Hi all.
I'm having an issue with using version 2.1.0 and was wondering if anyone else is having it.
The maven command run by the CI server is this:
mvn --batch-mode clean org.jacoco:jacoco-maven-plugin:prepare-agent install -Dmaven.test.failure.ignore=true org.owasp:dependency-check-maven:2.1.0:check org.owasp:dependency-check-maven:2.1.0:aggregate -Dformat=ALL -DskipProvidedScope=true -DautoUpdate=false -Dmaven.javadoc.failOnError=false -DnuspecAnalyzerEnabled=false -DassemblyAnalyzerEnabled=false -DnodeAnalyzerEnabled=false
The project has the following dependency:
<dependency>
<groupId>org.webjars.npm</groupId>
<artifactId>validate.js</artifactId>
<version>0.8.0</version>
</dependency>
And we get a error message like this:
build 26-Jul-2017 14:21:41 [WARNING] An error occurred while analyzing '/my/path/dctemp17e6806d-bb17-43e6-a465-37edb79f22fb/check6310213715320141921tmp/37/META-INF/resources/webjars/validate.js/0.8.0/package.json' (Node Security Platform Analyzer).
build 26-Jul-2017 14:21:41 [INFO] Finished Node Security Platform Analyzer (10 seconds)
With the -X switch it looked like it was trying to contact something, but didn't get throught the proxy (which isn't configured for it to use)
2017-07-26 09:36:47,898 org.owasp.dependencycheck.reporting.VelocityLoggerRedirect:70
DEBUG - Velocimacro : added VM writeSev: source=templates/csvReport.vsl
2017-07-26 09:36:47,905
org.owasp.dependencycheck.App:184ERROR - connect timed out
2017-07-26 09:36:47,906
org.owasp.dependencycheck.App:68DEBUG - Exit code: -14
It looks to me that it's still trying to run the nodeJS check.
Any help would be great.