Cannot read property 'find' of undefined

[bolanki]

Describe the bug We've had an issue with this plugin where it would randomly give a "Cannot read property 'find' of undefined" error when running the Task during our build pipeline.

To Reproduce This happens randomly but does appear to be more prevalent when running multiple builds at the same time.

Expected behavior The dependency check plugin should install and run correctly.

Screenshots

[pippolino]

Ciao,

I think you ran the plugin when a new version of DependencyCheck was released in the repository DependencyCheck and the resources were not present in the new release.

Could you check if the problem is still present?

We will still take charge of the request to handle this case.

[bolanki]

@pippolino, I checked the release log of Dependency Check and it seems the last 2 releases were 17 January 2024 and 15 March 2024. We've been having this issue intermittently during that gap and after the latest release (last error was 19 March 2024 03:02am. I went back in history, and there was a few... 20 February 2024 is another example 03:00am.

Perhaps I misunderstood you, but I don't think this is happening when a new release is deployed. It feels (from our side), that it happens during our nightly builds, when a lot of builds run at the same time.

[pippolino]

Hi @bolanki, it might be a problem of Rate limits for the REST API for unauthenticated users. The find command is used to search the asset to be downloaded, but if the API does not respond correctly there may be problems. I'm still investigating, I can try to put more detailed log messages.

[jvmap]

I get the same error. Like @bolanki, it seems to happen when several builds run shortly after one another. It seems very plausible to me that we're hitting GitHub rate limits. Would it be possible to configure the GitHub credentials to use for downloading dependency-check?