Comments (4)
Nuget:
./devaudit nuget --file Examples/packages.config.example
+ tee /tmp/devaudit.nuget.out
_____ _______ __ __ __
| \ .-----..--.--.| _ |.--.--..--| ||__|| |_
| -- || -__|| | || || | || _ || || _|
|_____/ |_____| \___/ |___|___||_____||_____||__||____|
v0.1.19.5
05:06:10<01> [AUDIT] [STATUS] Scanning NuGet packages.
Scanning NuGet packages...Scanning NuGet packages.../- 05:06:10<01> [AUDIT] [SUCCESS] Scanned 28 NuGet packages.
Searching OSS Index for vulnerabilities for 28 packages...\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/ 05:06:20<06> [AUDIT] [ERROR] Exception thrown waiting for http task to complete in Throw.
Searching OSS Index for vulnerabilities for 28 packages... 05:06:20<06> [AUDIT] [ERROR] Exception: Exception of type 'DevAudit.AuditLibrary.OSSIndexHttpException' was thrown. at at DevAudit.AuditLibrary.OSSIndexHttpClient+<SearchVulnerabilitiesAsync>c__async6.MoveNext () [0x0026b] in <30d07cea01624328847df9cab12ef65d>:0
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw () [0x0000c] in <8f2c484307284b51944a1a13a14c0266>:0
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess (System.Threading.Tasks.Task task) [0x0004e] in <8f2c484307284b51944a1a13a14c0266>:0
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification (System.Threading.Tasks.Task task) [0x0002e] in <8f2c484307284b51944a1a13a14c0266>:0
at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd (System.Threading.Tasks.Task task) [0x0000b] in <8f2c484307284b51944a1a13a14c0266>:0
at System.Runtime.CompilerServices.TaskAwaiter`1[TResult].GetResult () [0x00000] in <8f2c484307284b51944a1a13a14c0266>:0
at DevAudit.AuditLibrary.PackageSource+<GetVulnerabiltiesApiv2>c__AnonStorey15+<GetVulnerabiltiesApiv2>c__async14.MoveNext () [0x0008b] in <30d07cea01624328847df9cab12ef65d>:0 .
Searching OSS Index for vulnerabilities for 28 packages... 05:06:20<06> [AUDIT] [WARNING] Found 0 vulnerabilities for 28 package(s) on OSS Index in 10408 ms.
Searching OSS Index for vulnerabilities for 28 packages...-
from devaudit.
I'm not able to repro the failure and from the timestamp in Jenkins both happened at the same time. An OssIndexHttpException means it most likely was a transient connectivity issue between the build machine and the OSS Index server. I will add some better printing of exception details to the CLI though.
from devaudit.
Looks like a combination of a few issues. It appears that there was a server bug which was getting triggered by my particular test, which your test run was not running across.
It is definitely worth improving the messaging somewhat to make it more clear that the server was not playing nice.
from devaudit.
The new error messaging, plus some server side improvements that reduce timeouts, are sufficient to consider this issue closed.
from devaudit.
Related Issues (20)
- Exception trying to dump CSV file HOT 1
- Chocolatey package not up to date HOT 7
- No known vulnerabilities found HOT 4
- Add authentication support for OSSI backend calls HOT 1
- Option -n causes DevAudit crash HOT 6
- Crash when detecting a nuget vulnerability in non-interactive mode HOT 9
- Is there a way to out put at standard error or success from cli? HOT 1
- Add support for new csproj file format HOT 6
- not found vulnerabilities at bootstrap v 3.4.1 HOT 1
- Hey, it's been a little while now and I am still seeing 3.3 as the latest release on the releases page. Some of the code hints at a 3.4, but it isn't there. HOT 4
- netcore Documentation and .sln support HOT 4
- Unusual .Net Core package version strings crash HOT 9
- Absolute path of DevAudit's Developer Shows in Exception message HOT 1
- Impossible to ran DevAudit from TFS Agent HOT 2
- netcore (.csproj style) fails to process versions on separate lines
- DevAudit reports vulnerability on Nuget package for lower vulnerable version not in csproj file. HOT 1
- Error in First method in GetPackages task when csproj file doesn't contain any packagereferences HOT 1
- no more postgresql audit support?
- Nuget package dependency - nearest wins in DevAudit HOT 3
- An HTTP Error Occurred
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from devaudit.