Closed Saturate closed 7 months ago
@ejohn20 I have tested this change together with @Saturate on our own Devops and it works like a breeze. We are now able to set the JVM as we want to and also we can now do proper OWASP scans because we have created a local cache of the NIST files. See https://github.com/jeremylong/Open-Vulnerability-Project/tree/main/vulnz#caching-the-nvd-cve-data for a guide for that. So can we please get the PR approved, deployed so we are all able to move on and handle the downtime we currently see from the NIST servers. Thanks @ejohn20
@jeremylong @ejohn20 Can we do something to exepedite the PR somehow? We have 100+ pipelines that are failing on OWASP and with this PR we can make them all work again! We are internally at our organistation dependent on this extension and discussing if we can be part of maintaining this as well. This would benefit all :-)
Hi @ejohn20 I have attached a log from devops showing it works using our build of the template. For testing we have bumped to v10 :-) We are using our own downloaded CVE files as can be seen in the logs and also that it succeeds. owasp_log.txt
@ejohn20 sorry to be so pushy here but we really need to PR to either be approved, if it is good, so we can get all of our pipelines to work again.
Before this change
tl.setVariable
would override any customJAVA_OPTS
, making it impossible to set Java memory as needed in #144Will print if any non-default
JAVA_OPTS
are set, for better debugging, if nothing is defined it will use the default'-Xss8192k'
as said before, so this is not a breaking change.Fixes #131