-
Bug
-
Resolution: Fixed
-
Minor
-
None
Upgrading from 3.2.1 to 3.3.0 breaks pipeline without feedback on why.
Rolling back to 3.2.1 or disabling the requireJs analyzer works around the issue.
NVD data is retrieved through proxy, and the requireJs data url is not blocked by the same proxy and should be retrievable.
The workaround is manageable for now, but ideally this analyzer too could be used.
Output with 3.3.0
[Pipeline] unzip 05:18:02 Extracting from /opt/data/jenkins/jenkins/workspace/ency-checker-updater_master-FSGPE7SQZD5SF3YSLFVMSFD2RZCNMIB4GH3DQZD7P6MA4IUJIBNQ/dependency-check-data.zip 05:18:02 Extracting: dc.h2.db -> /opt/data/jenkins/jenkins/workspace/ency-checker-updater_master-FSGPE7SQZD5SF3YSLFVMSFD2RZCNMIB4GH3DQZD7P6MA4IUJIBNQ/dependency-check-data/dc.h2.db 05:18:04 Extracted: 1 files [Pipeline] } [Pipeline] // stage [Pipeline] stage [Pipeline] { (Update) [Pipeline] dependencyCheckUpdateOnly 05:18:04 [DependencyCheck] OWASP Dependency-Check Plugin v3.3.0 05:18:04 [DependencyCheck] Executing Dependency-Check with the following options: 05:18:04 [DependencyCheck] -name = master 05:18:04 [DependencyCheck] -outputDirectory = /opt/data/jenkins/jenkins/workspace/ency-checker-updater_master-FSGPE7SQZD5SF3YSLFVMSFD2RZCNMIB4GH3DQZD7P6MA4IUJIBNQ 05:18:04 [DependencyCheck] -dataDirectory = /opt/data/jenkins/jenkins/workspace/ency-checker-updater_master-FSGPE7SQZD5SF3YSLFVMSFD2RZCNMIB4GH3DQZD7P6MA4IUJIBNQ/dependency-check-data 05:18:04 [DependencyCheck] -dataMirroringType = none 05:18:04 [DependencyCheck] -proxyServer = proxy.local 05:18:04 [DependencyCheck] -proxyPort = 8080 05:18:04 [DependencyCheck] -isQuickQueryTimestampEnabled = true 05:18:04 [DependencyCheck] -jarAnalyzerEnabled = false 05:18:04 [DependencyCheck] -nodePackageAnalyzerEnabled = false 05:18:04 [DependencyCheck] -nspAnalyzerEnabled = false 05:18:04 [DependencyCheck] -retireJsAnalyzerEnabled = true 05:18:04 [DependencyCheck] -composerLockAnalyzerEnabled = false 05:18:04 [DependencyCheck] -pythonDistributionAnalyzerEnabled = false 05:18:04 [DependencyCheck] -pythonPackageAnalyzerEnabled = false 05:18:04 [DependencyCheck] -rubyBundlerAuditAnalyzerEnabled = false 05:18:04 [DependencyCheck] -rubyGemAnalyzerEnabled = false 05:18:04 [DependencyCheck] -cocoaPodsAnalyzerEnabled = false 05:18:04 [DependencyCheck] -swiftPackageManagerAnalyzerEnabled = false 05:18:04 [DependencyCheck] -archiveAnalyzerEnabled = false 05:18:04 [DependencyCheck] -assemblyAnalyzerEnabled = false 05:18:04 [DependencyCheck] -msBuildProjectAnalyzerEnabled = false 05:18:04 [DependencyCheck] -centralAnalyzerEnabled = false 05:18:04 [DependencyCheck] -nuspecAnalyzerEnabled = false 05:18:04 [DependencyCheck] -nexusAnalyzerEnabled = false 05:18:04 [DependencyCheck] -artifactoryAnalyzerEnabled = false 05:18:04 [DependencyCheck] -autoconfAnalyzerEnabled = false 05:18:04 [DependencyCheck] -cmakeAnalyzerEnabled = false 05:18:04 [DependencyCheck] -opensslAnalyzerEnabled = false 05:18:04 [DependencyCheck] -showEvidence = true 05:18:04 [DependencyCheck] -formats = XML 05:18:04 [DependencyCheck] -autoUpdate = true 05:18:04 [DependencyCheck] -updateOnly = true 05:18:04 [DependencyCheck] Performing NVD update only 05:18:13 [DependencyCheck] Unable to update the Dependency-Check database [Pipeline] } [Pipeline] // stage
Output with 3.3.0, requireJs analyzer disable in global config.
[Pipeline] unzip 17:57:59 Extracting from /opt/data/jenkins/jenkins/workspace/ency-checker-updater_master-FSGPE7SQZD5SF3YSLFVMSFD2RZCNMIB4GH3DQZD7P6MA4IUJIBNQ/dependency-check-data.zip 17:57:59 Extracting: dc.h2.db -> /opt/data/jenkins/jenkins/workspace/ency-checker-updater_master-FSGPE7SQZD5SF3YSLFVMSFD2RZCNMIB4GH3DQZD7P6MA4IUJIBNQ/dependency-check-data/dc.h2.db 17:58:01 Extracting: dc.lock.db -> /opt/data/jenkins/jenkins/workspace/ency-checker-updater_master-FSGPE7SQZD5SF3YSLFVMSFD2RZCNMIB4GH3DQZD7P6MA4IUJIBNQ/dependency-check-data/dc.lock.db 17:58:01 Extracted: 2 files [Pipeline] } [Pipeline] // stage [Pipeline] stage [Pipeline] { (Update) [Pipeline] dependencyCheckUpdateOnly 17:58:01 [DependencyCheck] OWASP Dependency-Check Plugin v3.3.0 17:58:01 [DependencyCheck] Executing Dependency-Check with the following options: 17:58:01 [DependencyCheck] -name = master 17:58:01 [DependencyCheck] -outputDirectory = /opt/data/jenkins/jenkins/workspace/ency-checker-updater_master-FSGPE7SQZD5SF3YSLFVMSFD2RZCNMIB4GH3DQZD7P6MA4IUJIBNQ 17:58:01 [DependencyCheck] -dataDirectory = /opt/data/jenkins/jenkins/workspace/ency-checker-updater_master-FSGPE7SQZD5SF3YSLFVMSFD2RZCNMIB4GH3DQZD7P6MA4IUJIBNQ/dependency-check-data 17:58:01 [DependencyCheck] -dataMirroringType = none 17:58:01 [DependencyCheck] -proxyServer = proxy.local 17:58:01 [DependencyCheck] -proxyPort = 8080 17:58:01 [DependencyCheck] -isQuickQueryTimestampEnabled = true 17:58:01 [DependencyCheck] -jarAnalyzerEnabled = false 17:58:01 [DependencyCheck] -nodePackageAnalyzerEnabled = false 17:58:01 [DependencyCheck] -nspAnalyzerEnabled = false 17:58:01 [DependencyCheck] -retireJsAnalyzerEnabled = false 17:58:01 [DependencyCheck] -composerLockAnalyzerEnabled = false 17:58:01 [DependencyCheck] -pythonDistributionAnalyzerEnabled = false 17:58:01 [DependencyCheck] -pythonPackageAnalyzerEnabled = false 17:58:01 [DependencyCheck] -rubyBundlerAuditAnalyzerEnabled = false 17:58:01 [DependencyCheck] -rubyGemAnalyzerEnabled = false 17:58:01 [DependencyCheck] -cocoaPodsAnalyzerEnabled = false 17:58:01 [DependencyCheck] -swiftPackageManagerAnalyzerEnabled = false 17:58:01 [DependencyCheck] -archiveAnalyzerEnabled = false 17:58:01 [DependencyCheck] -assemblyAnalyzerEnabled = false 17:58:01 [DependencyCheck] -msBuildProjectAnalyzerEnabled = false 17:58:01 [DependencyCheck] -centralAnalyzerEnabled = false 17:58:01 [DependencyCheck] -nuspecAnalyzerEnabled = false 17:58:01 [DependencyCheck] -nexusAnalyzerEnabled = false 17:58:01 [DependencyCheck] -artifactoryAnalyzerEnabled = false 17:58:01 [DependencyCheck] -autoconfAnalyzerEnabled = false 17:58:01 [DependencyCheck] -cmakeAnalyzerEnabled = false 17:58:01 [DependencyCheck] -opensslAnalyzerEnabled = false 17:58:01 [DependencyCheck] -showEvidence = true 17:58:01 [DependencyCheck] -formats = XML 17:58:01 [DependencyCheck] -autoUpdate = true 17:58:01 [DependencyCheck] -updateOnly = true 17:58:01 [DependencyCheck] Performing NVD update only [Pipeline] } [Pipeline] // stage
Old 3.2.1 run:
[Pipeline] unzip 05:18:02 Extracting from /opt/apps/jenkins/jenkins/workspace/ency-checker-updater_master-FSGPE7SQZD5SF3YSLFVMSFD2RZCNMIB4GH3DQZD7P6MA4IUJIBNQ/dependency-check-data.zip 05:18:02 Extracting: dc.h2.db -> /opt/apps/jenkins/jenkins/workspace/ency-checker-updater_master-FSGPE7SQZD5SF3YSLFVMSFD2RZCNMIB4GH3DQZD7P6MA4IUJIBNQ/dependency-check-data/dc.h2.db 05:18:03 Extracted: 1 files [Pipeline] } [Pipeline] // stage [Pipeline] stage [Pipeline] { (Update) [Pipeline] dependencyCheckUpdateOnly 05:18:03 [DependencyCheck] OWASP Dependency-Check Plugin v3.2.1 05:18:03 [DependencyCheck] Executing Dependency-Check with the following options: 05:18:03 [DependencyCheck] -name = master 05:18:03 [DependencyCheck] -outputDirectory = /opt/apps/jenkins/jenkins/workspace/ency-checker-updater_master-FSGPE7SQZD5SF3YSLFVMSFD2RZCNMIB4GH3DQZD7P6MA4IUJIBNQ 05:18:03 [DependencyCheck] -dataDirectory = /opt/apps/jenkins/jenkins/workspace/ency-checker-updater_master-FSGPE7SQZD5SF3YSLFVMSFD2RZCNMIB4GH3DQZD7P6MA4IUJIBNQ/dependency-check-data 05:18:03 [DependencyCheck] -dataMirroringType = none 05:18:03 [DependencyCheck] -proxyServer = proxy.local 05:18:03 [DependencyCheck] -proxyPort = 8080 05:18:03 [DependencyCheck] -isQuickQueryTimestampEnabled = true 05:18:03 [DependencyCheck] -jarAnalyzerEnabled = false 05:18:03 [DependencyCheck] -nodePackageAnalyzerEnabled = false 05:18:03 [DependencyCheck] -nspAnalyzerEnabled = false 05:18:03 [DependencyCheck] -composerLockAnalyzerEnabled = false 05:18:03 [DependencyCheck] -pythonDistributionAnalyzerEnabled = false 05:18:03 [DependencyCheck] -pythonPackageAnalyzerEnabled = false 05:18:03 [DependencyCheck] -rubyBundlerAuditAnalyzerEnabled = false 05:18:03 [DependencyCheck] -rubyGemAnalyzerEnabled = false 05:18:03 [DependencyCheck] -cocoaPodsAnalyzerEnabled = false 05:18:03 [DependencyCheck] -swiftPackageManagerAnalyzerEnabled = false 05:18:03 [DependencyCheck] -archiveAnalyzerEnabled = false 05:18:03 [DependencyCheck] -assemblyAnalyzerEnabled = false 05:18:03 [DependencyCheck] -centralAnalyzerEnabled = false 05:18:03 [DependencyCheck] -nuspecAnalyzerEnabled = false 05:18:03 [DependencyCheck] -nexusAnalyzerEnabled = false 05:18:03 [DependencyCheck] -autoconfAnalyzerEnabled = false 05:18:03 [DependencyCheck] -cmakeAnalyzerEnabled = false 05:18:03 [DependencyCheck] -opensslAnalyzerEnabled = false 05:18:03 [DependencyCheck] -showEvidence = true 05:18:03 [DependencyCheck] -formats = XML 05:18:03 [DependencyCheck] -autoUpdate = true 05:18:03 [DependencyCheck] -updateOnly = true 05:18:04 [DependencyCheck] Performing NVD update only [Pipeline] } [Pipeline] // stage
- duplicates
-
JENKINS-52792 Check fails if job directory not on the same partition as the tmp directory
- Closed