See <https://ci-builds.apache.org/job/PDFBox/job/PDFBox-Trunk-jdk25/org.apache.pdfbox$pdfbox-debugger/1422/display/redirect>
Changes: ------------------------------------------ [INFO] [INFO] -----------------< org.apache.pdfbox:pdfbox-debugger >------------------ [INFO] Building Apache PDFBox Debugger 4.0.0-SNAPSHOT [6/11] [INFO] from debugger/pom.xml [INFO] --------------------------------[ jar ]--------------------------------- [INFO] [INFO] --- clean:3.5.0:clean (default-clean) @ pdfbox-debugger --- [INFO] [INFO] --- enforcer:3.6.2:enforce (default) @ pdfbox-debugger --- [INFO] [INFO] --- enforcer:3.6.2:enforce (enforce-maven-version) @ pdfbox-debugger --- [INFO] [INFO] --- enforcer:3.6.2:enforce (enforce-java-version) @ pdfbox-debugger --- [INFO] [INFO] --- checkstyle:3.6.0:check (check) @ pdfbox-debugger --- [INFO] Starting audit... Audit done. [INFO] You have 0 Checkstyle violations. [INFO] [INFO] --- jacoco:0.8.14:prepare-agent (default) @ pdfbox-debugger --- [INFO] surefireArgLine set to -javaagent:/home/jenkins/.m2/repository/org/jacoco/org.jacoco.agent/0.8.14/org.jacoco.agent-0.8.14-runtime.jar=destfile=<https://ci-builds.apache.org/job/PDFBox/job/PDFBox-Trunk-jdk25/org.apache.pdfbox$pdfbox-debugger/ws/target/jacoco.exec> [INFO] [INFO] --- remote-resources:3.3.0:process (process-resource-bundles) @ pdfbox-debugger --- [INFO] Preparing remote bundle org.apache.apache.resources:apache-jar-resource-bundle:1.7 [INFO] Copying 3 resources from 1 bundle. [INFO] [INFO] --- resources:3.4.0:resources (default-resources) @ pdfbox-debugger --- [INFO] Copying 15 resources from src/main/resources to target/classes [INFO] Copying 3 resources from target/maven-shared-archive-resources to target/classes [INFO] [INFO] --- compiler:3.14.1:compile (default-compile) @ pdfbox-debugger --- [INFO] Recompiling the module because of changed dependency. [INFO] Compiling 89 source files with javac [debug deprecation release 11] to target/classes [INFO] PluginProcessor: writing plugin descriptor for 1 Log4j Plugins to `META-INF/org/apache/logging/log4j/core/config/plugins/Log4j2Plugins.dat`. [INFO] GraalVmProcessor: writing GraalVM metadata for 1 Java classes to `META-INF/native-image/log4j-generated/org.apache.pdfbox/pdfbox-debugger/reflect-config.json`. [WARNING] <https://ci-builds.apache.org/job/PDFBox/job/PDFBox-Trunk-jdk25/org.apache.pdfbox$pdfbox-debugger/ws/src/main/java/org/apache/pdfbox/debugger/fontencodingpane/Type3Font.java>:[190,19] appendRawCommands(byte[]) in org.apache.pdfbox.pdmodel.PDPageContentStream has been deprecated [INFO] [INFO] --- resources:3.4.0:testResources (default-testResources) @ pdfbox-debugger --- [INFO] skip non existing resourceDirectory <https://ci-builds.apache.org/job/PDFBox/job/PDFBox-Trunk-jdk25/org.apache.pdfbox$pdfbox-debugger/ws/src/test/resources> [INFO] Copying 3 resources from target/maven-shared-archive-resources to target/test-classes [INFO] [INFO] --- compiler:3.14.1:testCompile (default-testCompile) @ pdfbox-debugger --- [INFO] No sources to compile [INFO] [INFO] --- surefire:3.5.4:test (default-test) @ pdfbox-debugger --- [JENKINS] Recording test results [INFO] [INFO] --- jacoco:0.8.14:report (report) @ pdfbox-debugger --- [INFO] Skipping JaCoCo execution due to missing execution data file. [INFO] [INFO] --- jar:3.5.0:jar (default-jar) @ pdfbox-debugger --- [INFO] Building jar: <https://ci-builds.apache.org/job/PDFBox/job/PDFBox-Trunk-jdk25/org.apache.pdfbox$pdfbox-debugger/ws/target/pdfbox-debugger-4.0.0-SNAPSHOT.jar> [INFO] [INFO] --- source:3.4.0:jar-no-fork (attach-sources) @ pdfbox-debugger --- [INFO] Skipping source per configuration. [INFO] [INFO] --- apache-rat:0.17:check (default) @ pdfbox-debugger --- [WARNING] Basedir is : <https://ci-builds.apache.org/job/PDFBox/job/PDFBox-Trunk-jdk25/org.apache.pdfbox$pdfbox-debugger/ws/> [INFO] Excluding patterns: release.properties, .github/workflows/codeql-analysis.yml [INFO] Excluding MAVEN collection. [INFO] Excluding ECLIPSE collection. [INFO] Excluding IDEA collection. [INFO] Processing exclude file from STANDARD_SCMS. [INFO] Excluding STANDARD_SCMS collection. [INFO] Excluding MISC collection. [INFO] Excluding HIDDEN_DIR collection. [INFO] RAT summary: [INFO] Approved: 91 [INFO] Archives: 0 [INFO] Binaries: 14 [INFO] Document types: 3 [INFO] Ignored: 1 [INFO] License categories: 1 [INFO] License names: 1 [INFO] Notices: 0 [INFO] Standards: 91 [INFO] Unapproved: 0 [INFO] Unknown: 0 [INFO] [INFO] --- dependency-check:12.2.0:check (default) @ pdfbox-debugger --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (272 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html [INFO] Analysis Started [INFO] Finished Archive Analyzer (0 seconds) [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Jar Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (2 seconds) [INFO] Writing HTML report to: <https://ci-builds.apache.org/job/PDFBox/job/PDFBox-Trunk-jdk25/org.apache.pdfbox$pdfbox-debugger/ws/target/dependency-check-report.html> [WARNING] One or more dependencies were identified with known vulnerabilities in Apache PDFBox Debugger: jbig2-imageio-3.0.4.jar (pkg:maven/org.apache.pdfbox/[email protected], cpe:2.3:a:apache:pdfbox:3.0.4:*:*:*:*:*:*:*) : CVE-2026-23907 See the dependency-check report for more details. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
