dependency-check-core 8.4.0 is no longer supported #330
Labels
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
{{ message }}
Describe the bug
Builds will start failing due to the plugin sbt-dependency-check --> pointing to an old version of the dependency-check-core 8.4.0 I believe.
Version of sbt-dependency-check used
addSbtPlugin("net.vonbuchholtz" % "sbt-dependency-check" % "5.1.0")
Log file
When reporting errors, 99% of the time log file output is required. Please post the log file as a gist and provide a link in the new issue.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
it should run correctly but it outputs this error:
java.lang.NullPointerException: Cannot invoke "String.toUpperCase()" because the return value of "org.owasp.dependencycheck.utils.SeverityUtil.unscoredToSeveritytext(String)" is null at templates/htmlReport.vsl[line 795, column 43]�[0m
12:47:32 �[0m[�[0m�[31merror�[0m] �[0m�[0m(�[31mdependencyCheck�[0m) org.apache.velocity.exception.MethodInvocationException: Invocation of method 'getHighestSeverityText' in class org.owasp.dependencycheck.dependency.Vulnerability threw exception java.lang.NullPointerException: Cannot invoke "String.toUpperCase()" because the return value of "org.owasp.dependencycheck.utils.SeverityUtil.unscoredToSeveritytext(String)" is null at templates/htmlReport.vsl[line 795, column 43]�[0m
I'm sure this is because of this issue here:
jeremylong/DependencyCheck#7191
Additional context
Add any other context about the problem here.
The text was updated successfully, but these errors were encountered: