Closed fmarot closed 1 week ago
Sometimes the NVD API, not owned by this project, will throttle requests and/or have bandwidth issues. We highly recommend either mirroring the NVD or keeping the data directory in tact between scans. See:
Thanks @jeremylong. In fact this is my mirroring job ("update-only" goal of the Maven plugin) which has been failing for nearly a week. This job updates a PGSQL Database. The analyze jobs using the DB in read-only only do not fail. Usually, when problems do not come from my side, I see here other people complaining but as I see no-one but myself complaining right now, I fear I have a problem.
Validate your api key is still valid.
On Mon, May 6, 2024, 8:48 AM Francois Marot @.***> wrote:
Thanks @jeremylong https://github.com/jeremylong. In fact this is my mirroring job ("update-only" goal of the Maven plugin) which has been failing for nearly a week. This job updates a PGSQL Database. The analyze jobs using the DB in read-only only do not fail. Usually, when problems do not come from my side, I see here other people complaining but as I see no-one but myself complaining right now, I fear I have a problem.
— Reply to this email directly, view it on GitHub https://github.com/jeremylong/DependencyCheck/issues/6645#issuecomment-2095941381, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAGSVQUMNAHAG3YWUA7YXI3ZA53Y5AVCNFSM6AAAAABHIXI3RGVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDAOJVHE2DCMZYGE . You are receiving this because you were mentioned.Message ID: @.***>
Validate your api key is still valid.
it is... I tested it with the curl command and I got correct answer, while if I change any character in the key I got "invalid key" (or similar). I'm missing something but what ?...
Problem solved, sorry, this was a problem with my company's firewall (Palo alto) which auto updated and was refusing the connection to nvd.nist.gov because it detected something... My Dependency Track instance suffered from the same problem silently... Beware the firewalls... :/ Thanks for your support Jeremy and sorry for the false problem.
Hello all,
since nearly a week (may the 2nd) I get the following exceptions when running the dependency-check Maven plugin (update-only goal). And the job never reaches completion. Is it expected ? Is it a problem on my setup ?
I have an NVD API token which, I think, is correctly configured.
Any help or hint is appreciated.