-
-
Notifications
You must be signed in to change notification settings - Fork 1.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unable to perform npm audit using the maven plugin when package-lock.json generated with Node 16.x or higher #5369
Comments
Please find attached an anonymized sample of |
does it fail with a support version of ODC? https://github.com/jeremylong/DependencyCheck/security/policy#security-policy |
Hi, I have just tried with 8.0.1 version of the plugin and still getting the same error. On debug mode I get this output:
I also see this error at the end:
Thanks! |
Thank you for testing and confirming this is closed. |
Describe the bug
A clear and concise description of what the bug is.
Version of dependency-check used
The problem occurs using version 7.4.4 of the maven plugin
Log file
[ERROR] Failed to execute goal org.owasp:dependency-check-maven:7.4.4:aggregate (default) on project snapshots: One or more exceptions occurred during dependency-check analysis: One or more exceptions occurred during analysis:
[ERROR] SearchException: Could not perform Node Audit analysis. Invalid payload submitted to Node Audit API.
[ERROR] -> [Help 1]
To Reproduce
Steps to reproduce the behavior:
Expected behavior
The dependency check should be able to digest package-lock.json format that are generated with the npm versions used in node 16.x+ (lockfileVersion=2)
The text was updated successfully, but these errors were encountered: