[JIRA] (JENKINS-59076) No findings are displayed in an interactive table

10 views
Skip to first unread message

rady66@hotmail.com (JIRA)

unread,
Aug 26, 2019, 12:49:02 AM8/26/19
to jenkinsc...@googlegroups.com
Radoslav Ivanov created an issue
 
Jenkins / Bug JENKINS-59076
No findings are displayed in an interactive table
Issue Type: Bug Bug
Assignee: Unassigned
Attachments: image-2019-08-26-14-45-04-243.png
Components: dependency-check-jenkins-plugin
Created: 2019-08-26 04:48
Environment: Windows, JDK8, Jenkins 2.190, Maven 3.6 with dependency-check-maven plugin of version 5.0.0, Jenkins Dependency Check Plugin of version 5.0.2.
Priority: Critical Critical
Reporter: Radoslav Ivanov

Looks like there are plenty of result xml files ( **/dependency-check-report.xml) for the aggregated project. Some numbers are aggregated per severity obviously, however no results are displayed in the interactive table (see below). Any help will be much appreciated.

 
Add Comment Add Comment
 
This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d)

rady66@hotmail.com (JIRA)

unread,
Aug 26, 2019, 2:07:02 AM8/26/19
to jenkinsc...@googlegroups.com
Radoslav Ivanov updated an issue
Change By: Radoslav Ivanov
Environment: Windows, JDK8, Jenkins 2.190, Maven 3.6 with dependency-check-maven plugin of version 5.0.0 /5.2.1 , Jenkins Dependency Check Plugin of version 5.0.2.

steve.springett@owasp.org (JIRA)

unread,
Aug 27, 2019, 10:24:02 PM8/27/19
to jenkinsc...@googlegroups.com
Steve Springett commented on Bug JENKINS-59076
 
Re: No findings are displayed in an interactive table

I've never seen anything like this happen before. How many XML report files are there? Also, what happens when you specify a single artifact?

 

If you're using the Maven plugin, you should be using the aggregate goal which will produce a single XML report with all findings. Have you tried configuring the job to only look at that one file?

rady66@hotmail.com (JIRA)

unread,
Aug 28, 2019, 7:04:01 AM8/28/19
to jenkinsc...@googlegroups.com

Thank you for the prompt response, Steve Springett. I was using "check" goal, so changing it to "aggregate" plus pointing to the only one aggregated result xml fixed the problem.

The number of the modules is 30+, which reflects to the number of "Dependency-Check" links on the left-hand side (see the attached screenshot) when using default configuration for result files (**/dependency-check-report.xml).

I am leaving this ticket with you to decide if there is room for improvement here.

rady66@hotmail.com (JIRA)

unread,
Aug 28, 2019, 7:08:01 AM8/28/19
to jenkinsc...@googlegroups.com
Radoslav Ivanov edited a comment on Bug JENKINS-59076
Thank you for the prompt response, [~sspringett]. I was using "check" goal, so changing it to "aggregate" plus pointing to the only one aggregated result xml fixed the problem.

The number of the modules is 30+, which reflects to the number of "Dependency-Check" links on the left-hand side (see the attached screenshot) when using default configuration for result files (**/dependency-check-report.xml). Could we have out of memory/too many files here?

I am leaving this ticket with you to decide if there is room for improvement here.


PS. I am hitting one more problem and cannot build in parallel unfortunately: https://github.com/jeremylong/DependencyCheck/issues/1671
Reply all
Reply to author
Forward
0 new messages