You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Using Dependency Check maven plugin 6.5.3, it looks like it URL encodes / as %2F. e.g. pkg:npm/%40babel%2Fplugin-transform-unicode-regex@7.18.6.
POST requests to https://ossindex.sonatype.org/api/v3/component-report are returning a 500 when %2F is included.
Dependency Check logs:
[DEBUG] Requesting 1473 component-reports
[DEBUG] Requesting 128 un-cached component-reports
[DEBUG] POST https://ossindex.sonatype.org/api/v3/component-report; payload: {"coordinates":["pkg:npm/%40babel%2Fplugin-transform-unicode-regex@7.18.6","pkg:npm/%40babel%2Fplugin-syntax-jsx@7.18.6","pkg:npm/%40babel%2Fplugin-syntax-private-property-in-object@7.14.5","pkg:npm/%40babel%2Fplugin-syntax-object-rest-spread@7.8.3","pkg:npm/%40babel%2Fplugin-proposal-optional-catch-binding@7.18.6","pkg:npm/%40babel%2Fplugin-transform-function-name@7.18.9","pkg:npm/%40babel%2Fhelper-validator-identifier@7.18.6","pkg:npm/%40babel%2Fplugin-transform-unicode-escapes@7.18.10","pkg:npm/%40babel%2Fplugin-transform-shorthand-properties@7.18.6","pkg:npm/%40babel%2Fhelper-compilation-targets@7.18.9","pkg:npm/%40babel%2Fhelpers@7.18.9","pkg:npm/%40adobe%2Fcss-tools@4.0.1","pkg:npm/%40babel%2Fhelper-string-parser@7.18.10","pkg:npm/%40babel%2Fplugin-transform-duplicate-keys@7.18.9","pkg:npm/%40babel%2Fplugin-transform-flow-strip-types@7.18.9","pkg:npm/%40babel%2Fplugin-proposal-async-generator-functions@7.18.10","pkg:npm/%40babel%2Fhelper-remap-async-to-generator@7.18.9","pkg:npm/%40babel%2Fplugin-syntax-dynamic-import@7.8.3","pkg:npm/%40babel%2Fpreset-env@7.18.10","pkg:npm/%40babel%2Fplugin-proposal-export-namespace-from@7.18.9","pkg:npm/%40babel%2Fparser@7.18.11","pkg:npm/%40carbon%2Fgrid@10.43.1","pkg:npm/%40babel%2Fplugin-proposal-logical-assignment-operators@7.18.9","pkg:npm/%40babel%2Fplugin-transform-react-jsx-development@7.18.6","pkg:npm/%40babel%2Fhelper-module-transforms@7.18.9","pkg:npm/%40babel%2Fhelper-create-regexp-features-plugin@7.18.6","pkg:npm/%40babel%2Fplugin-proposal-private-methods@7.18.6","pkg:npm/%40babel%2Fhelper-simple-access@7.18.6","pkg:npm/%40babel%2Fplugin-transform-computed-properties@7.18.9","pkg:npm/%40babel%2Fhelper-create-class-features-plugin@7.18.9","pkg:npm/%40babel%2Fplugin-proposal-json-strings@7.18.6","pkg:npm/%40babel%2Fplugin-proposal-private-property-in-object@7.18.6","pkg:npm/%40babel%2Fplugin-bugfix-safari-id-destructuring-collision-in-function-expression@7.18.6","pkg:npm/%40babel%2Fplugin-syntax-import-assertions@7.18.6","pkg:npm/%40babel%2Fplugin-transform-runtime@7.18.10","pkg:npm/%40babel%2Fplugin-transform-template-literals@7.18.9","pkg:npm/%40babel%2Ftypes@7.18.10","pkg:npm/%40babel%2Fplugin-syntax-numeric-separator@7.10.4","pkg:npm/%40babel%2Fplugin-syntax-import-meta@7.10.4","pkg:npm/%40babel%2Fplugin-transform-exponentiation-operator@7.18.6","pkg:npm/%40babel%2Fhelper-function-name@7.18.9","pkg:npm/%40babel%2Fplugin-transform-classes@7.18.9","pkg:npm/%40babel%2Fhelper-split-export-declaration@7.18.6","pkg:npm/%40babel%2Fplugin-syntax-top-level-await@7.14.5","pkg:npm/%40babel%2Fplugin-transform-property-literals@7.18.6","pkg:npm/%40babel%2Fplugin-transform-arrow-functions@7.18.6","pkg:npm/%40babel%2Fcode-frame@7.18.6","pkg:npm/%40babel%2Fruntime@7.18.9","pkg:npm/%40babel%2Fhighlight@7.18.6","pkg:npm/%40babel%2Fplugin-transform-modules-amd@7.18.6","pkg:npm/%40babel%2Fhelper-optimise-call-expression@7.18.6","pkg:npm/%40babel%2Fhelper-hoist-variables@7.18.6","pkg:npm/%40babel%2Fpreset-typescript@7.18.6","pkg:npm/%40babel%2Fplugin-proposal-class-properties@7.18.6","pkg:npm/%40babel%2Fplugin-syntax-typescript@7.18.6","pkg:npm/%40babel%2Fplugin-proposal-decorators@7.18.10","pkg:npm/%40babel%2Fplugin-syntax-json-strings@7.8.3","pkg:npm/%40babel%2Fplugin-proposal-nullish-coalescing-operator@7.18.6","pkg:npm/%40babel%2Fplugin-transform-for-of@7.18.8","pkg:npm/%40babel%2Fplugin-transform-react-constant-elements@7.18.12","pkg:npm/%40babel%2Fhelper-environment-visitor@7.18.9","pkg:npm/%40babel%2Fhelper-annotate-as-pure@7.18.6","pkg:npm/%40babel%2Fcompat-data@7.18.8","pkg:npm/%40babel%2Fhelper-wrap-function@7.18.11","pkg:npm/%40babel%2Fplugin-transform-react-display-name@7.18.6","pkg:npm/%40babel%2Fplugin-syntax-decorators@7.18.6","pkg:npm/%40babel%2Fplugin-transform-object-super@7.18.6","pkg:npm/%40babel%2Ftraverse@7.18.11","pkg:npm/%40babel%2Fhelper-builder-binary-assignment-operator-visitor@7.18.9","pkg:npm/%40babel%2Fplugin-transform-typeof-symbol@7.18.9","pkg:npm/%40babel%2Fplugin-transform-destructuring@7.18.9","pkg:npm/%40babel%2Fplugin-transform-typescript@7.18.12","pkg:npm/%40babel%2Fplugin-syntax-optional-catch-binding@7.8.3","pkg:npm/%40babel%2Fplugin-transform-dotall-regex@7.18.6","pkg:npm/%40babel%2Fplugin-syntax-async-generators@7.8.4","pkg:npm/%40babel%2Fruntime-corejs3@7.18.9","pkg:npm/%40babel%2Fplugin-proposal-unicode-property-regex@7.18.6","pkg:npm/%40babel%2Fplugin-syntax-optional-chaining@7.8.3","pkg:npm/%40babel%2Fplugin-transform-parameters@7.18.8","pkg:npm/%40babel%2Fpreset-react@7.18.6","pkg:npm/%40babel%2Fplugin-proposal-dynamic-import@7.18.6","pkg:npm/%40babel%2Fplugin-transform-reserved-words@7.18.6","pkg:npm/%40apideck%2Fbetter-ajv-errors@0.3.6","pkg:npm/%40babel%2Fhelper-module-imports@7.18.6","pkg:npm/%40babel%2Fplugin-transform-spread@7.18.9","pkg:npm/%40babel%2Fpreset-modules@0.1.5","pkg:npm/%40ampproject%2Fremapping@2.2.0","pkg:npm/%40babel%2Fplugin-syntax-flow@7.18.6","pkg:npm/%40babel%2Fplugin-transform-modules-commonjs@7.18.6","pkg:npm/%40carbon%2Ffeature-flags@0.7.0","pkg:npm/%40babel%2Fcore@7.18.10","pkg:npm/%40babel%2Fhelper-validator-option@7.18.6","pkg:npm/%40babel%2Fplugin-transform-new-target@7.18.6","pkg:npm/%40babel%2Fplugin-transform-member-expression-literals@7.18.6","pkg:npm/%40babel%2Fhelper-plugin-utils@7.18.9","pkg:npm/%40babel%2Fplugin-syntax-export-namespace-from@7.8.3","pkg:npm/%40babel%2Fplugin-bugfix-v8-spread-parameters-in-optional-chaining@7.18.9","pkg:npm/%40babel%2Fplugin-syntax-nullish-coalescing-operator@7.8.3","pkg:npm/%40babel%2Ftemplate@7.18.10","pkg:npm/%40babel%2Fplugin-transform-block-scoping@7.18.9","pkg:npm/%40babel%2Fplugin-transform-block-scoped-functions@7.18.6","pkg:npm/%40babel%2Fplugin-transform-sticky-regex@7.18.6","pkg:npm/%40babel%2Fhelper-member-expression-to-functions@7.18.9","pkg:npm/%40babel%2Fplugin-syntax-bigint@7.8.3","pkg:npm/%40babel%2Fplugin-proposal-object-rest-spread@7.18.9","pkg:npm/%40bcoe%2Fv8-coverage@0.2.3","pkg:npm/%40babel%2Fplugin-proposal-optional-chaining@7.18.9","pkg:npm/%40babel%2Fplugin-transform-regenerator@7.18.6","pkg:npm/%40babel%2Fhelper-replace-supers@7.18.9","pkg:npm/%40jridgewell%2Fgen-mapping@0.1.1","pkg:npm/%40babel%2Fplugin-transform-react-pure-annotations@7.18.6","pkg:npm/%40babel%2Feslint-parser@7.18.9","pkg:npm/%40babel%2Fplugin-syntax-class-properties@7.12.13","pkg:npm/%40babel%2Fhelper-define-polyfill-provider@0.3.2","pkg:npm/%40babel%2Fhelper-skip-transparent-expression-wrappers@7.18.9","pkg:npm/%40babel%2Fplugin-transform-named-capturing-groups-regex@7.18.6","pkg:npm/%40babel%2Fplugin-syntax-class-static-block@7.14.5","pkg:npm/%40babel%2Fplugin-syntax-logical-assignment-operators@7.10.4","pkg:npm/%40babel%2Fplugin-transform-literals@7.18.9","pkg:npm/%40babel%2Fplugin-transform-async-to-generator@7.18.6","pkg:npm/%40babel%2Fplugin-proposal-numeric-separator@7.18.6","pkg:npm/%40babel%2Fplugin-transform-modules-umd@7.18.6","pkg:npm/%40carbon%2Fcolors@10.37.1","pkg:npm/%40babel%2Fplugin-proposal-class-static-block@7.18.6","pkg:npm/%40babel%2Fplugin-transform-modules-systemjs@7.18.9","pkg:npm/%40babel%2Fhelper-explode-assignable-expression@7.18.6","pkg:npm/%40babel%2Fgenerator@7.18.12","pkg:npm/%40babel%2Fplugin-transform-react-jsx@7.18.10"]} (application/vnd.ossindex.component-report-request.v1+json); accept: application/vnd.ossindex.component-report.v1+json
[DEBUG] Connecting to: https://ossindex.sonatype.org/api/v3/component-report
[DEBUG] Error requesting component reports
org.sonatype.ossindex.service.client.transport.Transport$TransportException: Unexpected response; status: 500
at org.sonatype.ossindex.service.client.transport.HttpUrlConnectionTransport.post (HttpUrlConnectionTransport.java:106)
at org.sonatype.ossindex.service.client.internal.OssindexClientImpl.doRequestComponentReports (OssindexClientImpl.java:204)
at org.sonatype.ossindex.service.client.internal.OssindexClientImpl.requestComponentReports (OssindexClientImpl.java:170)
at org.owasp.dependencycheck.analyzer.OssIndexAnalyzer.requestReports (OssIndexAnalyzer.java:212)
at org.owasp.dependencycheck.analyzer.OssIndexAnalyzer.analyzeDependency (OssIndexAnalyzer.java:140)
at org.owasp.dependencycheck.analyzer.AbstractAnalyzer.analyze (AbstractAnalyzer.java:131)
at org.owasp.dependencycheck.AnalysisTask.call (AnalysisTask.java:88)
at org.owasp.dependencycheck.AnalysisTask.call (AnalysisTask.java:37)
at java.util.concurrent.FutureTask.run (FutureTask.java:264)
at java.util.concurrent.ThreadPoolExecutor.runWorker (ThreadPoolExecutor.java:1128)
at java.util.concurrent.ThreadPoolExecutor$Worker.run (ThreadPoolExecutor.java:628)
at java.lang.Thread.run (Thread.java:871)
Apologies if this is the wrong place for this.
Using Dependency Check maven plugin 6.5.3, it looks like it URL encodes
/
as%2F
. e.g.pkg:npm/%40babel%2Fplugin-transform-unicode-regex@7.18.6
.POST requests to
https://ossindex.sonatype.org/api/v3/component-report
are returning a 500 when%2F
is included.Dependency Check logs:
Making the same request from https://ossindex.sonatype.org/rest returns 500 also.
If
%2F
's are replaced with/
's then the request is successful.To reproduce:
returns:
returns:
The text was updated successfully, but these errors were encountered: