Comments (6)
@jeremylong , any timeline for when we can upgrade our task with this fix? All of our Dependency checker tasks are failing with a 403 because of this.
from azuredevops.
Working on it. Azure went down yesterday, which made it difficult to build / test. Should be today sometime.
from azuredevops.
Even after adding the lines for DependencyCheck v6.0.2, still getting the 403 ,forbidden error
from azuredevops.
I'm going to need the full build task output to troubleshoot this. Guessing your version has not updated to the latest build task version yet. It should look like this:
Starting: Dependency Check
==============================================================================
Task : OWASP Dependency Check
Description : Dependency Check is a Software Composition Analysis (SCA) tool that attempts to detect publicly disclosed vulnerabilities contained within a project's dependencies.
Version : 5.6.1
Author : Dependency Check
Help : [More Information](https://jeremylong.github.io/DependencyCheck/index.html)
==============================================================================
Starting Dependency Check...
Setting report directory to D:\a\1\TestResults\dependency-check
Creating report directory at D:\a\1\TestResults\dependency-check
Directory: D:\a\1\TestResults
Mode LastWriteTime Length Name
---- ------------- ------ ----
d----- 9/29/2020 4:14 PM dependency-check
Downloading Dependency Check v6.0.2 installer...
Dependency Check installer set to D:\a\_tasks\dependency-check-build-task_47ea1f4a-57ba-414a-b12e-c44f42765e72\5.6.1\dependency-check\bin\dependency-check.bat
Invoking Dependency Check...
Path: D:\a\_tasks\dependency-check-build-task_47ea1f4a-57ba-414a-b12e-c44f42765e72\5.6.1\dependency-check\bin\dependency-check.bat
Arguments: --project "WebGoat .NET" --scan "D:\a\1\s\**\packages.config" --out "D:\a\1\TestResults\dependency-check" --format HTML --format JSON
from azuredevops.
Working on it. Azure went down yesterday, which made it difficult to build / test. Should be today sometime.
Works now. Thanks for the quick turnaround.
from azuredevops.
==============================================================================
Task : OWASP Dependency Check
Description : Dependency Check is a Software Composition Analysis (SCA) tool that attempts to detect publicly disclosed vulnerabilities contained within a project's dependencies.
Version : 5.6.1
Author : Dependency Check
Help : More Information
today i.e after latest version 5.6.1 i'm getting [ERROR] Error generating the report for RFPM-V2.0-UI-Dependency-Check
2020-09-30T04:54:10.5266725Z Dependency Check completed with exit code -12. Please suggest
from azuredevops.
Related Issues (20)
- Does NVD Api 1.0 to 2.0 affect this extension? HOT 1
- Environment variable JAVA_OPTS is overwritten with hard coded settings. HOT 1
- Junit report doesn't change with failOnCVSS threshold
- dependency-check-build-task@6 format ALL ignored when excludePath present (and only html report published)
- New Maintainer(s) Needed HOT 23
- Add retry handling for `rmRF` invocation in `dependency-check-build-task.ts`
- separate warning threshold or CVSS score output
- CLI 9.0.0 seems to require a DB purge HOT 2
- Error updating the NVD Data: NVD Returned Status Code: 404 HOT 4
- Question regarding easy caching approach HOT 13
- Error Updating NVD Data in Azure DevOps Pipeline using OWASP Dependency Check Task HOT 9
- Using custom CVE feed causes Java Heap - out of memory exception. What to do now? HOT 1
- Expose the NVD API Key as a Task parameter HOT 6
- Report type new option ALL
- new option to perform ajaxSpider scanning
- [error]Dependency Check exited with an error code (exit code: 13) HOT 3
- ##[error]File upload failed even after retry.
- Cannot read property 'find' of undefined HOT 4
- Data Folder Location HOT 15
- 6.2.1 Fails: #[error]Not found Dependency Check installer: D:\a\1\s\dependency-check HOT 10
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from azuredevops.