You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tomee.apache.org by "Richard Zowalla (Jira)" <ji...@apache.org> on 2021/05/12 14:36:00 UTC
[jira] [Updated] (TOMEE-2957) Fix OWASP Checks on ASF Jenkins
Environment
[ https://issues.apache.org/jira/browse/TOMEE-2957?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Richard Zowalla updated TOMEE-2957:
-----------------------------------
Fix Version/s: 8.0.8
> Fix OWASP Checks on ASF Jenkins Environment
> -------------------------------------------
>
> Key: TOMEE-2957
> URL: https://issues.apache.org/jira/browse/TOMEE-2957
> Project: TomEE
> Issue Type: Improvement
> Components: TomEE Build
> Affects Versions: 7.0.9, 7.1.4, 8.0.5, 8.0.6
> Environment: [1mApache Maven 3.6.3 (cecedd343002696d0abb50b32b541b8a6ba2883f)[m
> Maven home: /usr/local/asfpackages/maven/apache-maven-3.6.3
> Java version: 1.8.0_252, vendor: Oracle Corporation, runtime: /usr/local/asfpackages/java/openjdk-8u252-b09/jre
> Default locale: en_US, platform encoding: ISO-8859-1
> OS name: "linux", version: "4.15.0-99-generic", arch: "amd64", family: "unix"
> Reporter: Richard Zowalla
> Assignee: Richard Zowalla
> Priority: Minor
> Fix For: 7.0.10, 7.1.5, 8.0.7, 8.0.8
>
>
> Jenkins build for the "master-owasp-check" failed due to an unresolveable maven property `maven.multiModuleProjectDirectory` [1].
>
> [ERROR] Unable to create an Input Stream for ${maven.multiModuleProjectDirectory}/owasp-dc-suppression.xmljava.io.FileNotFoundException: ${maven.multiModuleProjectDirectory}/owasp-dc-suppression.xml (No such file or directory)
> at java.io.FileInputStream.open0 (Native Method)
> at java.io.FileInputStream.open (FileInputStream.java:195)
> at java.io.FileInputStream.<init> (FileInputStream.java:138)
> at java.io.FileInputStream.<init> (FileInputStream.java:93)
> at org.owasp.dependencycheck.utils.FileUtils.getResourceAsStream (FileUtils.java:166)
> at org.owasp.dependencycheck.analyzer.AbstractSuppressionAnalyzer.loadSuppressionFile (AbstractSuppressionAnalyzer.java:218)
> at org.owasp.dependencycheck.analyzer.AbstractSuppressionAnalyzer.loadSuppressionData (AbstractSuppressionAnalyzer.java:132)
> at org.owasp.dependencycheck.analyzer.AbstractSuppressionAnalyzer.prepareAnalyzer (AbstractSuppressionAnalyzer.java:103)
> at org.owasp.dependencycheck.analyzer.AbstractAnalyzer.prepare (AbstractAnalyzer.java:102)
> at org.owasp.dependencycheck.Engine.initializeAnalyzer (Engine.java:781)
> at org.owasp.dependencycheck.Engine.analyzeDependencies (Engine.java:617)
> at org.owasp.dependencycheck.maven.BaseDependencyCheckMojo.runCheck (BaseDependencyCheckMojo.java:1620)
> at org.owasp.dependencycheck.maven.BaseDependencyCheckMojo.execute (BaseDependencyCheckMojo.java:889)
> at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo (DefaultBuildPluginManager.java:137)
> at org.apache.maven.lifecycle.internal.MojoExecutor.execute (MojoExecutor.java:210)
> at org.apache.maven.lifecycle.internal.MojoExecutor.execute (MojoExecutor.java:156)
> at org.apache.maven.lifecycle.internal.MojoExecutor.execute (MojoExecutor.java:148)
> at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject (LifecycleModuleBuilder.java:117)
> at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject (LifecycleModuleBuilder.java:81)
> at org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build (SingleThreadedBuilder.java:56)
> at org.apache.maven.lifecycle.internal.LifecycleStarter.execute (LifecycleStarter.java:128)
> at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:305)
> at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:192)
> at org.apache.maven.DefaultMaven.execute (DefaultMaven.java:105)
> at org.jvnet.hudson.maven3.launcher.Maven35Launcher.main (Maven35Launcher.java:130)
> at sun.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke (NativeMethodAccessorImpl.java:62)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke (DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke (Method.java:498)
> at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced (Launcher.java:282)
> at org.codehaus.plexus.classworlds.launcher.Launcher.launch (Launcher.java:225)
> at jenkins.maven3.agent.Maven35Main.launch (Maven35Main.java:178)
> at sun.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke (NativeMethodAccessorImpl.java:62)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke (DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke (Method.java:498)
> at hudson.maven.Maven3Builder.call (Maven3Builder.java:139)
> at hudson.maven.Maven3Builder.call (Maven3Builder.java:70)
> at hudson.remoting.UserRequest.perform (UserRequest.java:211)
> at hudson.remoting.UserRequest.perform (UserRequest.java:54)
> at hudson.remoting.Request$2.run (Request.java:369)
> at hudson.remoting.InterceptingExecutorService$1.call (InterceptingExecutorService.java:72)
> at java.util.concurrent.FutureTask.run (FutureTask.java:266)
> at java.util.concurrent.ThreadPoolExecutor.runWorker (ThreadPoolExecutor.java:1149)
> at java.util.concurrent.ThreadPoolExecutor$Worker.run (ThreadPoolExecutor.java:624)
> at java.lang.Thread.run (Thread.java:748)[WARNING] Suppression file '${maven.multiModuleProjectDirectory}/owasp-dc-suppression.xml' does not exist[ERROR] Exception occurred initializing Vulnerability Suppression Analyzer.[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
> [INFO] Finished Dependency Bundling Analyzer (0 seconds)
> [INFO] Analysis Complete (3 seconds)
>
> [1] https://ci-builds.apache.org/job/Tomee/job/master-owasp-check/20/console
--
This message was sent by Atlassian Jira
(v8.3.4#803005)