Build failed in Jenkins: TomEE » master-owasp-check » Apache OpenEJB #20

Fri, 15 Jan 2021 09:26:02 -0800 

See 
<https://ci-builds.apache.org/job/Tomee/job/master-owasp-check/org.apache.tomee$tomee-project/20/display/redirect?page=changes>

Changes:

[Jean-Louis Monteiro] TOMEE-2937 Make sure endDate in the past does not fail 
but puts the Timer into a state where it won't trigger


------------------------------------------
Established TCP socket on 46827
maven35-agent.jar already up to date
maven35-interceptor.jar already up to date
maven3-interceptor-commons.jar already up to date
<===[JENKINS REMOTING CAPACITY]===>   channel started
Executing Maven:  -B -f 
<https://ci-builds.apache.org/job/Tomee/job/master-owasp-check/org.apache.tomee$tomee-project/ws/pom.xml>
 -U --show-version --fail-at-end clean install -Powasp-check -DskipTests
Apache Maven 3.6.3 (cecedd343002696d0abb50b32b541b8a6ba2883f)
Maven home: /usr/local/asfpackages/maven/apache-maven-3.6.3
Java version: 1.8.0_252, vendor: Oracle Corporation, runtime: 
/usr/local/asfpackages/java/openjdk-8u252-b09/jre
Default locale: en_US, platform encoding: ISO-8859-1
OS name: "linux", version: "4.15.0-99-generic", arch: "amd64", family: "unix"
[INFO] Scanning for projects...
[WARNING] The project org.apache.tomee:tomee-project:pom:8.0.6-SNAPSHOT uses 
prerequisites which is only intended for maven-plugin projects but not for non 
maven-plugin projects. For such purposes you should use the 
maven-enforcer-plugin. See 
https://maven.apache.org/enforcer/enforcer-rules/requireMavenVersion.html
[INFO] 
[INFO] -------------------< org.apache.tomee:tomee-project >-------------------
[INFO] Building Apache OpenEJB 8.0.6-SNAPSHOT
[INFO] --------------------------------[ pom ]---------------------------------
[INFO] 
[INFO] --- maven-clean-plugin:3.1.0:clean (default-clean) @ tomee-project ---
[INFO] 
[INFO] --- maven-enforcer-plugin:1.4.1:enforce (enforce-maven-version) @ 
tomee-project ---
[INFO] 
[INFO] --- maven-remote-resources-plugin:1.5:process (process-resource-bundles) 
@ tomee-project ---
[INFO] 
[INFO] --- dependency-report-plugin:1.0.2:report (default) @ tomee-project ---
[INFO] No dependencies to report
[INFO] 
[INFO] --- maven-bundle-plugin:3.3.0:manifest (bundle-manifest) @ tomee-project 
---
[WARNING] Ignoring project type pom - supportedProjectTypes = [bundle, jar, 
maven-plugin]
[INFO] 
[INFO] --- maven-site-plugin:3.7.1:attach-descriptor (attach-descriptor) @ 
tomee-project ---
[INFO] No site descriptor found: nothing to attach.
[INFO] 
[INFO] --- dependency-check-maven:6.0.3:check (default) @ tomee-project ---
[INFO] Checking for updates
[INFO] NVD CVE requires several updates; this could take a couple of minutes.
[INFO] Download Started for NVD CVE - 2009
[INFO] Download Started for NVD CVE - 2008
[INFO] Download Complete for NVD CVE - 2009  (824 ms)
[INFO] Processing Started for NVD CVE - 2009
[INFO] Download Started for NVD CVE - 2010
[INFO] Download Complete for NVD CVE - 2008  (897 ms)
[INFO] Download Started for NVD CVE - 2011
[INFO] Processing Started for NVD CVE - 2008
[INFO] Download Complete for NVD CVE - 2010  (785 ms)
[INFO] Download Started for NVD CVE - 2012
[INFO] Processing Started for NVD CVE - 2010
[INFO] Download Complete for NVD CVE - 2011  (853 ms)
[INFO] Download Started for NVD CVE - 2013
[INFO] Processing Started for NVD CVE - 2011
[INFO] Download Complete for NVD CVE - 2012  (784 ms)
[INFO] Download Complete for NVD CVE - 2013  (809 ms)
[INFO] Processing Started for NVD CVE - 2013
[INFO] Download Started for NVD CVE - 2015
[INFO] Processing Started for NVD CVE - 2012
[INFO] Download Started for NVD CVE - 2014
[INFO] Download Complete for NVD CVE - 2014  (811 ms)
[INFO] Download Complete for NVD CVE - 2015  (841 ms)
[INFO] Processing Started for NVD CVE - 2015
[INFO] Download Started for NVD CVE - 2017
[INFO] Processing Started for NVD CVE - 2014
[INFO] Download Started for NVD CVE - 2016
[INFO] Download Complete for NVD CVE - 2016  (960 ms)
[INFO] Download Started for NVD CVE - 2018
[INFO] Processing Started for NVD CVE - 2016
[INFO] Download Complete for NVD CVE - 2017  (1038 ms)
[INFO] Download Started for NVD CVE - 2019
[INFO] Processing Started for NVD CVE - 2017
[INFO] Download Complete for NVD CVE - 2018  (852 ms)
[INFO] Download Started for NVD CVE - 2020
[INFO] Processing Started for NVD CVE - 2018
[INFO] Download Complete for NVD CVE - 2019  (846 ms)
[INFO] Download Started for NVD CVE - 2021
[INFO] Processing Started for NVD CVE - 2019
[INFO] Download Complete for NVD CVE - 2021  (384 ms)
[INFO] Processing Started for NVD CVE - 2021
[INFO] Download Complete for NVD CVE - 2020  (844 ms)
[INFO] Processing Started for NVD CVE - 2020
[INFO] Processing Complete for NVD CVE - 2021  (9649 ms)
[INFO] Processing Complete for NVD CVE - 2009  (247264 ms)
[INFO] Processing Complete for NVD CVE - 2011  (246585 ms)
[INFO] Processing Complete for NVD CVE - 2010  (256670 ms)
[INFO] Processing Complete for NVD CVE - 2012  (268762 ms)
[INFO] Processing Complete for NVD CVE - 2013  (285708 ms)
[INFO] Processing Complete for NVD CVE - 2008  (294790 ms)
[INFO] Processing Complete for NVD CVE - 2015  (298108 ms)
[INFO] Processing Complete for NVD CVE - 2014  (311606 ms)
[INFO] Processing Complete for NVD CVE - 2016  (311082 ms)
[INFO] Processing Complete for NVD CVE - 2017  (336853 ms)
[INFO] Processing Complete for NVD CVE - 2020  (335912 ms)
[INFO] Processing Complete for NVD CVE - 2019  (337261 ms)
[INFO] Processing Complete for NVD CVE - 2018  (338362 ms)
[INFO] Download Started for NVD CVE - Modified
[INFO] Download Complete for NVD CVE - Modified  (576 ms)
[INFO] Processing Started for NVD CVE - Modified
[INFO] Processing Complete for NVD CVE - Modified  (1349 ms)
[INFO] Begin database maintenance
[INFO] Updated the CPE ecosystem on 110925 NVD records
[INFO] Removed the CPE ecosystem on 3 NVD records
[INFO] Cleaned up 60 orphaned NVD records
[INFO] End database maintenance (18573 ms)
[WARNING] A new version of dependency-check is available. Consider updating to 
version 6.0.5.
[INFO] Begin database defrag
[INFO] End database defrag (4984 ms)
[INFO] Check for updates complete (376801 ms)
[INFO] 

Dependency-Check is an open source tool performing a best effort analysis of 
3rd party dependencies; false positives and false negatives may exist in the 
analysis performed by the tool. Use of the tool and the reporting provided 
constitutes acceptance for use in an AS IS condition, and there are NO 
warranties, implied or otherwise, with regard to the analysis or its use. Any 
use of the tool and the reporting provided is at the user?s risk. In no event 
shall the copyright holder or OWASP be held liable for any damages whatsoever 
arising out of or in connection with the use of this tool, the analysis 
performed, or the resulting report.


[INFO] Analysis Started
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Created CPE Index (2 seconds)
[ERROR] Unable to create an Input Stream for 
${maven.multiModuleProjectDirectory}/owasp-dc-suppression.xml
java.io.FileNotFoundException: 
${maven.multiModuleProjectDirectory}/owasp-dc-suppression.xml (No such file or 
directory)
    at java.io.FileInputStream.open0 (Native Method)
    at java.io.FileInputStream.open (FileInputStream.java:195)
    at java.io.FileInputStream.<init> (FileInputStream.java:138)
    at java.io.FileInputStream.<init> (FileInputStream.java:93)
    at org.owasp.dependencycheck.utils.FileUtils.getResourceAsStream 
(FileUtils.java:166)
    at 
org.owasp.dependencycheck.analyzer.AbstractSuppressionAnalyzer.loadSuppressionFile
 (AbstractSuppressionAnalyzer.java:218)
    at 
org.owasp.dependencycheck.analyzer.AbstractSuppressionAnalyzer.loadSuppressionData
 (AbstractSuppressionAnalyzer.java:132)
    at 
org.owasp.dependencycheck.analyzer.AbstractSuppressionAnalyzer.prepareAnalyzer 
(AbstractSuppressionAnalyzer.java:103)
    at org.owasp.dependencycheck.analyzer.CPEAnalyzer.prepareAnalyzer 
(CPEAnalyzer.java:206)
    at org.owasp.dependencycheck.analyzer.AbstractAnalyzer.prepare 
(AbstractAnalyzer.java:102)
    at org.owasp.dependencycheck.Engine.initializeAnalyzer (Engine.java:781)
    at org.owasp.dependencycheck.Engine.analyzeDependencies (Engine.java:617)
    at org.owasp.dependencycheck.maven.BaseDependencyCheckMojo.runCheck 
(BaseDependencyCheckMojo.java:1620)
    at org.owasp.dependencycheck.maven.BaseDependencyCheckMojo.execute 
(BaseDependencyCheckMojo.java:889)
    at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo 
(DefaultBuildPluginManager.java:137)
    at org.apache.maven.lifecycle.internal.MojoExecutor.execute 
(MojoExecutor.java:210)
    at org.apache.maven.lifecycle.internal.MojoExecutor.execute 
(MojoExecutor.java:156)
    at org.apache.maven.lifecycle.internal.MojoExecutor.execute 
(MojoExecutor.java:148)
    at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject 
(LifecycleModuleBuilder.java:117)
    at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject 
(LifecycleModuleBuilder.java:81)
    at 
org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build
 (SingleThreadedBuilder.java:56)
    at org.apache.maven.lifecycle.internal.LifecycleStarter.execute 
(LifecycleStarter.java:128)
    at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:305)
    at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:192)
    at org.apache.maven.DefaultMaven.execute (DefaultMaven.java:105)
    at org.jvnet.hudson.maven3.launcher.Maven35Launcher.main 
(Maven35Launcher.java:130)
    at sun.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke 
(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke 
(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke (Method.java:498)
    at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced 
(Launcher.java:282)
    at org.codehaus.plexus.classworlds.launcher.Launcher.launch 
(Launcher.java:225)
    at jenkins.maven3.agent.Maven35Main.launch (Maven35Main.java:178)
    at sun.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke 
(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke 
(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke (Method.java:498)
    at hudson.maven.Maven3Builder.call (Maven3Builder.java:139)
    at hudson.maven.Maven3Builder.call (Maven3Builder.java:70)
    at hudson.remoting.UserRequest.perform (UserRequest.java:211)
    at hudson.remoting.UserRequest.perform (UserRequest.java:54)
    at hudson.remoting.Request$2.run (Request.java:369)
    at hudson.remoting.InterceptingExecutorService$1.call 
(InterceptingExecutorService.java:72)
    at java.util.concurrent.FutureTask.run (FutureTask.java:266)
    at java.util.concurrent.ThreadPoolExecutor.runWorker 
(ThreadPoolExecutor.java:1149)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run 
(ThreadPoolExecutor.java:624)
    at java.lang.Thread.run (Thread.java:748)
[WARNING] Suppression file 
'${maven.multiModuleProjectDirectory}/owasp-dc-suppression.xml' does not exist
[ERROR] Exception occurred initializing CPE Analyzer.
[INFO] Finished CPE Analyzer (2 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[ERROR] Unable to create an Input Stream for 
${maven.multiModuleProjectDirectory}/owasp-dc-suppression.xml
java.io.FileNotFoundException: 
${maven.multiModuleProjectDirectory}/owasp-dc-suppression.xml (No such file or 
directory)
    at java.io.FileInputStream.open0 (Native Method)
    at java.io.FileInputStream.open (FileInputStream.java:195)
    at java.io.FileInputStream.<init> (FileInputStream.java:138)
    at java.io.FileInputStream.<init> (FileInputStream.java:93)
    at org.owasp.dependencycheck.utils.FileUtils.getResourceAsStream 
(FileUtils.java:166)
    at 
org.owasp.dependencycheck.analyzer.AbstractSuppressionAnalyzer.loadSuppressionFile
 (AbstractSuppressionAnalyzer.java:218)
    at 
org.owasp.dependencycheck.analyzer.AbstractSuppressionAnalyzer.loadSuppressionData
 (AbstractSuppressionAnalyzer.java:132)
    at 
org.owasp.dependencycheck.analyzer.AbstractSuppressionAnalyzer.prepareAnalyzer 
(AbstractSuppressionAnalyzer.java:103)
    at org.owasp.dependencycheck.analyzer.AbstractAnalyzer.prepare 
(AbstractAnalyzer.java:102)
    at org.owasp.dependencycheck.Engine.initializeAnalyzer (Engine.java:781)
    at org.owasp.dependencycheck.Engine.analyzeDependencies (Engine.java:617)
    at org.owasp.dependencycheck.maven.BaseDependencyCheckMojo.runCheck 
(BaseDependencyCheckMojo.java:1620)
    at org.owasp.dependencycheck.maven.BaseDependencyCheckMojo.execute 
(BaseDependencyCheckMojo.java:889)
    at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo 
(DefaultBuildPluginManager.java:137)
    at org.apache.maven.lifecycle.internal.MojoExecutor.execute 
(MojoExecutor.java:210)
    at org.apache.maven.lifecycle.internal.MojoExecutor.execute 
(MojoExecutor.java:156)
    at org.apache.maven.lifecycle.internal.MojoExecutor.execute 
(MojoExecutor.java:148)
    at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject 
(LifecycleModuleBuilder.java:117)
    at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject 
(LifecycleModuleBuilder.java:81)
    at 
org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build
 (SingleThreadedBuilder.java:56)
    at org.apache.maven.lifecycle.internal.LifecycleStarter.execute 
(LifecycleStarter.java:128)
    at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:305)
    at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:192)
    at org.apache.maven.DefaultMaven.execute (DefaultMaven.java:105)
    at org.jvnet.hudson.maven3.launcher.Maven35Launcher.main 
(Maven35Launcher.java:130)
    at sun.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke 
(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke 
(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke (Method.java:498)
    at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced 
(Launcher.java:282)
    at org.codehaus.plexus.classworlds.launcher.Launcher.launch 
(Launcher.java:225)
    at jenkins.maven3.agent.Maven35Main.launch (Maven35Main.java:178)
    at sun.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke 
(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke 
(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke (Method.java:498)
    at hudson.maven.Maven3Builder.call (Maven3Builder.java:139)
    at hudson.maven.Maven3Builder.call (Maven3Builder.java:70)
    at hudson.remoting.UserRequest.perform (UserRequest.java:211)
    at hudson.remoting.UserRequest.perform (UserRequest.java:54)
    at hudson.remoting.Request$2.run (Request.java:369)
    at hudson.remoting.InterceptingExecutorService$1.call 
(InterceptingExecutorService.java:72)
    at java.util.concurrent.FutureTask.run (FutureTask.java:266)
    at java.util.concurrent.ThreadPoolExecutor.runWorker 
(ThreadPoolExecutor.java:1149)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run 
(ThreadPoolExecutor.java:624)
    at java.lang.Thread.run (Thread.java:748)
[WARNING] Suppression file 
'${maven.multiModuleProjectDirectory}/owasp-dc-suppression.xml' does not exist
[ERROR] Exception occurred initializing Vulnerability Suppression Analyzer.
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Analysis Complete (3 seconds)

Reply via email to