-plugin/src/main/kotlin/org/jetbrains/intellij/platform/gradle/artifacts/transform/CollectorTransformer.kt

Line 39 in 33af9bd

abstract class CollectorTransformer : TransformAction<CollectorTransformer.Parameters> {

[AlexanderBartash]

For bundledModule artifacts hashes are generated correctly because they point to jars not dirs, at least in this case:

      <component group="bundledModule" name="intellij.java.unscramble" version="242.23339.11+552">
         <artifact name="/home/sasha/.gradle/caches/8.10.2/transforms/5e431020a32f377d747dae792b1dcf82/transformed/ideaIU-242-EAP-SNAPSHOT/plugins/java/lib/modules/intellij.java.unscramble.jar-242.23339.11+552.jar">
            <md5 value="65e1b87751a3be825fdbe9ec0c69d9c5" origin="Generated by Gradle"/>
            <sha1 value="0ebaaca1276243d5057226cee9682c6478eadae4" origin="Generated by Gradle"/>
            <sha256 value="c02c8b42882e911544c1310905d1c6f4418a2b06743d3c17dc9e138124f13337" origin="Generated by Gradle"/>
            <sha512 value="4387fe6c5d359da2cb7f91ae9e473fb5ac70efcbe8a20a949684b72875d2bde98158822b79fede2ecdd2e9469a53724f5d9e03c76298f6265377294730e81bfe" origin="Generated by Gradle"/>
         </artifact>
         <artifact name="ivy-242.23339.11+552.xml">
            <md5 value="dda50acdc8a64d89fe8ffa5a203f4872" origin="Generated by Gradle"/>
            <sha1 value="52d59dec394da2cf85cb4c7644e3f8a6999144fe" origin="Generated by Gradle"/>
            <sha256 value="599ab6979e994c82488b8c88a9d9450044f8d609a5a7ec26084ce1f7aadcc51c" origin="Generated by Gradle"/>
            <sha512 value="40c8c096ad4146ba3305e6827fb0a320b5f1715478bd021ba18d68f6376423aa5b1227e369d50aec34ffdf8a68e597f27f438ed905d6798ae89f84051403ad42" origin="Generated by Gradle"/>
         </artifact>
      </component>

But, if I enable dependency locking, I still see the error in the report. If locking is disabled, modules verification (but not bundled plugins) works fine.

bundledModule:intellij.java.unscramble:242.23339.11+196	
[/home/sasha/.gradle/caches/8.10.2/transforms/298f90e976739a4ae27ab03cd63a4c0c/transformed/ideaIU-242-EAP-SNAPSHOT/plugins/java/lib/modules/intellij.java.unscramble.jar-242.23339.11+196.jar](file:///home/sasha/.gradle/caches/8.10.2/transforms/298f90e976739a4ae27ab03cd63a4c0c/transformed/ideaIU-242-EAP-SNAPSHOT/plugins/java/lib/modules/intellij.java.unscramble.jar)
Checksums are missing from verification metadata

We have the hash for 242.23339.11+552 but it wants for 242.23339.11+196.
This is what I meant by dependencies duplication in #1778

I think it happens, probably, because Gradle dependency locking works by simply adding to the project all those strict dependencies from the lock files to the project and lets dependency conflict resolution do the work
https://docs.gradle.org/current/userguide/dependency_constraints_conflicts.html#resolving_version_conflicts

[AlexanderBartash]

My PR seems to fix the issue, except metadata verification for because this plugin generates Ivy XML files on the fly and whenever ExtractorTransformer runs (See #1778) it creates a new absolute path to the unzipped IDE in the transforms cache, which them gts mentioned a newly generated Ivy XML files. Since the xml files have an absolute path mentioned, their (xml files) hashes will also be different on different envs, because of that <verify-metadata>false</verify-metadata> should be used with this plugin right now.

.intellijPlatform/localPlatformArtifacts/com.jetbrains.localhost-only.bundledPlugin-Git4Idea-242.23339.11.xml:

<ivy-module version="2.0">
  <info organisation="com.jetbrains.localhost-only.bundledPlugin" module="Git4Idea" revision="242.23339.11"/>
  <configurations>
    <conf name="default" visibility="public"/>
  </configurations>
  <publications>
    <artifact name="git4idea-rt.jar" type="home/sasha/.gradle/caches/8.10.2/transforms/28ecd40df1b8c2cf9e48725c9c2de2bb/transformed/ideaIU-242-EAP-SNAPSHOT/plugins/vcs-git/lib/" ext="jar" conf="default"/>
    <artifact name="vcs-git.jar" type="home/sasha/.gradle/caches/8.10.2/transforms/28ecd40df1b8c2cf9e48725c9c2de2bb/transformed/ideaIU-242-EAP-SNAPSHOT/plugins/vcs-git/lib/" ext="jar" conf="default"/>
  </publications>
  <dependencies>
    <dependency org="com.jetbrains.localhost-only.bundledPlugin" name="com.jetbrains.performancePlugin" rev="242.23339.11"/>
    <dependency org="com.jetbrains.localhost-only.bundledPlugin" name="org.jetbrains.plugins.terminal" rev="242.23339.11"/>
    <dependency org="com.jetbrains.localhost-only.bundledModule" name="intellij.platform.collaborationTools" rev="242.23339.11"/>
    <dependency org="com.jetbrains.localhost-only.bundledModule" name="intellij.platform.ide.newUiOnboarding" rev="242.23339.11"/>
    <dependency org="com.jetbrains.localhost-only.bundledModule" name="intellij.platform.coverage" rev="242.23339.11"/>
  </dependencies>
</ivy-module>

To fix this we probably should make the ExtractorTransformer (or create a new, preferably not, because we already have a problem with the extractor running too often) generate Ivy XML files directly in the unzipped IDE, so that it becomes like a local Ivy repository. In that case we probably can use relative paths, which will not change.

This could also significantly improve performance due to

intellij-platform-gradle-plugin/src/main/kotlin/org/jetbrains/intellij/platform/gradle/extensions/IntelliJPlatformDependenciesHelper.kt

Line 138 in 3d6e84e

// TODO: try not to parse all plugins at once

Then here

intellij-platform-gradle-plugin/src/main/kotlin/org/jetbrains/intellij/platform/gradle/utils/utils.kt

Line 71 in dbc44d9

fun FileCollection.platformPath() = with(toList()) {

Or here:

intellij-platform-gradle-plugin/src/main/kotlin/org/jetbrains/intellij/platform/gradle/extensions/IntelliJPlatformDependenciesHelper.kt

Line 131 in dbc44d9

private val bundledPlugins by lazy {

When the location of the transform path becomes available we can register a new Ivy repository (or update artifactPath of the existing one) for that location.

But this will not work with local("/opt/ideaIU") configuration because we might not even have permissions to write there, and should not even if we could. And even if we try to generate Ivy files in sub directories of ".intellijPlatform/ide-repos/{extractor-transform-hash}" for each repo, it might not work when multiple projects are going to try to use that IDE version, since every project has its own ".intellijPlatform/ide-repos/{extractor-transform-hash}".

[AlexanderBartash]

The ideas from the previous comment were implemented in #1785

[AlexanderBartash]

The only case where PGP signature and hash generation still fails is anything stored in localPlatformArtifacts() configuration, like custom JDK, IDE, local plugin, since those still point to a directory. To fix that either a PR should be submitted to Gradle to support dir signature generation (pgp is impossible most likely, because it makes no sense) or similar thing to what I've done should be done for them as well, i.e. recursively collect a list of files in the dir and list all of them as artifacts in Ivy.xml instead of pointing to a dir, which I am not planning on doing.