You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomee.apache.org by GitBox <gi...@apache.org> on 2021/01/18 15:49:59 UTC
[GitHub] [tomee] rzo1 commented on pull request #750: TOMEE-2957 - Fix OWASP Checks on ASF Jenkins Environment
rzo1 commented on pull request #750:
URL: https://github.com/apache/tomee/pull/750#issuecomment-762331778
Hi @cesarhernandezgt
The PR job does not run owasp as it is defined in a separate profile.
General problems related to timeouts for OWASP plugin:
- OWASP plugin requires a CVE database, which is downloaded and cached on the machine via Maven
- If no central database is configured, it will download (initial or to update) the CVE database from OWASP. If the exeucting machine has limited bandwidth or the OWASP mirror is slow / down, the update process will time out.
This update process can take some minutes:
```
[INFO] Checking for updates
[INFO] NVD CVE requires several updates; this could take a couple of minutes.
[INFO] Download Started for NVD CVE - 2003
[INFO] Download Started for NVD CVE - 2002
[INFO] Download Complete for NVD CVE - 2003 (1316 ms)
[INFO] Download Started for NVD CVE - 2004
[INFO] Processing Started for NVD CVE - 2003
[INFO] Download Complete for NVD CVE - 2002 (1659 ms)
[INFO] Download Started for NVD CVE - 2005
[INFO] Processing Started for NVD CVE - 2002
[INFO] Download Complete for NVD CVE - 2004 (1509 ms)
[INFO] Download Started for NVD CVE - 2006
[INFO] Processing Started for NVD CVE - 2004
[INFO] Download Complete for NVD CVE - 2005 (1721 ms)
[INFO] Download Started for NVD CVE - 2007
[INFO] Processing Started for NVD CVE - 2005
[INFO] Download Complete for NVD CVE - 2006 (1835 ms)
[INFO] Download Started for NVD CVE - 2008
[INFO] Processing Started for NVD CVE - 2006
[INFO] Download Complete for NVD CVE - 2007 (1825 ms)
[INFO] Processing Started for NVD CVE - 2007
[INFO] Download Started for NVD CVE - 2009
[INFO] Download Complete for NVD CVE - 2008 (1800 ms)
[INFO] Processing Started for NVD CVE - 2008
[INFO] Download Started for NVD CVE - 2010
[INFO] Download Complete for NVD CVE - 2009 (1841 ms)
[INFO] Download Started for NVD CVE - 2011
[INFO] Processing Started for NVD CVE - 2009
[INFO] Download Complete for NVD CVE - 2010 (1801 ms)
[INFO] Download Started for NVD CVE - 2012
[INFO] Download Complete for NVD CVE - 2011 (1675 ms)
[INFO] Download Started for NVD CVE - 2013
[INFO] Download Complete for NVD CVE - 2012 (1852 ms)
[INFO] Download Started for NVD CVE - 2014
[INFO] Download Complete for NVD CVE - 2013 (1842 ms)
[INFO] Download Started for NVD CVE - 2015
[INFO] Download Complete for NVD CVE - 2014 (1820 ms)
[INFO] Download Started for NVD CVE - 2016
[INFO] Download Complete for NVD CVE - 2015 (1832 ms)
[INFO] Download Started for NVD CVE - 2017
[INFO] Download Complete for NVD CVE - 2016 (1805 ms)
[INFO] Download Started for NVD CVE - 2018
[INFO] Processing Complete for NVD CVE - 2003 (12802 ms)
[INFO] Processing Started for NVD CVE - 2010
[INFO] Download Complete for NVD CVE - 2017 (1855 ms)
[INFO] Download Started for NVD CVE - 2019
[INFO] Download Complete for NVD CVE - 2018 (1989 ms)
[INFO] Download Started for NVD CVE - 2020
[INFO] Download Complete for NVD CVE - 2019 (1994 ms)
[INFO] Download Started for NVD CVE - 2021
[INFO] Download Complete for NVD CVE - 2021 (1010 ms)
[INFO] Download Complete for NVD CVE - 2020 (2131 ms)
[INFO] Processing Complete for NVD CVE - 2004 (25181 ms)
[INFO] Processing Started for NVD CVE - 2011
[INFO] Processing Complete for NVD CVE - 2005 (49059 ms)
[INFO] Processing Started for NVD CVE - 2012
[INFO] Processing Complete for NVD CVE - 2002 (50881 ms)
[INFO] Processing Started for NVD CVE - 2013
[INFO] Processing Complete for NVD CVE - 2009 (61418 ms)
[INFO] Processing Started for NVD CVE - 2014
[INFO] Processing Complete for NVD CVE - 2007 (74519 ms)
[INFO] Processing Started for NVD CVE - 2015
[INFO] Processing Complete for NVD CVE - 2010 (70112 ms)
[INFO] Processing Started for NVD CVE - 2016
[INFO] Processing Complete for NVD CVE - 2006 (85494 ms)
[INFO] Processing Started for NVD CVE - 2017
[INFO] Processing Complete for NVD CVE - 2008 (91107 ms)
[INFO] Processing Started for NVD CVE - 2018
[INFO] Processing Complete for NVD CVE - 2011 (73078 ms)
[INFO] Processing Started for NVD CVE - 2019
[INFO] Processing Complete for NVD CVE - 2012 (82196 ms)
[INFO] Processing Started for NVD CVE - 2021
[INFO] Processing Complete for NVD CVE - 2021 (1427 ms)
[INFO] Processing Started for NVD CVE - 2020
[INFO] Processing Complete for NVD CVE - 2013 (85502 ms)
[INFO] Processing Complete for NVD CVE - 2015 (72849 ms)
[INFO] Processing Complete for NVD CVE - 2014 (85486 ms)
[INFO] Processing Complete for NVD CVE - 2016 (74144 ms)
[INFO] Processing Complete for NVD CVE - 2017 (79997 ms)
[INFO] Processing Complete for NVD CVE - 2019 (71406 ms)
[INFO] Processing Complete for NVD CVE - 2018 (75791 ms)
[INFO] Processing Complete for NVD CVE - 2020 (38297 ms)
[INFO] Download Started for NVD CVE - Modified
[INFO] Download Complete for NVD CVE - Modified (1372 ms)
[INFO] Processing Started for NVD CVE - Modified
[INFO] Processing Complete for NVD CVE - Modified (1603 ms)
[INFO] Begin database maintenance
[INFO] Updated the CPE ecosystem on 127076 NVD records
[INFO] Removed the CPE ecosystem on 2854 NVD records
[INFO] End database maintenance (17945 ms)
[INFO] Begin database defrag
[INFO] End database defrag (3785 ms)
[INFO] Check for updates complete (214159 ms)
[INFO]
[INFO] Total time: 03:47 min
```
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org