当我使用Maven运行全新安装时,会出现此错误:
...
[DependencyCheck] [INFO] Processing Complete for NVD CVE - 2019 (11020 ms)
[DependencyCheck] [INFO] Processing Complete for NVD CVE - 2017 (28415 ms)
[DependencyCheck] [INFO] Processing Complete for NVD CVE - 2018 (16658 ms)
[DependencyCheck] [INFO] Download Started for NVD CVE - Modified
[DependencyCheck] [INFO] Download Complete for NVD CVE - Modified (854 ms)
[DependencyCheck] [INFO] Processing Started for NVD CVE - Modified
[DependencyCheck] [INFO] Processing Complete for NVD CVE - Modified (7572 ms)
[DependencyCheck] [INFO] Begin database maintenance
[DependencyCheck] [INFO] End database maintenance (41820 ms)
[DependencyCheck] [INFO] Skipping RetireJS update since last update was within 24 hours.
[DependencyCheck] [INFO] Begin database defrag
[DependencyCheck] [INFO] End database defrag (9641 ms)
[DependencyCheck] [INFO] Check for updates complete (205910 ms)
[DependencyCheck] [ERROR] One or more fatal errors occurred
[DependencyCheck] [ERROR] Unable to connect to the dependency-check database
这是我的maven依赖项检查插件的pom.xml配置
<plugins>
<plugin>
<groupId>org.owasp</groupId>
<artifactId>dependency-check-maven</artifactId>
<version>5.2.1</version>
<executions>
<execution>
<goals>
<goal>check</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
Jenkins的依赖项检查插件遇到了同样的问题。
我已经尝试删除本地存储库中的org/owasp/dependency-check-data文件夹,但是仍然存在问题。
答案 0 :(得分:0)
我找到了解决方法
例如,复制您的maven项目中odc.mv.db中的org/owasp/dependency-check-data文件。
并像这样更改您的插件配置
<plugin>
<groupId>org.owasp</groupId>
<artifactId>dependency-check-maven</artifactId>
<version>5.2.1</version>
<executions>
<execution>
<goals>
<goal>check</goal>
</goals>
</execution>
</executions>
<configuration>
<connectionString>jdbc:h2:file:/path-of/your/project/odc</connectionString>
</configuration>
</plugin>
应该可以