Dependency-Check issue on jenkins

jeremylong / DependencyCheck

OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.

https://owasp.org/www-project-dependency-check/

Apache License 2.0

6.13k stars 1.23k forks source link

Dependency-Check issue on jenkins #6534

Open Guntur123 opened 3 months ago

Guntur123 commented 3 months ago

[DependencyCheck] Picked up JAVA_TOOL_OPTIONS: -Djavax.net.ssl.trustStore=/etc/pki/ca-trust/extracted/java/cacerts [DependencyCheck] [ERROR] One or more fatal errors occurred [DependencyCheck] [ERROR] Unable to connect to the database - if this error persists it may be due to a corrupt database. Consider running purge to delete the existing database

ConRock5000 commented 3 months ago

Hi, I see this when the NVD API is having connection issues. Don't purge. Once the issue resolves, rerun the task and the process will finish normally. I made the mistake of purging last week, then had to wait for all the data to download again. When it happened again this week, I eventually cancelled another task which was in a reconnect loop, then restarted the tasks and they finished normally.

aikebah commented 2 months ago

@Guntur123 I would expect an earlier error in your logs with a bit more detail on the exact error connecting to the database. If not, retry your build adding a --log option configured to output the verbose log to a file (e.g. within the job workspace) that you can access to examine after the failure to have more information to debug your issue.