search

jenkinsci / fortify-plugin

Fortify Jenkins plugin
https://plugins.jenkins.io/fortify
Other
23 stars 29 forks source link

Hyperlink error in Fortify Assessment with engineType=SCA #48

Closed tim-reslv closed 2 years ago

tim-reslv commented 3 years ago

Version report

Jenkins and plugins versions report:

Jenkins version: 2.235.5
Forify plugin version : 20.2.34
SSC version: 20.2.0.0149

We got below error when click the hyperlink in Fortify Assessment.

Unexpected error has occurred. Please contact your administratorJun 3, 2021 5:33:17 PM
TypeError: Cannot read property 'traceNodes' of undefined

Got error URL link:
https://fortifyssc.sample.com:8443/ssc/html/ssc/version/10001/fix/26/?projectName=WEATHERFORECAST-API&projectVersionName=1.0&issue=B97D5FD6B9BD8340DF4AD9FF52658746&engineType=SCA

We try to remove engineType=SCA from URL, and it work without error.
Working URL:
https://fortifyssc.sample.com:8443/ssc/html/ssc/version/10001/fix/26/?projectName=WEATHERFORECAST-API&projectVersionName=1.0&issue=B97D5FD6B9BD8340DF4AD9FF52658746

Reproduction steps

Results

Expected result:

open URL link to Fortify web console.

Actual result:

Unexpected error has occurred. Please contact your administrator Jun 3, 2021 5:33:17 PM TypeError: Cannot read property 'traceNodes' of undefined

akaryakina commented 2 years ago

I can no longer reproduce the issue, I tried the latest released version of the plugin and SSC 22.1, and the links work fine for me. It seems to be an SSC issue, not the Jenkins plugin's. Could you please try with the latest SSC? You might also want to report this issue through the Fortify support. You're going to have to attach the downloaded fpr of the SSC app version you're observing this on and also ssc.log file. I also searched our internal bug database, and it seems like customers have been reporting similar issues (not triggered from the Jenkins plugin but just the issue with deep link and complaining about 'traceNodes'), but all the engineering investigations resulted in not being able to reproduce. There must be something tricky about your SSC app version, so investigating this would be pretty interesting. However, it's out of scope of the Jenkins plugin, so I'm closing this one. Please, open a case with Fortify SSC support at: https://www.microfocus.com/en-us/support/Fortify%20Software%20Security%20Center