search

jfrog / jfrog-cli-security

Go module that encompasses the security commands of JFrog CLI
Apache License 2.0
5 stars 19 forks source link

Execution failed for task ':generateDepTrees' using jf audit command for gradle project. #171

Open ssantaa9 opened 3 weeks ago

ssantaa9 commented 3 weeks ago

Describe the bug

I get the error Execution failed for task ':generateDepTrees' using the jf audit command in some gradle projects. I tried with Jfrog CLI version from 2.55.0 to 2.67.0 (from other issues looks to be since 2.36.1 version), and I get the same error. The error looks to be with generateDepTrees plugin, since I tried only executing the plugin and the same error appears.

Current behavior

10:19:52 [Debug] JFrog CLI version: 2.67.0
10:19:52 [Debug] OS/Arch: linux/amd64
10:19:52 [Debug] Trace ID for JFrog Platform logs: 84c73eca43d1b8a1
10:19:52 [Debug] Sending HTTP GET request to: https://<artifactory-server>/xsc/api/v1/system/version
10:19:53 [πŸ”΅Info] Log path: /home/ubuntu/.jfrog/logs/jfrog-cli.2024-09-10.10-19-53.11851.log

πŸ’¬The β€˜jf audit’ command also supports JFrog Advanced Security features, such as 'Contextual Analysis', 'Secret Detection', 'IaC Scan' and β€˜SAST’.
This feature isn't enabled on your system. Read more - https://jfrog.com/xray/

Vulnerable Dependencies
β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚ πŸ”§ Couldn't determine a package manager or build tool used by this project πŸ”§ β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
10:20:28 [Debug] Sending an error report to JFrog analytics...
10:20:28 [Debug] Sending HTTP GET request to: https://<artifactory-server>/xsc/api/v1/system/version
10:20:29 [Debug] failed to check availability of Xsc service:server response: 404 Not Found
{
  "errors": [
    {
      "status": 404,
      "message": "Not Found"
    }
  ]
}
Reporting to JFrog analytics is skipped...
10:20:29 [πŸ”΅Info] Trace ID for JFrog Platform logs: 84c73eca43d1b8a1
10:20:29 [🚨Error] audit command in '<path/to/project>' failed:
failed while building 'gradle' dependency tree:
error running gradle-dep-tree: exit status 1

FAILURE: Build failed with an exception.

* What went wrong:
Execution failed for task ':generateDepTrees'.
> java.util.ConcurrentModificationException (no error message)

* Try:
> Run with --stacktrace option to get the stack trace.
> Run with --info or --debug option to get more log output.
> Run with --scan to get full insights.

* Get more help at https://help.gradle.org

BUILD FAILED in 1s

Reproduction steps

No response

Expected behavior

No response

JFrog CLI-Security version

Jfrog CLI version from 2.55.0 to 2.67.0 (from other issues looks to be since 2.36.1 version)

JFrog CLI version (if applicable)

No response

Operating system type and version

Ubuntu 20.04.6 LTS

JFrog Xray version

No response

moyolawal commented 4 days ago

Getting the same issue as well. Running on windows. Wonder when this will get fixed.