14:28:29 Started by GitHub push by andreapoli 14:28:29 Running as SYSTEM 14:28:29 Building in workspace /var/lib/jenkins/workspace/GovWay 14:28:29 [WS-CLEANUP] Clean-up disabled, skipping workspace deletion. 14:28:29 The recommended git tool is: NONE 14:28:29 No credentials specified 14:28:29 > /usr/bin/git rev-parse --resolve-git-dir /var/lib/jenkins/workspace/GovWay/.git # timeout=10 14:28:29 Fetching changes from the remote Git repository 14:28:29 > /usr/bin/git config remote.origin.url https://github.com/link-it/govway.git # timeout=10 14:28:29 Fetching upstream changes from https://github.com/link-it/govway.git 14:28:29 > /usr/bin/git --version # timeout=10 14:28:29 > git --version # 'git version 2.23.1' 14:28:29 > /usr/bin/git fetch --tags --force --progress -- https://github.com/link-it/govway.git +refs/heads/*:refs/remotes/origin/* # timeout=10 14:28:29 > /usr/bin/git rev-parse origin/master^{commit} # timeout=10 14:28:29 Checking out Revision 7c79f4d4afbf948641091d8af825d3804533bd36 (origin/master) 14:28:29 > /usr/bin/git config core.sparsecheckout # timeout=10 14:28:29 > /usr/bin/git checkout -f 7c79f4d4afbf948641091d8af825d3804533bd36 # timeout=10 14:28:30 Commit message: "[GovWayCore] Aggiunta una nuova metrica utilizzabile nelle politiche di Rate Limiting: "Numero completato con successo o fault applicativo"" 14:28:30 > /usr/bin/git rev-list --no-walk f648fefc399af165d1073321432a5b3dbfcc1d3c # timeout=10 14:28:30 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 14:28:30 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 14:28:30 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 14:28:30 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 14:28:30 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 14:28:30 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 14:28:30 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 14:28:30 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 14:28:30 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 14:28:30 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 14:28:30 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 14:28:30 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 14:28:30 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 14:28:30 [GovWay] $ /bin/bash /tmp/jenkins14045633679648081583.sh 14:28:30 ============================= 14:28:30 General Info 14:28:30 Workspace: /var/lib/jenkins/workspace/GovWay 14:28:30 Build: true 14:28:30 Deploy: true 14:28:30 Test: true 14:28:30 Test Integrazione: true 14:28:30 ============================= 14:28:30 14:28:30 ============================= 14:28:30 Environment Info 14:28:30 HOME: /var/lib/jenkins 14:28:30 ANT_OPTS: -Xmx512m -XX:MaxMetaspaceSize=700m -XX:+UseG1GC 14:28:30 MAVEN_OPTS: 14:28:30 SOFTHSM2_CONF: /home/ec2-user/lib/softhsm/softhsm2.conf 14:28:30 SONAR_SCANNER_OPTS: 14:28:30 ============================= 14:28:30 14:28:30 ============================= 14:28:30 Java 14:28:30 openjdk version "11.0.12" 2021-07-20 14:28:30 OpenJDK Runtime Environment 18.9 (build 11.0.12+7) 14:28:30 OpenJDK 64-Bit Server VM 18.9 (build 11.0.12+7, mixed mode) 14:28:30 ============================= 14:28:30 14:28:30 ============================= 14:28:30 Git Info 14:28:30 Url: https://github.com/link-it/govway.git 14:28:30 branch: origin/master 14:28:30 commit: 7c79f4d4afbf948641091d8af825d3804533bd36 14:28:30 previuos commit: f648fefc399af165d1073321432a5b3dbfcc1d3c 14:28:30 previuos successful commit: aec62fd962fb51074e89d6bfff1ad7f9b954f1a0 14:28:30 commit message: [GovWayCore] 14:28:30 Aggiunta una nuova metrica utilizzabile nelle politiche di Rate Limiting: "Numero completato con successo o fault applicativo" 14:28:30 ============================= 14:28:30 14:28:30 ============================= 14:28:30 NODEjs Info 14:28:30 v18.17.1 14:28:30 { 14:28:30 npm: '9.6.7', 14:28:30 node: '18.17.1', 14:28:30 acorn: '8.8.2', 14:28:30 ada: '2.5.0', 14:28:30 ares: '1.19.1', 14:28:30 brotli: '1.0.9', 14:28:30 cldr: '43.0', 14:28:30 icu: '73.1', 14:28:30 llhttp: '6.0.11', 14:28:30 modules: '108', 14:28:30 napi: '9', 14:28:30 nghttp2: '1.52.0', 14:28:30 nghttp3: '0.7.0', 14:28:30 ngtcp2: '0.8.1', 14:28:30 openssl: '3.0.10+quic', 14:28:30 simdutf: '3.2.12', 14:28:30 tz: '2023c', 14:28:30 undici: '5.22.1', 14:28:30 unicode: '15.0', 14:28:30 uv: '1.44.2', 14:28:30 uvwasi: '0.0.18', 14:28:30 v8: '10.2.154.26-node.26', 14:28:30 zlib: '1.2.13.1-motley' 14:28:30 } 14:28:30 ============================= 14:28:30 14:28:30 ============================= 14:28:30 OWASP ZAP Info 'ZAP_2.15.0' 14:28:30 Associo diritti di esecuzione agli script zap ... 14:28:30 Associati diritti di esecuzione agli script zap 14:28:30 Update ... 14:28:30 Execute: /opt/openjdk-11.0.12_7//bin/java -classpath /opt/zaproxy/ZAP_2.15.0/*:/opt/zaproxy/ZAP_2.15.0/lib/* org.zaproxy.zap.ZAP -cmd -addonupdate -port 8280 -host 127.0.0.1 14:28:31 Defaulting ZAP install dir to /opt/zaproxy/ZAP_2.15.0 14:28:45 Add-on update check complete 14:28:50 Update effettuato 14:28:50 ============================= 14:28:50 14:28:50 14:28:50 14:28:50 Fermo application server ... 14:28:50 [00;31mTomcat is not running[00m 14:28:50 Fermo application server effettuato 14:28:50 Ripulisco log application server ... 14:28:50 Ripulisco log application server effettuato 14:28:50 Predispongo dir testsuite ... 14:28:50 Predispongo dir testsuite ok 14:28:50 Ripulisco output jacoco ... 14:28:51 Ripulisco output jacoco effettuato 14:28:51 Fermo sonarqube ... 14:28:51 14:28:51 Gracefully stopping SonarQube... 14:28:51 SonarQube was not running. 14:28:51 Fermo sonarqube effettuato 14:28:51 Verifico che il workspace non esista ... 14:28:51 Non e' stata rilevata una corretta re-inizializzazione del Workspace 14:28:51 [Boolean condition] checking [true] against [^(1|y|yes|t|true|on|run)$] (origin token: ${GOVWAY_BUILD}) 14:28:51 Run condition [Boolean condition] enabling perform for step [BuilderChain] 14:28:51 [GovWay] $ /bin/sh -xe /tmp/jenkins16820759960197645461.sh 14:28:51 + perl -pi -e s/log4bash.appender=ColorConsoleAppender/log4bash.appender=ConsoleAppender/g /var/lib/jenkins/workspace/GovWay/distrib/log4bash.properties 14:28:51 + sed -i -e 's#<module>swagger-codegen</module>##g' /var/lib/jenkins/workspace/GovWay/mvn/dependencies/pom.xml 14:28:51 + sed -i -e s#UPDATE_DOC=true#UPDATE_DOC=false#g /var/lib/jenkins/workspace/GovWay/distrib/distrib.sh 14:28:51 + sed -i -e s#DB_VERSION=postgresql,mysql,oracle,hsql,sqlserver,db2#DB_VERSION=postgresql,mysql,oracle,hsql,sqlserver#g /var/lib/jenkins/workspace/GovWay/ant/setup/prepare-build.properties 14:28:51 + sed -i -e 's#<dependencies.soapbox>false</dependencies.soapbox>#<dependencies.soapbox>true</dependencies.soapbox>#g' /var/lib/jenkins/workspace/GovWay/pom.xml 14:28:51 [GovWay] $ /opt/apache-maven-3.6.3/bin/mvn initialize 14:28:53 [INFO] Scanning for projects... 14:28:53 [INFO] ------------------------------------------------------------------------ 14:28:53 [INFO] Reactor Build Order: 14:28:53 [INFO] 14:28:53 [INFO] govway [pom] 14:28:53 [INFO] dependencies [pom] 14:28:53 [INFO] dependencies.ant [pom] 14:28:53 [INFO] dependencies.antinstaller [pom] 14:28:53 [INFO] dependencies.axiom [pom] 14:28:53 [INFO] dependencies.bean-validation [pom] 14:28:53 [INFO] dependencies.cxf [pom] 14:28:53 [INFO] dependencies.commons [pom] 14:28:53 [INFO] dependencies.faces [pom] 14:28:53 [INFO] dependencies.git [pom] 14:28:53 [INFO] dependencies.httpcore [pom] 14:28:53 [INFO] dependencies.jackson [pom] 14:28:53 [INFO] dependencies.javax [pom] 14:28:53 [INFO] dependencies.jax [pom] 14:28:53 [INFO] dependencies.jetty [pom] 14:28:53 [INFO] dependencies.jminix [pom] 14:28:53 [INFO] dependencies.json [pom] 14:28:53 [INFO] dependencies.log [pom] 14:28:53 [INFO] dependencies.lucene [pom] 14:28:53 [INFO] dependencies.openapi4j [pom] 14:28:53 [INFO] dependencies.opensaml [pom] 14:28:53 [INFO] dependencies.pdf [pom] 14:28:53 [INFO] dependencies.redis [pom] 14:28:53 [INFO] dependencies.reports [pom] 14:28:53 [INFO] dependencies.saaj [pom] 14:28:53 [INFO] dependencies.security [pom] 14:28:53 [INFO] dependencies.shared [pom] 14:28:53 [INFO] dependencies.spring [pom] 14:28:53 [INFO] dependencies.spring-ldap [pom] 14:28:53 [INFO] dependencies.spring-security [pom] 14:28:53 [INFO] dependencies.swagger [pom] 14:28:53 [INFO] dependencies.wadl [pom] 14:28:53 [INFO] dependencies.wss4j [pom] 14:28:53 [INFO] dependencies.testsuite [pom] 14:28:53 [INFO] dependencies.testsuite.axis14 [pom] 14:28:53 [INFO] dependencies.testsuite.as [pom] 14:28:53 [INFO] dependencies.testsuite.as.wildfly9 [pom] 14:28:53 [INFO] dependencies.testsuite.as.wildfly10 [pom] 14:28:53 [INFO] dependencies.testsuite.as.wildfly11 [pom] 14:28:53 [INFO] dependencies.testsuite.as.wildfly12 [pom] 14:28:53 [INFO] dependencies.testsuite.as.wildfly13 [pom] 14:28:53 [INFO] dependencies.testsuite.as.wildfly14 [pom] 14:28:53 [INFO] dependencies.testsuite.as.wildfly15 [pom] 14:28:53 [INFO] dependencies.testsuite.as.wildfly16 [pom] 14:28:53 [INFO] dependencies.testsuite.as.wildfly17 [pom] 14:28:53 [INFO] dependencies.testsuite.as.wildfly18 [pom] 14:28:53 [INFO] dependencies.testsuite.as.wildfly19 [pom] 14:28:53 [INFO] dependencies.testsuite.as.wildfly20 [pom] 14:28:53 [INFO] dependencies.testsuite.as.wildfly21 [pom] 14:28:53 [INFO] dependencies.testsuite.as.wildfly22 [pom] 14:28:53 [INFO] dependencies.testsuite.as.wildfly23 [pom] 14:28:53 [INFO] dependencies.testsuite.as.wildfly24 [pom] 14:28:53 [INFO] dependencies.testsuite.as.wildfly25 [pom] 14:28:53 [INFO] dependencies.testsuite.as.wildfly26 [pom] 14:28:53 [INFO] dependencies.testsuite.as.tomcat9 [pom] 14:28:53 [INFO] dependencies.testsuite.test [pom] 14:28:53 [INFO] dependencies.testsuite.staticAnalysis [pom] 14:28:53 [INFO] dependencies.testsuite.dynamicAnalysis [pom] 14:28:53 [INFO] dependencies.testsuite.coverage [pom] 14:28:53 [INFO] compile [pom] 14:28:53 [INFO] package [pom] 14:28:53 [INFO] testsuite.utils [pom] 14:28:53 [INFO] testsuite.utils.sql [pom] 14:28:53 [INFO] testsuite.pdd.core [pom] 14:28:53 [INFO] testsuite.pdd.core.sql [pom] 14:28:53 [INFO] static_analysis.spotbugs [pom] 14:28:53 [INFO] static_analysis.sonarqube [pom] 14:28:53 [INFO] dynamic_analysis.zap [pom] 14:28:53 [INFO] coverage.jacoco [pom] 14:28:53 [INFO] 14:28:53 [INFO] ------------------< org.openspcoop2:org.openspcoop2 >------------------- 14:28:53 [INFO] Building govway 1.0 [1/69] 14:28:53 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:53 [INFO] 14:28:53 [INFO] ------------< org.openspcoop2:org.openspcoop2.dependencies >------------ 14:28:53 [INFO] Building dependencies 1.0 [2/69] 14:28:53 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:53 [INFO] 14:28:53 [INFO] ----------------< org.openspcoop2:org.openspcoop2.ant >----------------- 14:28:53 [INFO] Building dependencies.ant 1.0 [3/69] 14:28:53 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:53 [INFO] 14:28:53 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.ant --- 14:28:53 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/ant (includes = [*.jar], excludes = []) 14:28:53 [INFO] 14:28:53 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.ant --- 14:28:54 [INFO] 14:28:54 [INFO] ------------< org.openspcoop2:org.openspcoop2.antinstaller >------------ 14:28:54 [INFO] Building dependencies.antinstaller 1.0 [4/69] 14:28:54 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:54 [INFO] 14:28:54 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.antinstaller --- 14:28:54 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/antinstaller (includes = [*.jar], excludes = []) 14:28:54 [INFO] 14:28:54 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.antinstaller --- 14:28:54 [INFO] 14:28:54 [INFO] ---------------< org.openspcoop2:org.openspcoop2.axiom >---------------- 14:28:54 [INFO] Building dependencies.axiom 1.0 [5/69] 14:28:54 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:55 [INFO] 14:28:55 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.axiom --- 14:28:55 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axiom (includes = [*.jar], excludes = []) 14:28:55 [INFO] 14:28:55 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.axiom --- 14:28:55 [INFO] 14:28:55 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.axiom --- 14:28:55 [INFO] Executing tasks 14:28:55 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-api-1.2.13.jar 14:28:55 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-dom-1.2.13.jar 14:28:55 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-impl-1.2.13.jar 14:28:55 [INFO] Executed tasks 14:28:55 [INFO] 14:28:55 [INFO] ----------< org.openspcoop2:org.openspcoop2.bean-validation >----------- 14:28:55 [INFO] Building dependencies.bean-validation 1.0 [6/69] 14:28:55 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:55 [INFO] 14:28:55 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.bean-validation --- 14:28:55 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/bean-validation (includes = [*.jar], excludes = []) 14:28:55 [INFO] 14:28:55 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.bean-validation --- 14:28:55 [INFO] 14:28:55 [INFO] ----------------< org.openspcoop2:org.openspcoop2.cxf >----------------- 14:28:55 [INFO] Building dependencies.cxf 1.0 [7/69] 14:28:55 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:55 [INFO] 14:28:55 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.cxf --- 14:28:55 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/cxf (includes = [*.jar], excludes = []) 14:28:55 [INFO] 14:28:55 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.cxf --- 14:28:55 [INFO] 14:28:55 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.cxf --- 14:28:55 [INFO] Executing tasks 14:28:55 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-core-3.6.4.jar 14:28:55 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-security-jose-3.6.4.jar 14:28:55 [INFO] Executed tasks 14:28:55 [INFO] 14:28:55 [INFO] --------------< org.openspcoop2:org.openspcoop2.commons >--------------- 14:28:55 [INFO] Building dependencies.commons 1.0 [8/69] 14:28:55 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:55 [INFO] 14:28:55 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.commons --- 14:28:55 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/commons (includes = [*.jar], excludes = []) 14:28:55 [INFO] 14:28:55 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.commons --- 14:28:55 [INFO] 14:28:55 [INFO] ---------------< org.openspcoop2:org.openspcoop2.faces >---------------- 14:28:55 [INFO] Building dependencies.faces 1.0 [9/69] 14:28:55 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:55 [INFO] 14:28:55 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.faces --- 14:28:55 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/faces (includes = [*.jar], excludes = []) 14:28:55 [INFO] 14:28:55 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.faces --- 14:28:55 [INFO] 14:28:55 [INFO] ----------------< org.openspcoop2:org.openspcoop2.git >----------------- 14:28:55 [INFO] Building dependencies.git 1.0 [10/69] 14:28:55 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:55 [INFO] 14:28:55 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.git --- 14:28:55 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/git (includes = [*.jar], excludes = []) 14:28:55 [INFO] 14:28:55 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.git --- 14:28:55 [INFO] 14:28:55 [INFO] --------------< org.openspcoop2:org.openspcoop2.httpcore >-------------- 14:28:55 [INFO] Building dependencies.httpcore 1.0 [11/69] 14:28:55 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:56 [INFO] 14:28:56 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.httpcore --- 14:28:56 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/httpcore (includes = [*.jar], excludes = []) 14:28:56 [INFO] 14:28:56 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.httpcore --- 14:28:56 [INFO] 14:28:56 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.httpcore --- 14:28:56 [INFO] Executing tasks 14:28:56 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpcore-ab-4.4.15.jar 14:28:56 [INFO] Executed tasks 14:28:56 [INFO] 14:28:56 [INFO] --------------< org.openspcoop2:org.openspcoop2.jackson >--------------- 14:28:56 [INFO] Building dependencies.jackson 1.0 [12/69] 14:28:56 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:56 [INFO] 14:28:56 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jackson --- 14:28:56 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jackson (includes = [*.jar], excludes = []) 14:28:56 [INFO] 14:28:56 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jackson --- 14:28:56 [INFO] 14:28:56 [INFO] ---------------< org.openspcoop2:org.openspcoop2.javax >---------------- 14:28:56 [INFO] Building dependencies.javax 1.0 [13/69] 14:28:56 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:56 [INFO] 14:28:56 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.javax --- 14:28:56 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/javax (includes = [*.jar], excludes = []) 14:28:56 [INFO] 14:28:56 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.javax --- 14:28:56 [INFO] 14:28:56 [INFO] ----------------< org.openspcoop2:org.openspcoop2.jax >----------------- 14:28:56 [INFO] Building dependencies.jax 1.0 [14/69] 14:28:56 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:56 [INFO] 14:28:56 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jax --- 14:28:56 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jax (includes = [*.jar], excludes = []) 14:28:56 [INFO] 14:28:56 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jax --- 14:28:56 [INFO] 14:28:56 [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.jax --- 14:28:56 [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/jax/jsr181-api-1.0-MR1.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxws-jsr181-api-2.3.1.jar 14:28:56 [INFO] 14:28:56 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jax --- 14:28:56 [INFO] Executing tasks 14:28:56 [INFO] Executed tasks 14:28:56 [INFO] 14:28:56 [INFO] ---------------< org.openspcoop2:org.openspcoop2.jetty >---------------- 14:28:56 [INFO] Building dependencies.jetty 1.0 [15/69] 14:28:56 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:56 [INFO] 14:28:56 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jetty --- 14:28:56 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jetty (includes = [*.jar], excludes = []) 14:28:56 [INFO] 14:28:56 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jetty --- 14:28:56 [INFO] 14:28:56 [INFO] ---------------< org.openspcoop2:org.openspcoop2.jminix >--------------- 14:28:56 [INFO] Building dependencies.jminix 1.0 [16/69] 14:28:56 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:56 [INFO] 14:28:56 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jminix --- 14:28:56 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jminix (includes = [*.jar], excludes = []) 14:28:56 [INFO] 14:28:56 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jminix --- 14:28:56 [INFO] 14:28:56 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jminix --- 14:28:56 [INFO] Executing tasks 14:28:56 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/jminix/jminix-1.2.0.jar 14:28:56 [INFO] Executed tasks 14:28:56 [INFO] 14:28:56 [INFO] ----------------< org.openspcoop2:org.openspcoop2.json >---------------- 14:28:56 [INFO] Building dependencies.json 1.0 [17/69] 14:28:56 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:56 [INFO] 14:28:56 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.json --- 14:28:56 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/json (includes = [*.jar], excludes = []) 14:28:56 [INFO] 14:28:56 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.json --- 14:28:56 [INFO] 14:28:56 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.json --- 14:28:56 [INFO] Executing tasks 14:28:56 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/json/json-path-2.9.0.jar 14:28:56 [INFO] Executed tasks 14:28:56 [INFO] 14:28:56 [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.json --- 14:28:56 [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/json/json-schema-validator-1.0.73.jar to /var/lib/jenkins/workspace/GovWay/lib/json/networknt_json-schema-validator-1.0.73.jar 14:28:56 [INFO] 14:28:56 [INFO] ----------------< org.openspcoop2:org.openspcoop2.log >----------------- 14:28:56 [INFO] Building dependencies.log 1.0 [18/69] 14:28:56 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:56 [INFO] 14:28:56 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.log --- 14:28:56 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/log (includes = [*.jar], excludes = []) 14:28:56 [INFO] 14:28:56 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.log --- 14:28:56 [INFO] 14:28:56 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.log --- 14:28:56 [INFO] Executing tasks 14:28:56 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/log/slf4j-api-2.0.16.jar 14:28:56 [INFO] Executed tasks 14:28:56 [INFO] 14:28:56 [INFO] ---------------< org.openspcoop2:org.openspcoop2.lucene >--------------- 14:28:56 [INFO] Building dependencies.lucene 1.0 [19/69] 14:28:56 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:56 [INFO] 14:28:56 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.lucene --- 14:28:56 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/lucene (includes = [*.jar], excludes = []) 14:28:56 [INFO] 14:28:56 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.lucene --- 14:28:56 [INFO] 14:28:56 [INFO] -------------< org.openspcoop2:org.openspcoop2.openapi4j >-------------- 14:28:56 [INFO] Building dependencies.openapi4j 1.0 [20/69] 14:28:56 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:56 [INFO] 14:28:56 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.openapi4j --- 14:28:56 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/openapi4j (includes = [*.jar], excludes = []) 14:28:56 [INFO] 14:28:56 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.openapi4j --- 14:28:56 [INFO] 14:28:56 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.openapi4j --- 14:28:56 [INFO] Executing tasks 14:28:56 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-core-1.0.7.jar 14:28:56 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-parser-1.0.7.jar 14:28:56 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-schema-validator-1.0.7.jar 14:28:56 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-operation-validator-1.0.7.jar 14:28:56 [INFO] Executed tasks 14:28:56 [INFO] 14:28:56 [INFO] --------------< org.openspcoop2:org.openspcoop2.opensaml >-------------- 14:28:56 [INFO] Building dependencies.opensaml 1.0 [21/69] 14:28:56 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:56 [INFO] 14:28:56 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.opensaml --- 14:28:56 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/opensaml (includes = [*.jar], excludes = []) 14:28:56 [INFO] 14:28:56 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.opensaml --- 14:28:56 [INFO] 14:28:56 [INFO] ----------------< org.openspcoop2:org.openspcoop2.pdf >----------------- 14:28:56 [INFO] Building dependencies.pdf 1.0 [22/69] 14:28:56 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:56 [INFO] 14:28:56 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.pdf --- 14:28:56 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/pdf (includes = [*.jar], excludes = []) 14:28:56 [INFO] 14:28:56 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.pdf --- 14:28:56 [INFO] 14:28:56 [INFO] ---------------< org.openspcoop2:org.openspcoop2.redis >---------------- 14:28:56 [INFO] Building dependencies.redis 1.0 [23/69] 14:28:56 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:57 [INFO] 14:28:57 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.redis --- 14:28:57 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/redis (includes = [*.jar], excludes = []) 14:28:57 [INFO] 14:28:57 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.redis --- 14:28:57 [INFO] 14:28:57 [INFO] --------------< org.openspcoop2:org.openspcoop2.reports >--------------- 14:28:57 [INFO] Building dependencies.reports 1.0 [24/69] 14:28:57 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:57 [INFO] 14:28:57 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.reports --- 14:28:57 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/reports (includes = [*.jar], excludes = []) 14:28:57 [INFO] 14:28:57 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.reports --- 14:28:57 [INFO] 14:28:57 [INFO] ----------------< org.openspcoop2:org.openspcoop2.saaj >---------------- 14:28:57 [INFO] Building dependencies.saaj 1.0 [25/69] 14:28:57 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:57 [INFO] 14:28:57 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.saaj --- 14:28:57 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/saaj (includes = [*.jar], excludes = []) 14:28:57 [INFO] 14:28:57 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.saaj --- 14:28:57 [INFO] 14:28:57 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.saaj --- 14:28:57 [INFO] Executing tasks 14:28:57 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/saaj/saaj-impl-1.5.3.jar 14:28:57 [INFO] Executed tasks 14:28:57 [INFO] 14:28:57 [INFO] --------------< org.openspcoop2:org.openspcoop2.security >-------------- 14:28:57 [INFO] Building dependencies.security 1.0 [26/69] 14:28:57 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:57 [INFO] 14:28:57 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.security --- 14:28:57 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/security (includes = [*.jar], excludes = []) 14:28:57 [INFO] 14:28:57 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.security --- 14:28:57 [INFO] 14:28:57 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.security --- 14:28:57 [INFO] Executing tasks 14:28:57 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/security/xmlsec-2.3.4.jar 14:28:57 [INFO] Executed tasks 14:28:57 [INFO] 14:28:57 [INFO] ---------------< org.openspcoop2:org.openspcoop2.shared >--------------- 14:28:57 [INFO] Building dependencies.shared 1.0 [27/69] 14:28:57 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:57 [INFO] 14:28:57 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.shared --- 14:28:57 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/shared (includes = [*.jar], excludes = []) 14:28:57 [INFO] 14:28:57 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.shared --- 14:28:57 [INFO] 14:28:57 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.shared --- 14:28:57 [INFO] Executing tasks 14:28:57 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/commons-jcs3-core-3.1.jar 14:28:57 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/Saxon-HE-11.4.jar 14:28:57 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/snakeyaml-1.33.jar 14:28:57 [INFO] Executed tasks 14:28:57 [INFO] 14:28:57 [INFO] ---------------< org.openspcoop2:org.openspcoop2.spring >--------------- 14:28:57 [INFO] Building dependencies.spring 1.0 [28/69] 14:28:57 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:57 [INFO] 14:28:57 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring --- 14:28:57 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring (includes = [*.jar], excludes = []) 14:28:57 [INFO] 14:28:57 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring --- 14:28:57 [INFO] 14:28:57 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.spring --- 14:28:57 [INFO] Executing tasks 14:28:57 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-beans-5.3.39.jar 14:28:57 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-5.3.39.jar 14:28:57 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-support-5.3.39.jar 14:28:57 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-core-5.3.39.jar 14:28:57 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-expression-5.3.39.jar 14:28:57 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-web-5.3.39.jar 14:28:57 [INFO] Executed tasks 14:28:57 [INFO] 14:28:57 [INFO] ------------< org.openspcoop2:org.openspcoop2.spring-ldap >------------- 14:28:57 [INFO] Building dependencies.spring-ldap 1.0 [29/69] 14:28:57 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:57 [INFO] 14:28:57 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-ldap --- 14:28:57 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-ldap (includes = [*.jar], excludes = []) 14:28:57 [INFO] 14:28:57 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-ldap --- 14:28:57 [INFO] 14:28:57 [INFO] ----------< org.openspcoop2:org.openspcoop2.spring-security >----------- 14:28:57 [INFO] Building dependencies.spring-security 1.0 [30/69] 14:28:57 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:57 [INFO] 14:28:57 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-security --- 14:28:57 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-security (includes = [*.jar], excludes = []) 14:28:57 [INFO] 14:28:57 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-security --- 14:28:57 [INFO] 14:28:57 [INFO] --------------< org.openspcoop2:org.openspcoop2.swagger >--------------- 14:28:57 [INFO] Building dependencies.swagger 1.0 [31/69] 14:28:57 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:57 [INFO] 14:28:57 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.swagger --- 14:28:57 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/swagger (includes = [*.jar], excludes = []) 14:28:57 [INFO] 14:28:57 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.swagger --- 14:28:57 [INFO] 14:28:57 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.swagger --- 14:28:57 [INFO] Executing tasks 14:28:57 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-parser-v3-2.1.6.jar 14:28:57 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-request-validator-core-2.30.0.jar 14:28:57 [INFO] Executed tasks 14:28:57 [INFO] 14:28:57 [INFO] ----------------< org.openspcoop2:org.openspcoop2.wadl >---------------- 14:28:57 [INFO] Building dependencies.wadl 1.0 [32/69] 14:28:57 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:57 [INFO] 14:28:57 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wadl --- 14:28:57 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wadl (includes = [*.jar], excludes = []) 14:28:57 [INFO] 14:28:57 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wadl --- 14:28:57 [INFO] 14:28:57 [INFO] ---------------< org.openspcoop2:org.openspcoop2.wss4j >---------------- 14:28:57 [INFO] Building dependencies.wss4j 1.0 [33/69] 14:28:57 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:57 [INFO] 14:28:57 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wss4j --- 14:28:57 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wss4j (includes = [*.jar], excludes = []) 14:28:57 [INFO] 14:28:57 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wss4j --- 14:28:57 [INFO] 14:28:57 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.wss4j --- 14:28:57 [INFO] Executing tasks 14:28:57 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-common-2.4.1.jar 14:28:57 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-dom-2.4.1.jar 14:28:57 [INFO] Executed tasks 14:28:57 [INFO] 14:28:57 [INFO] -------------< org.openspcoop2:org.openspcoop2.testsuite >-------------- 14:28:57 [INFO] Building dependencies.testsuite 1.0 [34/69] 14:28:57 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:57 [INFO] 14:28:57 [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.axis14 >---------- 14:28:57 [INFO] Building dependencies.testsuite.axis14 1.0 [35/69] 14:28:57 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:57 [INFO] 14:28:57 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.axis14 --- 14:28:57 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axis14 (includes = [*.jar], excludes = []) 14:28:57 [INFO] 14:28:57 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.axis14 --- 14:28:57 [INFO] 14:28:57 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.axis14 --- 14:28:58 [INFO] Executing tasks 14:28:58 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-1.4.jar 14:28:58 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-jaxrpc-1.4.jar 14:28:58 [INFO] Executed tasks 14:28:58 [INFO] 14:28:58 [INFO] ----< org.openspcoop2:org.openspcoop2.testsuite.applicationServer >----- 14:28:58 [INFO] Building dependencies.testsuite.as 1.0 [36/69] 14:28:58 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:58 [INFO] 14:28:58 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly9 >-- 14:28:58 [INFO] Building dependencies.testsuite.as.wildfly9 1.0 [37/69] 14:28:58 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 14:28:58 [INFO] org.wildfly:wildfly-client-all:jar:9.0.0.Final already exists in destination. 14:28:58 [INFO] 14:28:58 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly10 >-- 14:28:58 [INFO] Building dependencies.testsuite.as.wildfly10 1.0 [38/69] 14:28:58 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 14:28:58 [INFO] org.wildfly:wildfly-client-all:jar:10.0.0.Final already exists in destination. 14:28:58 [INFO] 14:28:58 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly11 >-- 14:28:58 [INFO] Building dependencies.testsuite.as.wildfly11 1.0 [39/69] 14:28:58 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 14:28:58 [INFO] org.wildfly:wildfly-client-all:jar:11.0.0.Final already exists in destination. 14:28:58 [INFO] 14:28:58 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly12 >-- 14:28:58 [INFO] Building dependencies.testsuite.as.wildfly12 1.0 [40/69] 14:28:58 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 14:28:58 [INFO] org.wildfly:wildfly-client-all:jar:12.0.0.Final already exists in destination. 14:28:58 [INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination. 14:28:58 [INFO] 14:28:58 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly13 >-- 14:28:58 [INFO] Building dependencies.testsuite.as.wildfly13 1.0 [41/69] 14:28:58 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 14:28:58 [INFO] org.wildfly:wildfly-client-all:jar:13.0.0.Final already exists in destination. 14:28:58 [INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination. 14:28:58 [INFO] 14:28:58 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly14 >-- 14:28:58 [INFO] Building dependencies.testsuite.as.wildfly14 1.0 [42/69] 14:28:58 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 14:28:58 [INFO] org.wildfly:wildfly-client-all:jar:14.0.0.Final already exists in destination. 14:28:58 [INFO] 14:28:58 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly15 >-- 14:28:58 [INFO] Building dependencies.testsuite.as.wildfly15 1.0 [43/69] 14:28:58 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 14:28:58 [INFO] org.wildfly:wildfly-client-all:jar:15.0.0.Final already exists in destination. 14:28:58 [INFO] 14:28:58 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly16 >-- 14:28:58 [INFO] Building dependencies.testsuite.as.wildfly16 1.0 [44/69] 14:28:58 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 14:28:58 [INFO] org.wildfly:wildfly-client-all:jar:16.0.0.Final already exists in destination. 14:28:58 [INFO] 14:28:58 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly17 >-- 14:28:58 [INFO] Building dependencies.testsuite.as.wildfly17 1.0 [45/69] 14:28:58 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 14:28:58 [INFO] org.wildfly:wildfly-client-all:jar:17.0.0.Final already exists in destination. 14:28:58 [INFO] 14:28:58 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly18 >-- 14:28:58 [INFO] Building dependencies.testsuite.as.wildfly18 1.0 [46/69] 14:28:58 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 14:28:58 [INFO] org.wildfly:wildfly-client-all:jar:18.0.0.Final already exists in destination. 14:28:58 [INFO] 14:28:58 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly19 >-- 14:28:58 [INFO] Building dependencies.testsuite.as.wildfly19 1.0 [47/69] 14:28:58 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 14:28:58 [INFO] org.wildfly:wildfly-client-all:jar:19.0.0.Final already exists in destination. 14:28:58 [INFO] 14:28:58 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly20 >-- 14:28:58 [INFO] Building dependencies.testsuite.as.wildfly20 1.0 [48/69] 14:28:58 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 14:28:58 [INFO] org.wildfly:wildfly-client-all:jar:20.0.0.Final already exists in destination. 14:28:58 [INFO] 14:28:58 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly21 >-- 14:28:58 [INFO] Building dependencies.testsuite.as.wildfly21 1.0 [49/69] 14:28:58 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 14:28:58 [INFO] org.wildfly:wildfly-client-all:jar:21.0.0.Final already exists in destination. 14:28:58 [INFO] 14:28:58 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly22 >-- 14:28:58 [INFO] Building dependencies.testsuite.as.wildfly22 1.0 [50/69] 14:28:58 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 14:28:58 [INFO] org.wildfly:wildfly-client-all:jar:22.0.0.Final already exists in destination. 14:28:58 [INFO] 14:28:58 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly23 >-- 14:28:58 [INFO] Building dependencies.testsuite.as.wildfly23 1.0 [51/69] 14:28:58 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 14:28:58 [INFO] org.wildfly:wildfly-client-all:jar:23.0.0.Final already exists in destination. 14:28:58 [INFO] 14:28:58 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly24 >-- 14:28:58 [INFO] Building dependencies.testsuite.as.wildfly24 1.0 [52/69] 14:28:58 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 14:28:58 [INFO] org.wildfly:wildfly-client-all:jar:24.0.0.Final already exists in destination. 14:28:58 [INFO] 14:28:58 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly25 >-- 14:28:58 [INFO] Building dependencies.testsuite.as.wildfly25 1.0 [53/69] 14:28:58 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 14:28:58 [INFO] org.wildfly:wildfly-client-all:jar:25.0.0.Final already exists in destination. 14:28:58 [INFO] 14:28:58 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly26 >-- 14:28:58 [INFO] Building dependencies.testsuite.as.wildfly26 1.0 [54/69] 14:28:58 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 14:28:58 [INFO] org.wildfly:wildfly-client-all:jar:26.0.0.Final already exists in destination. 14:28:58 [INFO] 14:28:58 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.tomcat9 >-- 14:28:58 [INFO] Building dependencies.testsuite.as.tomcat9 1.0 [55/69] 14:28:58 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 14:28:58 [INFO] org.apache.tomcat:tomcat-catalina:jar:9.0.98 already exists in destination. 14:28:58 [INFO] org.apache.tomcat:tomcat-juli:jar:9.0.98 already exists in destination. 14:28:58 [INFO] 14:28:58 [INFO] -----------< org.openspcoop2:org.openspcoop2.testsuite.test >----------- 14:28:58 [INFO] Building dependencies.testsuite.test 1.0 [56/69] 14:28:58 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.test --- 14:28:58 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/testsuite (includes = [*.jar], excludes = []) 14:28:58 [INFO] 14:28:58 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.test --- 14:28:58 [INFO] 14:28:58 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.test --- 14:28:58 [INFO] Executing tasks 14:28:58 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/testsuite/apacheds-all-2.0.0.AM27.jar 14:28:58 [INFO] Executed tasks 14:28:58 [INFO] 14:28:58 [INFO] ------< org.openspcoop2:org.openspcoop2.testsuite.staticAnalysis >------ 14:28:58 [INFO] Building dependencies.testsuite.staticAnalysis 1.0 [57/69] 14:28:58 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:59 [INFO] 14:28:59 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.staticAnalysis --- 14:28:59 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/staticAnalysis (includes = [*.jar], excludes = []) 14:28:59 [INFO] 14:28:59 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.staticAnalysis --- 14:28:59 [INFO] 14:28:59 [INFO] -----< org.openspcoop2:org.openspcoop2.testsuite.dynamicAnalysis >------ 14:28:59 [INFO] Building dependencies.testsuite.dynamicAnalysis 1.0 [58/69] 14:28:59 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:59 [INFO] 14:28:59 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.dynamicAnalysis --- 14:28:59 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/dynamicAnalysis (includes = [*.jar], excludes = []) 14:28:59 [INFO] 14:28:59 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.dynamicAnalysis --- 14:28:59 [INFO] 14:28:59 [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.coverage >--------- 14:28:59 [INFO] Building dependencies.testsuite.coverage 1.0 [59/69] 14:28:59 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:59 [INFO] 14:28:59 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.coverage --- 14:28:59 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/coverage (includes = [*.jar], excludes = []) 14:28:59 [INFO] 14:28:59 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.coverage --- 14:28:59 [INFO] 14:28:59 [INFO] --------------< org.openspcoop2:org.openspcoop2.compile >--------------- 14:28:59 [INFO] Building compile 1.0 [60/69] 14:28:59 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:59 [INFO] 14:28:59 [INFO] --------------< org.openspcoop2:org.openspcoop2.package >--------------- 14:28:59 [INFO] Building package 1.0 [61/69] 14:28:59 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:59 [INFO] 14:28:59 [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.utils >----------- 14:28:59 [INFO] Building testsuite.utils 1.0 [62/69] 14:28:59 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:59 [INFO] 14:28:59 [INFO] --------< org.openspcoop2:org.openspcoop2.testsuite.utils.sql >--------- 14:28:59 [INFO] Building testsuite.utils.sql 1.0 [63/69] 14:28:59 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:59 [INFO] 14:28:59 [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core >--------- 14:28:59 [INFO] Building testsuite.pdd.core 1.0 [64/69] 14:28:59 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:59 [INFO] 14:28:59 [INFO] -------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core.sql >------- 14:28:59 [INFO] Building testsuite.pdd.core.sql 1.0 [65/69] 14:28:59 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:59 [INFO] 14:28:59 [INFO] ------< org.openspcoop2:org.openspcoop2.static_analysis.spotbugs >------ 14:28:59 [INFO] Building static_analysis.spotbugs 1.0 [66/69] 14:28:59 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:59 [INFO] 14:28:59 [INFO] -----< org.openspcoop2:org.openspcoop2.static_analysis.sonarqube >------ 14:28:59 [INFO] Building static_analysis.sonarqube 1.0 [67/69] 14:28:59 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:59 [INFO] 14:28:59 [INFO] --------< org.openspcoop2:org.openspcoop2.dynamic_analysis.zap >-------- 14:28:59 [INFO] Building dynamic_analysis.zap 1.0 [68/69] 14:28:59 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:59 [INFO] 14:28:59 [INFO] ----------< org.openspcoop2:org.openspcoop2.coverage.jacoco >----------- 14:28:59 [INFO] Building coverage.jacoco 1.0 [69/69] 14:28:59 [INFO] --------------------------------[ pom ]--------------------------------- 14:28:59 [INFO] ------------------------------------------------------------------------ 14:28:59 [INFO] Reactor Summary for govway 1.0: 14:28:59 [INFO] 14:28:59 [INFO] govway ............................................. SUCCESS [ 0.003 s] 14:28:59 [INFO] dependencies ....................................... SUCCESS [ 0.002 s] 14:28:59 [INFO] dependencies.ant ................................... SUCCESS [ 1.279 s] 14:28:59 [INFO] dependencies.antinstaller .......................... SUCCESS [ 0.033 s] 14:28:59 [INFO] dependencies.axiom ................................. SUCCESS [ 0.438 s] 14:28:59 [INFO] dependencies.bean-validation ....................... SUCCESS [ 0.047 s] 14:28:59 [INFO] dependencies.cxf ................................... SUCCESS [ 0.305 s] 14:28:59 [INFO] dependencies.commons ............................... SUCCESS [ 0.103 s] 14:28:59 [INFO] dependencies.faces ................................. SUCCESS [ 0.060 s] 14:28:59 [INFO] dependencies.git ................................... SUCCESS [ 0.023 s] 14:28:59 [INFO] dependencies.httpcore .............................. SUCCESS [ 0.137 s] 14:28:59 [INFO] dependencies.jackson ............................... SUCCESS [ 0.073 s] 14:28:59 [INFO] dependencies.javax ................................. SUCCESS [ 0.042 s] 14:28:59 [INFO] dependencies.jax ................................... SUCCESS [ 0.175 s] 14:28:59 [INFO] dependencies.jetty ................................. SUCCESS [ 0.042 s] 14:28:59 [INFO] dependencies.jminix ................................ SUCCESS [ 0.068 s] 14:28:59 [INFO] dependencies.json .................................. SUCCESS [ 0.092 s] 14:28:59 [INFO] dependencies.log ................................... SUCCESS [ 0.110 s] 14:28:59 [INFO] dependencies.lucene ................................ SUCCESS [ 0.021 s] 14:28:59 [INFO] dependencies.openapi4j ............................. SUCCESS [ 0.070 s] 14:28:59 [INFO] dependencies.opensaml .............................. SUCCESS [ 0.070 s] 14:28:59 [INFO] dependencies.pdf ................................... SUCCESS [ 0.029 s] 14:28:59 [INFO] dependencies.redis ................................. SUCCESS [ 0.176 s] 14:28:59 [INFO] dependencies.reports ............................... SUCCESS [ 0.057 s] 14:28:59 [INFO] dependencies.saaj .................................. SUCCESS [ 0.065 s] 14:28:59 [INFO] dependencies.security .............................. SUCCESS [ 0.093 s] 14:28:59 [INFO] dependencies.shared ................................ SUCCESS [ 0.231 s] 14:28:59 [INFO] dependencies.spring ................................ SUCCESS [ 0.141 s] 14:28:59 [INFO] dependencies.spring-ldap ........................... SUCCESS [ 0.013 s] 14:28:59 [INFO] dependencies.spring-security ....................... SUCCESS [ 0.015 s] 14:28:59 [INFO] dependencies.swagger ............................... SUCCESS [ 0.156 s] 14:28:59 [INFO] dependencies.wadl .................................. SUCCESS [ 0.018 s] 14:28:59 [INFO] dependencies.wss4j ................................. SUCCESS [ 0.093 s] 14:28:59 [INFO] dependencies.testsuite ............................. SUCCESS [ 0.001 s] 14:28:59 [INFO] dependencies.testsuite.axis14 ...................... SUCCESS [ 0.133 s] 14:28:59 [INFO] dependencies.testsuite.as .......................... SUCCESS [ 0.000 s] 14:28:59 [INFO] dependencies.testsuite.as.wildfly9 ................. SUCCESS [ 0.042 s] 14:28:59 [INFO] dependencies.testsuite.as.wildfly10 ................ SUCCESS [ 0.029 s] 14:28:59 [INFO] dependencies.testsuite.as.wildfly11 ................ SUCCESS [ 0.031 s] 14:28:59 [INFO] dependencies.testsuite.as.wildfly12 ................ SUCCESS [ 0.028 s] 14:28:59 [INFO] dependencies.testsuite.as.wildfly13 ................ SUCCESS [ 0.028 s] 14:28:59 [INFO] dependencies.testsuite.as.wildfly14 ................ SUCCESS [ 0.027 s] 14:28:59 [INFO] dependencies.testsuite.as.wildfly15 ................ SUCCESS [ 0.026 s] 14:28:59 [INFO] dependencies.testsuite.as.wildfly16 ................ SUCCESS [ 0.027 s] 14:28:59 [INFO] dependencies.testsuite.as.wildfly17 ................ SUCCESS [ 0.031 s] 14:28:59 [INFO] dependencies.testsuite.as.wildfly18 ................ SUCCESS [ 0.048 s] 14:28:59 [INFO] dependencies.testsuite.as.wildfly19 ................ SUCCESS [ 0.048 s] 14:28:59 [INFO] dependencies.testsuite.as.wildfly20 ................ SUCCESS [ 0.036 s] 14:28:59 [INFO] dependencies.testsuite.as.wildfly21 ................ SUCCESS [ 0.044 s] 14:28:59 [INFO] dependencies.testsuite.as.wildfly22 ................ SUCCESS [ 0.025 s] 14:28:59 [INFO] dependencies.testsuite.as.wildfly23 ................ SUCCESS [ 0.025 s] 14:28:59 [INFO] dependencies.testsuite.as.wildfly24 ................ SUCCESS [ 0.109 s] 14:28:59 [INFO] dependencies.testsuite.as.wildfly25 ................ SUCCESS [ 0.033 s] 14:28:59 [INFO] dependencies.testsuite.as.wildfly26 ................ SUCCESS [ 0.038 s] 14:28:59 [INFO] dependencies.testsuite.as.tomcat9 .................. SUCCESS [ 0.015 s] 14:28:59 [INFO] dependencies.testsuite.test ........................ SUCCESS [ 0.195 s] 14:28:59 [INFO] dependencies.testsuite.staticAnalysis .............. SUCCESS [ 0.029 s] 14:28:59 [INFO] dependencies.testsuite.dynamicAnalysis ............. SUCCESS [ 0.019 s] 14:28:59 [INFO] dependencies.testsuite.coverage .................... SUCCESS [ 0.032 s] 14:28:59 [INFO] compile ............................................ SUCCESS [ 0.001 s] 14:28:59 [INFO] package ............................................ SUCCESS [ 0.000 s] 14:28:59 [INFO] testsuite.utils .................................... SUCCESS [ 0.001 s] 14:28:59 [INFO] testsuite.utils.sql ................................ SUCCESS [ 0.000 s] 14:28:59 [INFO] testsuite.pdd.core ................................. SUCCESS [ 0.001 s] 14:28:59 [INFO] testsuite.pdd.core.sql ............................. SUCCESS [ 0.001 s] 14:28:59 [INFO] static_analysis.spotbugs ........................... SUCCESS [ 0.000 s] 14:28:59 [INFO] static_analysis.sonarqube .......................... SUCCESS [ 0.001 s] 14:28:59 [INFO] dynamic_analysis.zap ............................... SUCCESS [ 0.000 s] 14:28:59 [INFO] coverage.jacoco .................................... SUCCESS [ 0.001 s] 14:28:59 [INFO] ------------------------------------------------------------------------ 14:28:59 [INFO] BUILD SUCCESS 14:28:59 [INFO] ------------------------------------------------------------------------ 14:28:59 [INFO] Total time: 5.968 s 14:28:59 [INFO] Finished at: 2025-01-08T14:28:59+01:00 14:28:59 [INFO] ------------------------------------------------------------------------ 14:28:59 [GovWay] $ /opt/apache-maven-3.6.3/bin/mvn -Dpackage=none -Dcompile=none -Dowasp=verify -Dtestsuite=none -DnvdApiKey=f8281fbf-3d81-4e4a-9f03-ab68856b336d -Dowasp.plugin.failBuildOnAnyVulnerability=false verify 14:29:01 [INFO] Scanning for projects... 14:29:01 [INFO] ------------------------------------------------------------------------ 14:29:01 [INFO] Reactor Build Order: 14:29:01 [INFO] 14:29:01 [INFO] govway [pom] 14:29:01 [INFO] dependencies [pom] 14:29:01 [INFO] dependencies.ant [pom] 14:29:01 [INFO] dependencies.antinstaller [pom] 14:29:01 [INFO] dependencies.axiom [pom] 14:29:01 [INFO] dependencies.bean-validation [pom] 14:29:01 [INFO] dependencies.cxf [pom] 14:29:01 [INFO] dependencies.commons [pom] 14:29:01 [INFO] dependencies.faces [pom] 14:29:01 [INFO] dependencies.git [pom] 14:29:01 [INFO] dependencies.httpcore [pom] 14:29:01 [INFO] dependencies.jackson [pom] 14:29:01 [INFO] dependencies.javax [pom] 14:29:01 [INFO] dependencies.jax [pom] 14:29:01 [INFO] dependencies.jetty [pom] 14:29:01 [INFO] dependencies.jminix [pom] 14:29:01 [INFO] dependencies.json [pom] 14:29:01 [INFO] dependencies.log [pom] 14:29:01 [INFO] dependencies.lucene [pom] 14:29:01 [INFO] dependencies.openapi4j [pom] 14:29:01 [INFO] dependencies.opensaml [pom] 14:29:01 [INFO] dependencies.pdf [pom] 14:29:01 [INFO] dependencies.redis [pom] 14:29:01 [INFO] dependencies.reports [pom] 14:29:01 [INFO] dependencies.saaj [pom] 14:29:01 [INFO] dependencies.security [pom] 14:29:01 [INFO] dependencies.shared [pom] 14:29:01 [INFO] dependencies.spring [pom] 14:29:01 [INFO] dependencies.spring-ldap [pom] 14:29:01 [INFO] dependencies.spring-security [pom] 14:29:01 [INFO] dependencies.swagger [pom] 14:29:01 [INFO] dependencies.wadl [pom] 14:29:01 [INFO] dependencies.wss4j [pom] 14:29:01 [INFO] dependencies.testsuite [pom] 14:29:01 [INFO] dependencies.testsuite.axis14 [pom] 14:29:01 [INFO] dependencies.testsuite.as [pom] 14:29:01 [INFO] dependencies.testsuite.as.wildfly9 [pom] 14:29:01 [INFO] dependencies.testsuite.as.wildfly10 [pom] 14:29:01 [INFO] dependencies.testsuite.as.wildfly11 [pom] 14:29:01 [INFO] dependencies.testsuite.as.wildfly12 [pom] 14:29:01 [INFO] dependencies.testsuite.as.wildfly13 [pom] 14:29:01 [INFO] dependencies.testsuite.as.wildfly14 [pom] 14:29:01 [INFO] dependencies.testsuite.as.wildfly15 [pom] 14:29:01 [INFO] dependencies.testsuite.as.wildfly16 [pom] 14:29:01 [INFO] dependencies.testsuite.as.wildfly17 [pom] 14:29:01 [INFO] dependencies.testsuite.as.wildfly18 [pom] 14:29:01 [INFO] dependencies.testsuite.as.wildfly19 [pom] 14:29:01 [INFO] dependencies.testsuite.as.wildfly20 [pom] 14:29:01 [INFO] dependencies.testsuite.as.wildfly21 [pom] 14:29:01 [INFO] dependencies.testsuite.as.wildfly22 [pom] 14:29:01 [INFO] dependencies.testsuite.as.wildfly23 [pom] 14:29:01 [INFO] dependencies.testsuite.as.wildfly24 [pom] 14:29:01 [INFO] dependencies.testsuite.as.wildfly25 [pom] 14:29:01 [INFO] dependencies.testsuite.as.wildfly26 [pom] 14:29:01 [INFO] dependencies.testsuite.as.tomcat9 [pom] 14:29:01 [INFO] dependencies.testsuite.test [pom] 14:29:01 [INFO] dependencies.testsuite.staticAnalysis [pom] 14:29:01 [INFO] dependencies.testsuite.dynamicAnalysis [pom] 14:29:01 [INFO] dependencies.testsuite.coverage [pom] 14:29:01 [INFO] compile [pom] 14:29:01 [INFO] package [pom] 14:29:01 [INFO] testsuite.utils [pom] 14:29:01 [INFO] testsuite.utils.sql [pom] 14:29:01 [INFO] testsuite.pdd.core [pom] 14:29:01 [INFO] testsuite.pdd.core.sql [pom] 14:29:01 [INFO] static_analysis.spotbugs [pom] 14:29:01 [INFO] static_analysis.sonarqube [pom] 14:29:01 [INFO] dynamic_analysis.zap [pom] 14:29:01 [INFO] coverage.jacoco [pom] 14:29:01 [INFO] 14:29:01 [INFO] ------------------< org.openspcoop2:org.openspcoop2 >------------------- 14:29:01 [INFO] Building govway 1.0 [1/69] 14:29:01 [INFO] --------------------------------[ pom ]--------------------------------- 14:29:01 [INFO] 14:29:01 [INFO] ------------< org.openspcoop2:org.openspcoop2.dependencies >------------ 14:29:01 [INFO] Building dependencies 1.0 [2/69] 14:29:01 [INFO] --------------------------------[ pom ]--------------------------------- 14:29:01 [INFO] 14:29:01 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.dependencies --- 14:29:02 [INFO] Executing tasks 14:29:07 [INFO] Executed tasks 14:29:09 [INFO] 14:29:09 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.dependencies --- 14:29:15 [INFO] Checking for updates 14:29:15 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:29:16 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:29:16 [INFO] Check for updates complete (584 ms) 14:29:16 [INFO] 14:29:16 14:29:16 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:29:16 14:29:16 14:29:16 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:29:16 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:29:16 14:29:16 💖 Sponsor: https://github.com/sponsors/jeremylong 14:29:16 14:29:16 14:29:16 [INFO] Analysis Started 14:29:19 [INFO] Finished Archive Analyzer (3 seconds) 14:29:20 [INFO] Finished File Name Analyzer (0 seconds) 14:29:23 [INFO] Finished Jar Analyzer (3 seconds) 14:29:23 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:29:23 [INFO] Finished Hint Analyzer (0 seconds) 14:29:23 [INFO] Finished Version Filter Analyzer (0 seconds) 14:29:27 [INFO] Created CPE Index (3 seconds) 14:29:37 [INFO] Finished CPE Analyzer (13 seconds) 14:29:37 [INFO] Finished False Positive Analyzer (0 seconds) 14:29:37 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:29:54 [INFO] Finished RetireJS Analyzer (17 seconds) 14:29:55 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:29:55 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:29:55 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:29:56 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 14:29:56 14:29:56 14:29:56 ## Recommendation 14:29:56 14:29:56 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 14:29:56 14:29:56 The following template can be used to demonstrate the vulnerability: 14:29:56 ```{{#with "constructor"}} 14:29:56 {{#with split as |a|}} 14:29:56 {{pop (push "alert('Vulnerable Handlebars JS');")}} 14:29:56 {{#with (concat (lookup join (slice 0 1)))}} 14:29:56 {{#each (slice 2 3)}} 14:29:56 {{#with (apply 0 a)}} 14:29:56 {{.}} 14:29:56 {{/with}} 14:29:56 {{/each}} 14:29:56 {{/with}} 14:29:56 {{/with}} 14:29:56 {{/with}}``` 14:29:56 14:29:56 14:29:56 ## Recommendation 14:29:56 14:29:56 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:29:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:29:56 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:29:56 [INFO] Analysis Complete (40 seconds) 14:29:57 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-report.xml 14:29:58 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-report.html 14:29:59 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-report.json 14:30:00 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-report.csv 14:30:00 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-report.sarif 14:30:00 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-jenkins.html 14:30:00 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-junit.xml 14:30:00 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-gitlab.json 14:30:00 [INFO] 14:30:00 [INFO] ----------------< org.openspcoop2:org.openspcoop2.ant >----------------- 14:30:00 [INFO] Building dependencies.ant 1.0 [3/69] 14:30:00 [INFO] --------------------------------[ pom ]--------------------------------- 14:30:00 [INFO] 14:30:00 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.ant --- 14:30:00 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/ant (includes = [*.jar], excludes = []) 14:30:00 [INFO] 14:30:00 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.ant --- 14:30:01 [INFO] 14:30:01 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.ant --- 14:30:01 [INFO] Executing tasks 14:30:06 [INFO] Executed tasks 14:30:06 [INFO] 14:30:06 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.ant --- 14:30:06 [INFO] Checking for updates 14:30:06 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:30:07 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:30:07 [INFO] Check for updates complete (119 ms) 14:30:07 [INFO] 14:30:07 14:30:07 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:30:07 14:30:07 14:30:07 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:30:07 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:30:07 14:30:07 💖 Sponsor: https://github.com/sponsors/jeremylong 14:30:07 14:30:07 14:30:07 [INFO] Analysis Started 14:30:07 [INFO] Finished Archive Analyzer (0 seconds) 14:30:07 [INFO] Finished File Name Analyzer (0 seconds) 14:30:07 [INFO] Finished Jar Analyzer (0 seconds) 14:30:07 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:30:07 [INFO] Finished Hint Analyzer (0 seconds) 14:30:07 [INFO] Finished Version Filter Analyzer (0 seconds) 14:30:09 [INFO] Created CPE Index (2 seconds) 14:30:10 [INFO] Finished CPE Analyzer (2 seconds) 14:30:10 [INFO] Finished False Positive Analyzer (0 seconds) 14:30:10 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:30:10 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:30:10 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:30:10 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:30:10 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 14:30:10 14:30:10 14:30:10 ## Recommendation 14:30:10 14:30:10 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 14:30:10 14:30:10 The following template can be used to demonstrate the vulnerability: 14:30:10 ```{{#with "constructor"}} 14:30:10 {{#with split as |a|}} 14:30:10 {{pop (push "alert('Vulnerable Handlebars JS');")}} 14:30:10 {{#with (concat (lookup join (slice 0 1)))}} 14:30:10 {{#each (slice 2 3)}} 14:30:10 {{#with (apply 0 a)}} 14:30:10 {{.}} 14:30:10 {{/with}} 14:30:10 {{/each}} 14:30:10 {{/with}} 14:30:10 {{/with}} 14:30:10 {{/with}}``` 14:30:10 14:30:10 14:30:10 ## Recommendation 14:30:10 14:30:10 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 14:30:10 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:30:10 [INFO] Analysis Complete (2 seconds) 14:30:10 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 14:30:10 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 14:30:10 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 14:30:10 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 14:30:10 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 14:30:10 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 14:30:10 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 14:30:10 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 14:30:10 [INFO] 14:30:10 [INFO] ------------< org.openspcoop2:org.openspcoop2.antinstaller >------------ 14:30:10 [INFO] Building dependencies.antinstaller 1.0 [4/69] 14:30:10 [INFO] --------------------------------[ pom ]--------------------------------- 14:30:10 [INFO] 14:30:10 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.antinstaller --- 14:30:10 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/antinstaller (includes = [*.jar], excludes = []) 14:30:10 [INFO] 14:30:10 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.antinstaller --- 14:30:10 [INFO] 14:30:10 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.antinstaller --- 14:30:10 [INFO] Executing tasks 14:30:15 [INFO] Executed tasks 14:30:15 [INFO] 14:30:15 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.antinstaller --- 14:30:15 [INFO] Checking for updates 14:30:15 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:30:15 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:30:15 [INFO] Check for updates complete (162 ms) 14:30:16 [INFO] 14:30:16 14:30:16 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:30:16 14:30:16 14:30:16 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:30:16 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:30:16 14:30:16 💖 Sponsor: https://github.com/sponsors/jeremylong 14:30:16 14:30:16 14:30:16 [INFO] Analysis Started 14:30:16 [INFO] Finished Archive Analyzer (0 seconds) 14:30:16 [INFO] Finished File Name Analyzer (0 seconds) 14:30:16 [INFO] Finished Jar Analyzer (0 seconds) 14:30:16 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:30:16 [INFO] Finished Hint Analyzer (0 seconds) 14:30:16 [INFO] Finished Version Filter Analyzer (0 seconds) 14:30:17 [INFO] Created CPE Index (1 seconds) 14:30:18 [INFO] Finished CPE Analyzer (1 seconds) 14:30:18 [INFO] Finished False Positive Analyzer (0 seconds) 14:30:18 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:30:18 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:30:18 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:30:18 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:30:18 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 14:30:18 14:30:18 14:30:18 ## Recommendation 14:30:18 14:30:18 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 14:30:18 14:30:18 The following template can be used to demonstrate the vulnerability: 14:30:18 ```{{#with "constructor"}} 14:30:18 {{#with split as |a|}} 14:30:18 {{pop (push "alert('Vulnerable Handlebars JS');")}} 14:30:18 {{#with (concat (lookup join (slice 0 1)))}} 14:30:18 {{#each (slice 2 3)}} 14:30:18 {{#with (apply 0 a)}} 14:30:18 {{.}} 14:30:18 {{/with}} 14:30:18 {{/each}} 14:30:18 {{/with}} 14:30:18 {{/with}} 14:30:18 {{/with}}``` 14:30:18 14:30:18 14:30:18 ## Recommendation 14:30:18 14:30:18 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 14:30:18 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:30:18 [INFO] Analysis Complete (2 seconds) 14:30:18 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 14:30:18 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 14:30:18 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 14:30:18 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 14:30:18 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 14:30:18 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 14:30:18 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 14:30:18 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 14:30:18 [INFO] 14:30:18 [INFO] ---------------< org.openspcoop2:org.openspcoop2.axiom >---------------- 14:30:18 [INFO] Building dependencies.axiom 1.0 [5/69] 14:30:18 [INFO] --------------------------------[ pom ]--------------------------------- 14:30:18 [INFO] 14:30:18 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.axiom --- 14:30:18 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axiom (includes = [*.jar], excludes = []) 14:30:18 [INFO] 14:30:18 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.axiom --- 14:30:18 [INFO] 14:30:18 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.axiom --- 14:30:18 [INFO] Executing tasks 14:30:18 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-api-1.2.13.jar 14:30:18 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-dom-1.2.13.jar 14:30:18 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-impl-1.2.13.jar 14:30:18 [INFO] Executed tasks 14:30:18 [INFO] 14:30:18 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.axiom --- 14:30:18 [INFO] Executing tasks 14:30:23 [INFO] Executed tasks 14:30:23 [INFO] 14:30:23 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.axiom --- 14:30:23 [INFO] Checking for updates 14:30:23 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:30:24 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:30:24 [INFO] Check for updates complete (91 ms) 14:30:24 [INFO] 14:30:24 14:30:24 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:30:24 14:30:24 14:30:24 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:30:24 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:30:24 14:30:24 💖 Sponsor: https://github.com/sponsors/jeremylong 14:30:24 14:30:24 14:30:24 [INFO] Analysis Started 14:30:24 [INFO] Finished Archive Analyzer (0 seconds) 14:30:24 [INFO] Finished File Name Analyzer (0 seconds) 14:30:24 [INFO] Finished Jar Analyzer (0 seconds) 14:30:24 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:30:24 [INFO] Finished Hint Analyzer (0 seconds) 14:30:24 [INFO] Finished Version Filter Analyzer (0 seconds) 14:30:25 [INFO] Created CPE Index (1 seconds) 14:30:26 [INFO] Finished CPE Analyzer (2 seconds) 14:30:26 [INFO] Finished False Positive Analyzer (0 seconds) 14:30:26 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:30:26 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:30:26 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:30:26 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:30:26 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 14:30:26 14:30:26 14:30:26 ## Recommendation 14:30:26 14:30:26 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 14:30:26 14:30:26 The following template can be used to demonstrate the vulnerability: 14:30:26 ```{{#with "constructor"}} 14:30:26 {{#with split as |a|}} 14:30:26 {{pop (push "alert('Vulnerable Handlebars JS');")}} 14:30:26 {{#with (concat (lookup join (slice 0 1)))}} 14:30:26 {{#each (slice 2 3)}} 14:30:26 {{#with (apply 0 a)}} 14:30:26 {{.}} 14:30:26 {{/with}} 14:30:26 {{/each}} 14:30:26 {{/with}} 14:30:26 {{/with}} 14:30:26 {{/with}}``` 14:30:26 14:30:26 14:30:26 ## Recommendation 14:30:26 14:30:26 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 14:30:26 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:30:26 [INFO] Analysis Complete (2 seconds) 14:30:26 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 14:30:26 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 14:30:26 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 14:30:26 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 14:30:26 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 14:30:26 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 14:30:26 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 14:30:26 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 14:30:27 [INFO] 14:30:27 [INFO] ----------< org.openspcoop2:org.openspcoop2.bean-validation >----------- 14:30:27 [INFO] Building dependencies.bean-validation 1.0 [6/69] 14:30:27 [INFO] --------------------------------[ pom ]--------------------------------- 14:30:27 [INFO] 14:30:27 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.bean-validation --- 14:30:27 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/bean-validation (includes = [*.jar], excludes = []) 14:30:27 [INFO] 14:30:27 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.bean-validation --- 14:30:27 [INFO] 14:30:27 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.bean-validation --- 14:30:27 [INFO] Executing tasks 14:30:32 [INFO] Executed tasks 14:30:32 [INFO] 14:30:32 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.bean-validation --- 14:30:32 [INFO] Checking for updates 14:30:32 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:30:32 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:30:32 [INFO] Check for updates complete (79 ms) 14:30:32 [INFO] 14:30:32 14:30:32 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:30:32 14:30:32 14:30:32 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:30:32 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:30:32 14:30:32 💖 Sponsor: https://github.com/sponsors/jeremylong 14:30:32 14:30:32 14:30:32 [INFO] Analysis Started 14:30:32 [INFO] Finished Archive Analyzer (0 seconds) 14:30:32 [INFO] Finished File Name Analyzer (0 seconds) 14:30:32 [INFO] Finished Jar Analyzer (0 seconds) 14:30:32 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:30:32 [INFO] Finished Hint Analyzer (0 seconds) 14:30:32 [INFO] Finished Version Filter Analyzer (0 seconds) 14:30:33 [INFO] Created CPE Index (1 seconds) 14:30:34 [INFO] Finished CPE Analyzer (1 seconds) 14:30:34 [INFO] Finished False Positive Analyzer (0 seconds) 14:30:34 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:30:34 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:30:34 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:30:34 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:30:34 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 14:30:34 14:30:34 14:30:34 ## Recommendation 14:30:34 14:30:34 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 14:30:34 14:30:34 The following template can be used to demonstrate the vulnerability: 14:30:34 ```{{#with "constructor"}} 14:30:34 {{#with split as |a|}} 14:30:34 {{pop (push "alert('Vulnerable Handlebars JS');")}} 14:30:34 {{#with (concat (lookup join (slice 0 1)))}} 14:30:34 {{#each (slice 2 3)}} 14:30:34 {{#with (apply 0 a)}} 14:30:34 {{.}} 14:30:34 {{/with}} 14:30:34 {{/each}} 14:30:34 {{/with}} 14:30:34 {{/with}} 14:30:34 {{/with}}``` 14:30:34 14:30:34 14:30:34 ## Recommendation 14:30:34 14:30:34 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 14:30:34 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:30:34 [INFO] Analysis Complete (1 seconds) 14:30:34 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 14:30:34 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 14:30:34 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 14:30:34 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 14:30:34 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 14:30:34 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 14:30:34 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 14:30:34 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 14:30:34 [INFO] 14:30:34 [INFO] ----------------< org.openspcoop2:org.openspcoop2.cxf >----------------- 14:30:34 [INFO] Building dependencies.cxf 1.0 [7/69] 14:30:34 [INFO] --------------------------------[ pom ]--------------------------------- 14:30:34 [INFO] 14:30:34 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.cxf --- 14:30:34 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/cxf (includes = [*.jar], excludes = []) 14:30:34 [INFO] 14:30:34 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.cxf --- 14:30:34 [INFO] 14:30:34 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.cxf --- 14:30:34 [INFO] Executing tasks 14:30:34 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-core-3.6.4.jar 14:30:34 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-security-jose-3.6.4.jar 14:30:34 [INFO] Executed tasks 14:30:34 [INFO] 14:30:34 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.cxf --- 14:30:34 [INFO] Executing tasks 14:30:39 [INFO] Executed tasks 14:30:39 [INFO] 14:30:39 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.cxf --- 14:30:39 [INFO] Checking for updates 14:30:39 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:30:39 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:30:39 [INFO] Check for updates complete (83 ms) 14:30:40 [INFO] 14:30:40 14:30:40 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:30:40 14:30:40 14:30:40 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:30:40 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:30:40 14:30:40 💖 Sponsor: https://github.com/sponsors/jeremylong 14:30:40 14:30:40 14:30:40 [INFO] Analysis Started 14:30:40 [INFO] Finished Archive Analyzer (0 seconds) 14:30:40 [INFO] Finished File Name Analyzer (0 seconds) 14:30:40 [INFO] Finished Jar Analyzer (0 seconds) 14:30:40 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:30:40 [INFO] Finished Hint Analyzer (0 seconds) 14:30:40 [INFO] Finished Version Filter Analyzer (0 seconds) 14:30:41 [INFO] Created CPE Index (1 seconds) 14:30:42 [INFO] Finished CPE Analyzer (2 seconds) 14:30:42 [INFO] Finished False Positive Analyzer (0 seconds) 14:30:42 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:30:42 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:30:42 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:30:42 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:30:42 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 14:30:42 14:30:42 14:30:42 ## Recommendation 14:30:42 14:30:42 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 14:30:42 14:30:42 The following template can be used to demonstrate the vulnerability: 14:30:42 ```{{#with "constructor"}} 14:30:42 {{#with split as |a|}} 14:30:42 {{pop (push "alert('Vulnerable Handlebars JS');")}} 14:30:42 {{#with (concat (lookup join (slice 0 1)))}} 14:30:42 {{#each (slice 2 3)}} 14:30:42 {{#with (apply 0 a)}} 14:30:42 {{.}} 14:30:42 {{/with}} 14:30:42 {{/each}} 14:30:42 {{/with}} 14:30:42 {{/with}} 14:30:42 {{/with}}``` 14:30:42 14:30:42 14:30:42 ## Recommendation 14:30:42 14:30:42 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 14:30:42 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:30:42 [INFO] Analysis Complete (2 seconds) 14:30:42 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 14:30:42 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 14:30:42 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 14:30:42 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 14:30:42 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 14:30:42 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 14:30:42 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 14:30:42 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 14:30:42 [INFO] 14:30:42 [INFO] --------------< org.openspcoop2:org.openspcoop2.commons >--------------- 14:30:42 [INFO] Building dependencies.commons 1.0 [8/69] 14:30:42 [INFO] --------------------------------[ pom ]--------------------------------- 14:30:42 [INFO] 14:30:42 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.commons --- 14:30:42 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/commons (includes = [*.jar], excludes = []) 14:30:42 [INFO] 14:30:42 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.commons --- 14:30:42 [INFO] 14:30:42 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.commons --- 14:30:42 [INFO] Executing tasks 14:30:47 [INFO] Executed tasks 14:30:47 [INFO] 14:30:47 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.commons --- 14:30:48 [INFO] Checking for updates 14:30:48 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:30:48 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:30:48 [INFO] Check for updates complete (83 ms) 14:30:48 [INFO] 14:30:48 14:30:48 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:30:48 14:30:48 14:30:48 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:30:48 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:30:48 14:30:48 💖 Sponsor: https://github.com/sponsors/jeremylong 14:30:48 14:30:48 14:30:48 [INFO] Analysis Started 14:30:48 [INFO] Finished Archive Analyzer (0 seconds) 14:30:48 [INFO] Finished File Name Analyzer (0 seconds) 14:30:48 [INFO] Finished Jar Analyzer (0 seconds) 14:30:48 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:30:48 [INFO] Finished Hint Analyzer (0 seconds) 14:30:48 [INFO] Finished Version Filter Analyzer (0 seconds) 14:30:50 [INFO] Created CPE Index (1 seconds) 14:30:50 [INFO] Finished CPE Analyzer (2 seconds) 14:30:50 [INFO] Finished False Positive Analyzer (0 seconds) 14:30:50 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:30:50 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:30:51 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:30:51 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:30:51 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 14:30:51 14:30:51 14:30:51 ## Recommendation 14:30:51 14:30:51 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 14:30:51 14:30:51 The following template can be used to demonstrate the vulnerability: 14:30:51 ```{{#with "constructor"}} 14:30:51 {{#with split as |a|}} 14:30:51 {{pop (push "alert('Vulnerable Handlebars JS');")}} 14:30:51 {{#with (concat (lookup join (slice 0 1)))}} 14:30:51 {{#each (slice 2 3)}} 14:30:51 {{#with (apply 0 a)}} 14:30:51 {{.}} 14:30:51 {{/with}} 14:30:51 {{/each}} 14:30:51 {{/with}} 14:30:51 {{/with}} 14:30:51 {{/with}}``` 14:30:51 14:30:51 14:30:51 ## Recommendation 14:30:51 14:30:51 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:30:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 14:30:51 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:30:51 [INFO] Analysis Complete (2 seconds) 14:30:51 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 14:30:51 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 14:30:51 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 14:30:51 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 14:30:51 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 14:30:51 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 14:30:51 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 14:30:51 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 14:30:51 [INFO] 14:30:51 [INFO] ---------------< org.openspcoop2:org.openspcoop2.faces >---------------- 14:30:51 [INFO] Building dependencies.faces 1.0 [9/69] 14:30:51 [INFO] --------------------------------[ pom ]--------------------------------- 14:30:51 [INFO] 14:30:51 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.faces --- 14:30:51 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/faces (includes = [*.jar], excludes = []) 14:30:51 [INFO] 14:30:51 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.faces --- 14:30:51 [INFO] 14:30:51 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.faces --- 14:30:51 [INFO] Executing tasks 14:30:56 [INFO] Executed tasks 14:30:56 [INFO] 14:30:56 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.faces --- 14:30:56 [INFO] Checking for updates 14:30:56 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:30:56 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:30:56 [INFO] Check for updates complete (73 ms) 14:30:56 [INFO] 14:30:56 14:30:56 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:30:56 14:30:56 14:30:56 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:30:56 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:30:56 14:30:56 💖 Sponsor: https://github.com/sponsors/jeremylong 14:30:56 14:30:56 14:30:56 [INFO] Analysis Started 14:30:57 [INFO] Finished Archive Analyzer (0 seconds) 14:30:57 [INFO] Finished File Name Analyzer (0 seconds) 14:30:57 [INFO] Finished Jar Analyzer (0 seconds) 14:30:57 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:30:57 [INFO] Finished Hint Analyzer (0 seconds) 14:30:57 [INFO] Finished Version Filter Analyzer (0 seconds) 14:30:59 [INFO] Created CPE Index (1 seconds) 14:30:59 [INFO] Finished CPE Analyzer (2 seconds) 14:30:59 [INFO] Finished False Positive Analyzer (0 seconds) 14:30:59 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:31:07 [INFO] Finished RetireJS Analyzer (8 seconds) 14:31:07 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:31:07 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:31:07 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:31:08 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 14:31:08 14:31:08 14:31:08 ## Recommendation 14:31:08 14:31:08 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 14:31:08 14:31:08 The following template can be used to demonstrate the vulnerability: 14:31:08 ```{{#with "constructor"}} 14:31:08 {{#with split as |a|}} 14:31:08 {{pop (push "alert('Vulnerable Handlebars JS');")}} 14:31:08 {{#with (concat (lookup join (slice 0 1)))}} 14:31:08 {{#each (slice 2 3)}} 14:31:08 {{#with (apply 0 a)}} 14:31:08 {{.}} 14:31:08 {{/with}} 14:31:08 {{/each}} 14:31:08 {{/with}} 14:31:08 {{/with}} 14:31:08 {{/with}}``` 14:31:08 14:31:08 14:31:08 ## Recommendation 14:31:08 14:31:08 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:08 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 14:31:08 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:31:08 [INFO] Analysis Complete (11 seconds) 14:31:08 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 14:31:08 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 14:31:09 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 14:31:09 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 14:31:09 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 14:31:09 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 14:31:09 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 14:31:09 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 14:31:09 [INFO] 14:31:09 [INFO] ----------------< org.openspcoop2:org.openspcoop2.git >----------------- 14:31:09 [INFO] Building dependencies.git 1.0 [10/69] 14:31:09 [INFO] --------------------------------[ pom ]--------------------------------- 14:31:09 [INFO] 14:31:09 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.git --- 14:31:09 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/git (includes = [*.jar], excludes = []) 14:31:09 [INFO] 14:31:09 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.git --- 14:31:09 [INFO] 14:31:09 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.git --- 14:31:09 [INFO] Executing tasks 14:31:14 [INFO] Executed tasks 14:31:14 [INFO] 14:31:14 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.git --- 14:31:14 [INFO] Checking for updates 14:31:14 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:31:14 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:31:14 [INFO] Check for updates complete (73 ms) 14:31:14 [INFO] 14:31:14 14:31:14 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:31:14 14:31:14 14:31:14 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:31:14 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:31:14 14:31:14 💖 Sponsor: https://github.com/sponsors/jeremylong 14:31:14 14:31:14 14:31:14 [INFO] Analysis Started 14:31:14 [INFO] Finished Archive Analyzer (0 seconds) 14:31:14 [INFO] Finished File Name Analyzer (0 seconds) 14:31:15 [INFO] Finished Jar Analyzer (0 seconds) 14:31:15 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:31:15 [INFO] Finished Hint Analyzer (0 seconds) 14:31:15 [INFO] Finished Version Filter Analyzer (0 seconds) 14:31:16 [INFO] Created CPE Index (1 seconds) 14:31:16 [INFO] Finished CPE Analyzer (1 seconds) 14:31:16 [INFO] Finished False Positive Analyzer (0 seconds) 14:31:16 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:31:16 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:31:16 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:31:16 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:31:16 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 14:31:16 14:31:16 14:31:16 ## Recommendation 14:31:16 14:31:16 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 14:31:16 14:31:16 The following template can be used to demonstrate the vulnerability: 14:31:16 ```{{#with "constructor"}} 14:31:16 {{#with split as |a|}} 14:31:16 {{pop (push "alert('Vulnerable Handlebars JS');")}} 14:31:16 {{#with (concat (lookup join (slice 0 1)))}} 14:31:16 {{#each (slice 2 3)}} 14:31:16 {{#with (apply 0 a)}} 14:31:16 {{.}} 14:31:16 {{/with}} 14:31:16 {{/each}} 14:31:16 {{/with}} 14:31:16 {{/with}} 14:31:16 {{/with}}``` 14:31:16 14:31:16 14:31:16 ## Recommendation 14:31:16 14:31:16 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 14:31:16 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:31:16 [INFO] Analysis Complete (1 seconds) 14:31:16 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 14:31:16 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 14:31:16 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 14:31:16 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 14:31:16 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 14:31:16 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 14:31:16 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 14:31:16 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 14:31:16 [INFO] 14:31:16 [INFO] --------------< org.openspcoop2:org.openspcoop2.httpcore >-------------- 14:31:16 [INFO] Building dependencies.httpcore 1.0 [11/69] 14:31:16 [INFO] --------------------------------[ pom ]--------------------------------- 14:31:16 [INFO] 14:31:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.httpcore --- 14:31:16 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/httpcore (includes = [*.jar], excludes = []) 14:31:16 [INFO] 14:31:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.httpcore --- 14:31:16 [INFO] 14:31:16 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.httpcore --- 14:31:16 [INFO] Executing tasks 14:31:16 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpcore-ab-4.4.15.jar 14:31:16 [INFO] Executed tasks 14:31:16 [INFO] 14:31:16 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.httpcore --- 14:31:16 [INFO] Executing tasks 14:31:21 [INFO] Executed tasks 14:31:21 [INFO] 14:31:21 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.httpcore --- 14:31:22 [INFO] Checking for updates 14:31:22 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:31:22 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:31:22 [INFO] Check for updates complete (71 ms) 14:31:22 [INFO] 14:31:22 14:31:22 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:31:22 14:31:22 14:31:22 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:31:22 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:31:22 14:31:22 💖 Sponsor: https://github.com/sponsors/jeremylong 14:31:22 14:31:22 14:31:22 [INFO] Analysis Started 14:31:22 [INFO] Finished Archive Analyzer (0 seconds) 14:31:22 [INFO] Finished File Name Analyzer (0 seconds) 14:31:22 [INFO] Finished Jar Analyzer (0 seconds) 14:31:22 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:31:22 [INFO] Finished Hint Analyzer (0 seconds) 14:31:22 [INFO] Finished Version Filter Analyzer (0 seconds) 14:31:23 [INFO] Created CPE Index (1 seconds) 14:31:24 [INFO] Finished CPE Analyzer (1 seconds) 14:31:24 [INFO] Finished False Positive Analyzer (0 seconds) 14:31:24 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:31:24 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:31:24 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:31:24 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:31:24 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 14:31:24 14:31:24 14:31:24 ## Recommendation 14:31:24 14:31:24 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 14:31:24 14:31:24 The following template can be used to demonstrate the vulnerability: 14:31:24 ```{{#with "constructor"}} 14:31:24 {{#with split as |a|}} 14:31:24 {{pop (push "alert('Vulnerable Handlebars JS');")}} 14:31:24 {{#with (concat (lookup join (slice 0 1)))}} 14:31:24 {{#each (slice 2 3)}} 14:31:24 {{#with (apply 0 a)}} 14:31:24 {{.}} 14:31:24 {{/with}} 14:31:24 {{/each}} 14:31:24 {{/with}} 14:31:24 {{/with}} 14:31:24 {{/with}}``` 14:31:24 14:31:24 14:31:24 ## Recommendation 14:31:24 14:31:24 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 14:31:24 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:31:24 [INFO] Analysis Complete (1 seconds) 14:31:24 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 14:31:24 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 14:31:24 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 14:31:24 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 14:31:24 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 14:31:24 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 14:31:24 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 14:31:24 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 14:31:24 [INFO] 14:31:24 [INFO] --------------< org.openspcoop2:org.openspcoop2.jackson >--------------- 14:31:24 [INFO] Building dependencies.jackson 1.0 [12/69] 14:31:24 [INFO] --------------------------------[ pom ]--------------------------------- 14:31:24 [INFO] 14:31:24 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jackson --- 14:31:24 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jackson (includes = [*.jar], excludes = []) 14:31:24 [INFO] 14:31:24 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jackson --- 14:31:24 [INFO] 14:31:24 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.jackson --- 14:31:24 [INFO] Executing tasks 14:31:29 [INFO] Executed tasks 14:31:29 [INFO] 14:31:29 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.jackson --- 14:31:29 [INFO] Checking for updates 14:31:29 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:31:29 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:31:29 [INFO] Check for updates complete (80 ms) 14:31:29 [INFO] 14:31:29 14:31:29 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:31:29 14:31:29 14:31:29 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:31:29 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:31:29 14:31:29 💖 Sponsor: https://github.com/sponsors/jeremylong 14:31:29 14:31:29 14:31:29 [INFO] Analysis Started 14:31:30 [INFO] Finished Archive Analyzer (0 seconds) 14:31:30 [INFO] Finished File Name Analyzer (0 seconds) 14:31:30 [INFO] Finished Jar Analyzer (0 seconds) 14:31:30 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:31:30 [INFO] Finished Hint Analyzer (0 seconds) 14:31:30 [INFO] Finished Version Filter Analyzer (0 seconds) 14:31:31 [INFO] Created CPE Index (1 seconds) 14:31:31 [INFO] Finished CPE Analyzer (1 seconds) 14:31:31 [INFO] Finished False Positive Analyzer (0 seconds) 14:31:31 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:31:31 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:31:31 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:31:31 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:31:31 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 14:31:31 14:31:31 14:31:31 ## Recommendation 14:31:31 14:31:31 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 14:31:31 14:31:31 The following template can be used to demonstrate the vulnerability: 14:31:31 ```{{#with "constructor"}} 14:31:31 {{#with split as |a|}} 14:31:31 {{pop (push "alert('Vulnerable Handlebars JS');")}} 14:31:31 {{#with (concat (lookup join (slice 0 1)))}} 14:31:31 {{#each (slice 2 3)}} 14:31:31 {{#with (apply 0 a)}} 14:31:31 {{.}} 14:31:31 {{/with}} 14:31:31 {{/each}} 14:31:31 {{/with}} 14:31:31 {{/with}} 14:31:31 {{/with}}``` 14:31:31 14:31:31 14:31:31 ## Recommendation 14:31:31 14:31:31 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 14:31:31 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:31:31 [INFO] Analysis Complete (1 seconds) 14:31:31 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 14:31:31 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 14:31:31 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 14:31:31 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 14:31:31 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 14:31:31 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 14:31:31 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 14:31:31 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 14:31:31 [INFO] 14:31:31 [INFO] ---------------< org.openspcoop2:org.openspcoop2.javax >---------------- 14:31:31 [INFO] Building dependencies.javax 1.0 [13/69] 14:31:31 [INFO] --------------------------------[ pom ]--------------------------------- 14:31:31 [INFO] 14:31:31 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.javax --- 14:31:31 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/javax (includes = [*.jar], excludes = []) 14:31:31 [INFO] 14:31:31 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.javax --- 14:31:31 [INFO] 14:31:31 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.javax --- 14:31:31 [INFO] Executing tasks 14:31:36 [INFO] Executed tasks 14:31:36 [INFO] 14:31:36 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.javax --- 14:31:37 [INFO] Checking for updates 14:31:37 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:31:37 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:31:37 [INFO] Check for updates complete (75 ms) 14:31:37 [INFO] 14:31:37 14:31:37 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:31:37 14:31:37 14:31:37 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:31:37 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:31:37 14:31:37 💖 Sponsor: https://github.com/sponsors/jeremylong 14:31:37 14:31:37 14:31:37 [INFO] Analysis Started 14:31:37 [INFO] Finished Archive Analyzer (0 seconds) 14:31:37 [INFO] Finished File Name Analyzer (0 seconds) 14:31:37 [INFO] Finished Jar Analyzer (0 seconds) 14:31:37 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:31:37 [INFO] Finished Hint Analyzer (0 seconds) 14:31:37 [INFO] Finished Version Filter Analyzer (0 seconds) 14:31:38 [INFO] Created CPE Index (1 seconds) 14:31:39 [INFO] Finished CPE Analyzer (1 seconds) 14:31:39 [INFO] Finished False Positive Analyzer (0 seconds) 14:31:39 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:31:39 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:31:39 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:31:39 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:31:39 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 14:31:39 14:31:39 14:31:39 ## Recommendation 14:31:39 14:31:39 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 14:31:39 14:31:39 The following template can be used to demonstrate the vulnerability: 14:31:39 ```{{#with "constructor"}} 14:31:39 {{#with split as |a|}} 14:31:39 {{pop (push "alert('Vulnerable Handlebars JS');")}} 14:31:39 {{#with (concat (lookup join (slice 0 1)))}} 14:31:39 {{#each (slice 2 3)}} 14:31:39 {{#with (apply 0 a)}} 14:31:39 {{.}} 14:31:39 {{/with}} 14:31:39 {{/each}} 14:31:39 {{/with}} 14:31:39 {{/with}} 14:31:39 {{/with}}``` 14:31:39 14:31:39 14:31:39 ## Recommendation 14:31:39 14:31:39 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 14:31:39 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:31:39 [INFO] Analysis Complete (1 seconds) 14:31:39 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 14:31:39 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 14:31:39 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 14:31:39 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 14:31:39 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 14:31:39 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 14:31:39 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 14:31:39 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 14:31:39 [INFO] 14:31:39 [INFO] ----------------< org.openspcoop2:org.openspcoop2.jax >----------------- 14:31:39 [INFO] Building dependencies.jax 1.0 [14/69] 14:31:39 [INFO] --------------------------------[ pom ]--------------------------------- 14:31:39 [INFO] 14:31:39 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jax --- 14:31:39 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jax (includes = [*.jar], excludes = []) 14:31:39 [INFO] 14:31:39 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jax --- 14:31:39 [INFO] 14:31:39 [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.jax --- 14:31:39 [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/jax/jsr181-api-1.0-MR1.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxws-jsr181-api-2.3.1.jar 14:31:39 [INFO] 14:31:39 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jax --- 14:31:39 [INFO] Executing tasks 14:31:39 [INFO] Executed tasks 14:31:39 [INFO] 14:31:39 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.jax --- 14:31:39 [INFO] Executing tasks 14:31:44 [INFO] Executed tasks 14:31:44 [INFO] 14:31:44 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.jax --- 14:31:44 [INFO] Checking for updates 14:31:44 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:31:44 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:31:44 [INFO] Check for updates complete (79 ms) 14:31:45 [INFO] 14:31:45 14:31:45 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:31:45 14:31:45 14:31:45 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:31:45 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:31:45 14:31:45 💖 Sponsor: https://github.com/sponsors/jeremylong 14:31:45 14:31:45 14:31:45 [INFO] Analysis Started 14:31:45 [INFO] Finished Archive Analyzer (0 seconds) 14:31:45 [INFO] Finished File Name Analyzer (0 seconds) 14:31:45 [INFO] Finished Jar Analyzer (0 seconds) 14:31:45 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:31:45 [INFO] Finished Hint Analyzer (0 seconds) 14:31:45 [INFO] Finished Version Filter Analyzer (0 seconds) 14:31:46 [INFO] Created CPE Index (1 seconds) 14:31:47 [INFO] Finished CPE Analyzer (1 seconds) 14:31:47 [INFO] Finished False Positive Analyzer (0 seconds) 14:31:47 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:31:47 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:31:47 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:31:47 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:31:47 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 14:31:47 14:31:47 14:31:47 ## Recommendation 14:31:47 14:31:47 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 14:31:47 14:31:47 The following template can be used to demonstrate the vulnerability: 14:31:47 ```{{#with "constructor"}} 14:31:47 {{#with split as |a|}} 14:31:47 {{pop (push "alert('Vulnerable Handlebars JS');")}} 14:31:47 {{#with (concat (lookup join (slice 0 1)))}} 14:31:47 {{#each (slice 2 3)}} 14:31:47 {{#with (apply 0 a)}} 14:31:47 {{.}} 14:31:47 {{/with}} 14:31:47 {{/each}} 14:31:47 {{/with}} 14:31:47 {{/with}} 14:31:47 {{/with}}``` 14:31:47 14:31:47 14:31:47 ## Recommendation 14:31:47 14:31:47 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:31:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 14:31:47 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:31:47 [INFO] Analysis Complete (2 seconds) 14:31:47 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 14:31:47 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 14:31:47 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 14:31:47 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 14:31:47 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 14:31:47 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 14:31:47 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 14:31:47 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 14:31:47 [INFO] 14:31:47 [INFO] ---------------< org.openspcoop2:org.openspcoop2.jetty >---------------- 14:31:47 [INFO] Building dependencies.jetty 1.0 [15/69] 14:31:47 [INFO] --------------------------------[ pom ]--------------------------------- 14:31:47 [INFO] 14:31:47 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jetty --- 14:31:47 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jetty (includes = [*.jar], excludes = []) 14:31:47 [INFO] 14:31:47 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jetty --- 14:31:47 [INFO] 14:31:47 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.jetty --- 14:31:47 [INFO] Executing tasks 14:31:52 [INFO] Executed tasks 14:31:52 [INFO] 14:31:52 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.jetty --- 14:31:52 [INFO] Checking for updates 14:31:52 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:31:52 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:31:52 [INFO] Check for updates complete (70 ms) 14:31:52 [INFO] 14:31:52 14:31:52 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:31:52 14:31:52 14:31:52 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:31:52 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:31:52 14:31:52 💖 Sponsor: https://github.com/sponsors/jeremylong 14:31:52 14:31:52 14:31:52 [INFO] Analysis Started 14:31:52 [INFO] Finished File Name Analyzer (0 seconds) 14:31:52 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:31:52 [INFO] Finished Hint Analyzer (0 seconds) 14:31:52 [INFO] Finished Version Filter Analyzer (0 seconds) 14:31:54 [INFO] Created CPE Index (1 seconds) 14:31:54 [INFO] Finished CPE Analyzer (1 seconds) 14:31:54 [INFO] Finished False Positive Analyzer (0 seconds) 14:31:54 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:31:54 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:31:54 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:31:54 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:31:54 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:31:54 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:31:54 [INFO] Analysis Complete (1 seconds) 14:31:54 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 14:31:54 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 14:31:54 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 14:31:54 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 14:31:54 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 14:31:54 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 14:31:54 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 14:31:54 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 14:31:54 [INFO] 14:31:54 [INFO] ---------------< org.openspcoop2:org.openspcoop2.jminix >--------------- 14:31:54 [INFO] Building dependencies.jminix 1.0 [16/69] 14:31:54 [INFO] --------------------------------[ pom ]--------------------------------- 14:31:54 [INFO] 14:31:54 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jminix --- 14:31:54 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jminix (includes = [*.jar], excludes = []) 14:31:54 [INFO] 14:31:54 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jminix --- 14:31:54 [INFO] 14:31:54 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jminix --- 14:31:54 [INFO] Executing tasks 14:31:54 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/jminix/jminix-1.2.0.jar 14:31:54 [INFO] Executed tasks 14:31:54 [INFO] 14:31:54 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.jminix --- 14:31:54 [INFO] Executing tasks 14:31:59 [INFO] Executed tasks 14:31:59 [INFO] 14:31:59 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.jminix --- 14:31:59 [INFO] Checking for updates 14:31:59 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:31:59 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:31:59 [INFO] Check for updates complete (77 ms) 14:32:00 [INFO] 14:32:00 14:32:00 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:32:00 14:32:00 14:32:00 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:32:00 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:32:00 14:32:00 💖 Sponsor: https://github.com/sponsors/jeremylong 14:32:00 14:32:00 14:32:00 [INFO] Analysis Started 14:32:00 [INFO] Finished Archive Analyzer (0 seconds) 14:32:00 [INFO] Finished File Name Analyzer (0 seconds) 14:32:00 [INFO] Finished Jar Analyzer (0 seconds) 14:32:00 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:32:00 [INFO] Finished Hint Analyzer (0 seconds) 14:32:00 [INFO] Finished Version Filter Analyzer (0 seconds) 14:32:01 [INFO] Created CPE Index (1 seconds) 14:32:01 [INFO] Finished CPE Analyzer (1 seconds) 14:32:01 [INFO] Finished False Positive Analyzer (0 seconds) 14:32:01 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:32:02 [INFO] Finished RetireJS Analyzer (1 seconds) 14:32:02 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:32:02 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:32:02 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:32:02 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:32:02 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:32:02 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 14:32:03 14:32:03 14:32:03 ## Recommendation 14:32:03 14:32:03 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 14:32:03 14:32:03 The following template can be used to demonstrate the vulnerability: 14:32:03 ```{{#with "constructor"}} 14:32:03 {{#with split as |a|}} 14:32:03 {{pop (push "alert('Vulnerable Handlebars JS');")}} 14:32:03 {{#with (concat (lookup join (slice 0 1)))}} 14:32:03 {{#each (slice 2 3)}} 14:32:03 {{#with (apply 0 a)}} 14:32:03 {{.}} 14:32:03 {{/with}} 14:32:03 {{/each}} 14:32:03 {{/with}} 14:32:03 {{/with}} 14:32:03 {{/with}}``` 14:32:03 14:32:03 14:32:03 ## Recommendation 14:32:03 14:32:03 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 14:32:03 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:32:03 [INFO] Analysis Complete (2 seconds) 14:32:03 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 14:32:03 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 14:32:03 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 14:32:03 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 14:32:03 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 14:32:03 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 14:32:03 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 14:32:03 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 14:32:03 [INFO] 14:32:03 [INFO] ----------------< org.openspcoop2:org.openspcoop2.json >---------------- 14:32:03 [INFO] Building dependencies.json 1.0 [17/69] 14:32:03 [INFO] --------------------------------[ pom ]--------------------------------- 14:32:03 [INFO] 14:32:03 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.json --- 14:32:03 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/json (includes = [*.jar], excludes = []) 14:32:03 [INFO] 14:32:03 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.json --- 14:32:03 [INFO] 14:32:03 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.json --- 14:32:03 [INFO] Executing tasks 14:32:03 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/json/json-path-2.9.0.jar 14:32:03 [INFO] Executed tasks 14:32:03 [INFO] 14:32:03 [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.json --- 14:32:03 [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/json/json-schema-validator-1.0.73.jar to /var/lib/jenkins/workspace/GovWay/lib/json/networknt_json-schema-validator-1.0.73.jar 14:32:03 [INFO] 14:32:03 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.json --- 14:32:03 [INFO] Executing tasks 14:32:08 [INFO] Executed tasks 14:32:08 [INFO] 14:32:08 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.json --- 14:32:08 [INFO] Checking for updates 14:32:08 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:32:08 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:32:08 [INFO] Check for updates complete (73 ms) 14:32:08 [INFO] 14:32:08 14:32:08 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:32:08 14:32:08 14:32:08 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:32:08 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:32:08 14:32:08 💖 Sponsor: https://github.com/sponsors/jeremylong 14:32:08 14:32:08 14:32:08 [INFO] Analysis Started 14:32:08 [INFO] Finished Archive Analyzer (0 seconds) 14:32:08 [INFO] Finished File Name Analyzer (0 seconds) 14:32:08 [INFO] Finished Jar Analyzer (0 seconds) 14:32:08 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:32:08 [INFO] Finished Hint Analyzer (0 seconds) 14:32:08 [INFO] Finished Version Filter Analyzer (0 seconds) 14:32:10 [INFO] Created CPE Index (1 seconds) 14:32:10 [INFO] Finished CPE Analyzer (1 seconds) 14:32:10 [INFO] Finished False Positive Analyzer (0 seconds) 14:32:10 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:32:10 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:32:10 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:32:10 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:32:10 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 14:32:10 14:32:10 14:32:10 ## Recommendation 14:32:10 14:32:10 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 14:32:10 14:32:10 The following template can be used to demonstrate the vulnerability: 14:32:10 ```{{#with "constructor"}} 14:32:10 {{#with split as |a|}} 14:32:10 {{pop (push "alert('Vulnerable Handlebars JS');")}} 14:32:10 {{#with (concat (lookup join (slice 0 1)))}} 14:32:10 {{#each (slice 2 3)}} 14:32:10 {{#with (apply 0 a)}} 14:32:10 {{.}} 14:32:10 {{/with}} 14:32:10 {{/each}} 14:32:10 {{/with}} 14:32:10 {{/with}} 14:32:10 {{/with}}``` 14:32:10 14:32:10 14:32:10 ## Recommendation 14:32:10 14:32:10 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 14:32:10 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:32:10 [INFO] Analysis Complete (1 seconds) 14:32:10 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 14:32:10 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 14:32:10 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 14:32:10 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 14:32:10 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 14:32:10 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 14:32:10 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 14:32:10 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 14:32:10 [INFO] 14:32:10 [INFO] ----------------< org.openspcoop2:org.openspcoop2.log >----------------- 14:32:10 [INFO] Building dependencies.log 1.0 [18/69] 14:32:10 [INFO] --------------------------------[ pom ]--------------------------------- 14:32:10 [INFO] 14:32:10 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.log --- 14:32:10 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/log (includes = [*.jar], excludes = []) 14:32:10 [INFO] 14:32:10 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.log --- 14:32:10 [INFO] 14:32:10 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.log --- 14:32:10 [INFO] Executing tasks 14:32:10 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/log/slf4j-api-2.0.16.jar 14:32:10 [INFO] Executed tasks 14:32:10 [INFO] 14:32:10 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.log --- 14:32:10 [INFO] Executing tasks 14:32:15 [INFO] Executed tasks 14:32:15 [INFO] 14:32:15 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.log --- 14:32:15 [INFO] Checking for updates 14:32:15 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:32:16 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:32:16 [INFO] Check for updates complete (81 ms) 14:32:16 [INFO] 14:32:16 14:32:16 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:32:16 14:32:16 14:32:16 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:32:16 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:32:16 14:32:16 💖 Sponsor: https://github.com/sponsors/jeremylong 14:32:16 14:32:16 14:32:16 [INFO] Analysis Started 14:32:16 [INFO] Finished Archive Analyzer (0 seconds) 14:32:16 [INFO] Finished File Name Analyzer (0 seconds) 14:32:16 [INFO] Finished Jar Analyzer (0 seconds) 14:32:16 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:32:16 [INFO] Finished Hint Analyzer (0 seconds) 14:32:16 [INFO] Finished Version Filter Analyzer (0 seconds) 14:32:17 [INFO] Created CPE Index (1 seconds) 14:32:18 [INFO] Finished CPE Analyzer (1 seconds) 14:32:18 [INFO] Finished False Positive Analyzer (0 seconds) 14:32:18 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:32:18 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:32:18 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:32:18 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:32:18 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 14:32:18 14:32:18 14:32:18 ## Recommendation 14:32:18 14:32:18 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 14:32:18 14:32:18 The following template can be used to demonstrate the vulnerability: 14:32:18 ```{{#with "constructor"}} 14:32:18 {{#with split as |a|}} 14:32:18 {{pop (push "alert('Vulnerable Handlebars JS');")}} 14:32:18 {{#with (concat (lookup join (slice 0 1)))}} 14:32:18 {{#each (slice 2 3)}} 14:32:18 {{#with (apply 0 a)}} 14:32:18 {{.}} 14:32:18 {{/with}} 14:32:18 {{/each}} 14:32:18 {{/with}} 14:32:18 {{/with}} 14:32:18 {{/with}}``` 14:32:18 14:32:18 14:32:18 ## Recommendation 14:32:18 14:32:18 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 14:32:18 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:32:18 [INFO] Analysis Complete (1 seconds) 14:32:18 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 14:32:18 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 14:32:18 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 14:32:18 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 14:32:18 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 14:32:18 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 14:32:18 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 14:32:18 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 14:32:18 [INFO] 14:32:18 [INFO] ---------------< org.openspcoop2:org.openspcoop2.lucene >--------------- 14:32:18 [INFO] Building dependencies.lucene 1.0 [19/69] 14:32:18 [INFO] --------------------------------[ pom ]--------------------------------- 14:32:18 [INFO] 14:32:18 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.lucene --- 14:32:18 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/lucene (includes = [*.jar], excludes = []) 14:32:18 [INFO] 14:32:18 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.lucene --- 14:32:18 [INFO] 14:32:18 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.lucene --- 14:32:18 [INFO] Executing tasks 14:32:23 [INFO] Executed tasks 14:32:23 [INFO] 14:32:23 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.lucene --- 14:32:23 [INFO] Checking for updates 14:32:23 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:32:23 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:32:23 [INFO] Check for updates complete (72 ms) 14:32:23 [INFO] 14:32:23 14:32:23 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:32:23 14:32:23 14:32:23 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:32:23 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:32:23 14:32:23 💖 Sponsor: https://github.com/sponsors/jeremylong 14:32:23 14:32:23 14:32:23 [INFO] Analysis Started 14:32:23 [INFO] Finished Archive Analyzer (0 seconds) 14:32:23 [INFO] Finished File Name Analyzer (0 seconds) 14:32:23 [INFO] Finished Jar Analyzer (0 seconds) 14:32:23 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:32:23 [INFO] Finished Hint Analyzer (0 seconds) 14:32:23 [INFO] Finished Version Filter Analyzer (0 seconds) 14:32:25 [INFO] Created CPE Index (1 seconds) 14:32:25 [INFO] Finished CPE Analyzer (1 seconds) 14:32:25 [INFO] Finished False Positive Analyzer (0 seconds) 14:32:25 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:32:25 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:32:25 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:32:25 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:32:25 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 14:32:25 14:32:25 14:32:25 ## Recommendation 14:32:25 14:32:25 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 14:32:25 14:32:25 The following template can be used to demonstrate the vulnerability: 14:32:25 ```{{#with "constructor"}} 14:32:25 {{#with split as |a|}} 14:32:25 {{pop (push "alert('Vulnerable Handlebars JS');")}} 14:32:25 {{#with (concat (lookup join (slice 0 1)))}} 14:32:25 {{#each (slice 2 3)}} 14:32:25 {{#with (apply 0 a)}} 14:32:25 {{.}} 14:32:25 {{/with}} 14:32:25 {{/each}} 14:32:25 {{/with}} 14:32:25 {{/with}} 14:32:25 {{/with}}``` 14:32:25 14:32:25 14:32:25 ## Recommendation 14:32:25 14:32:25 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 14:32:25 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:32:25 [INFO] Analysis Complete (1 seconds) 14:32:25 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 14:32:25 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 14:32:25 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 14:32:25 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 14:32:25 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 14:32:25 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 14:32:25 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 14:32:25 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 14:32:25 [INFO] 14:32:25 [INFO] -------------< org.openspcoop2:org.openspcoop2.openapi4j >-------------- 14:32:25 [INFO] Building dependencies.openapi4j 1.0 [20/69] 14:32:25 [INFO] --------------------------------[ pom ]--------------------------------- 14:32:25 [INFO] 14:32:25 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.openapi4j --- 14:32:25 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/openapi4j (includes = [*.jar], excludes = []) 14:32:25 [INFO] 14:32:25 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.openapi4j --- 14:32:25 [INFO] 14:32:25 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.openapi4j --- 14:32:25 [INFO] Executing tasks 14:32:25 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-core-1.0.7.jar 14:32:25 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-parser-1.0.7.jar 14:32:25 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-schema-validator-1.0.7.jar 14:32:25 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-operation-validator-1.0.7.jar 14:32:25 [INFO] Executed tasks 14:32:25 [INFO] 14:32:25 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.openapi4j --- 14:32:25 [INFO] Executing tasks 14:32:30 [INFO] Executed tasks 14:32:30 [INFO] 14:32:30 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.openapi4j --- 14:32:30 [INFO] Checking for updates 14:32:30 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:32:30 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:32:31 [INFO] Check for updates complete (117 ms) 14:32:31 [INFO] 14:32:31 14:32:31 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:32:31 14:32:31 14:32:31 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:32:31 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:32:31 14:32:31 💖 Sponsor: https://github.com/sponsors/jeremylong 14:32:31 14:32:31 14:32:31 [INFO] Analysis Started 14:32:31 [INFO] Finished Archive Analyzer (0 seconds) 14:32:31 [INFO] Finished File Name Analyzer (0 seconds) 14:32:31 [INFO] Finished Jar Analyzer (0 seconds) 14:32:31 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:32:31 [INFO] Finished Hint Analyzer (0 seconds) 14:32:31 [INFO] Finished Version Filter Analyzer (0 seconds) 14:32:32 [INFO] Created CPE Index (1 seconds) 14:32:33 [INFO] Finished CPE Analyzer (1 seconds) 14:32:33 [INFO] Finished False Positive Analyzer (0 seconds) 14:32:33 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:32:33 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:32:33 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:32:33 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:32:33 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 14:32:33 14:32:33 14:32:33 ## Recommendation 14:32:33 14:32:33 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 14:32:33 14:32:33 The following template can be used to demonstrate the vulnerability: 14:32:33 ```{{#with "constructor"}} 14:32:33 {{#with split as |a|}} 14:32:33 {{pop (push "alert('Vulnerable Handlebars JS');")}} 14:32:33 {{#with (concat (lookup join (slice 0 1)))}} 14:32:33 {{#each (slice 2 3)}} 14:32:33 {{#with (apply 0 a)}} 14:32:33 {{.}} 14:32:33 {{/with}} 14:32:33 {{/each}} 14:32:33 {{/with}} 14:32:33 {{/with}} 14:32:33 {{/with}}``` 14:32:33 14:32:33 14:32:33 ## Recommendation 14:32:33 14:32:33 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 14:32:33 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:32:33 [INFO] Analysis Complete (2 seconds) 14:32:33 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 14:32:33 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 14:32:33 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 14:32:33 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 14:32:33 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 14:32:33 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 14:32:33 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 14:32:33 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 14:32:33 [INFO] 14:32:33 [INFO] --------------< org.openspcoop2:org.openspcoop2.opensaml >-------------- 14:32:33 [INFO] Building dependencies.opensaml 1.0 [21/69] 14:32:33 [INFO] --------------------------------[ pom ]--------------------------------- 14:32:33 [INFO] 14:32:33 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.opensaml --- 14:32:33 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/opensaml (includes = [*.jar], excludes = []) 14:32:33 [INFO] 14:32:33 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.opensaml --- 14:32:33 [INFO] 14:32:33 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.opensaml --- 14:32:33 [INFO] Executing tasks 14:32:38 [INFO] Executed tasks 14:32:38 [INFO] 14:32:38 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.opensaml --- 14:32:38 [INFO] Checking for updates 14:32:38 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:32:38 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:32:38 [INFO] Check for updates complete (73 ms) 14:32:38 [INFO] 14:32:38 14:32:38 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:32:38 14:32:38 14:32:38 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:32:38 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:32:38 14:32:38 💖 Sponsor: https://github.com/sponsors/jeremylong 14:32:38 14:32:38 14:32:38 [INFO] Analysis Started 14:32:39 [INFO] Finished Archive Analyzer (0 seconds) 14:32:39 [INFO] Finished File Name Analyzer (0 seconds) 14:32:39 [INFO] Finished Jar Analyzer (0 seconds) 14:32:39 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:32:39 [INFO] Finished Hint Analyzer (0 seconds) 14:32:39 [INFO] Finished Version Filter Analyzer (0 seconds) 14:32:40 [INFO] Created CPE Index (1 seconds) 14:32:40 [INFO] Finished CPE Analyzer (1 seconds) 14:32:40 [INFO] Finished False Positive Analyzer (0 seconds) 14:32:40 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:32:40 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:32:40 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:32:40 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:32:40 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 14:32:40 14:32:40 14:32:40 ## Recommendation 14:32:40 14:32:40 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 14:32:40 14:32:40 The following template can be used to demonstrate the vulnerability: 14:32:40 ```{{#with "constructor"}} 14:32:40 {{#with split as |a|}} 14:32:40 {{pop (push "alert('Vulnerable Handlebars JS');")}} 14:32:40 {{#with (concat (lookup join (slice 0 1)))}} 14:32:40 {{#each (slice 2 3)}} 14:32:40 {{#with (apply 0 a)}} 14:32:40 {{.}} 14:32:40 {{/with}} 14:32:40 {{/each}} 14:32:40 {{/with}} 14:32:40 {{/with}} 14:32:40 {{/with}}``` 14:32:40 14:32:40 14:32:40 ## Recommendation 14:32:40 14:32:40 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 14:32:40 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:32:40 [INFO] Analysis Complete (1 seconds) 14:32:40 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 14:32:40 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 14:32:40 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 14:32:40 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 14:32:40 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 14:32:40 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 14:32:40 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 14:32:40 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 14:32:41 [INFO] 14:32:41 [INFO] ----------------< org.openspcoop2:org.openspcoop2.pdf >----------------- 14:32:41 [INFO] Building dependencies.pdf 1.0 [22/69] 14:32:41 [INFO] --------------------------------[ pom ]--------------------------------- 14:32:41 [INFO] 14:32:41 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.pdf --- 14:32:41 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/pdf (includes = [*.jar], excludes = []) 14:32:41 [INFO] 14:32:41 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.pdf --- 14:32:41 [INFO] 14:32:41 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.pdf --- 14:32:41 [INFO] Executing tasks 14:32:46 [INFO] Executed tasks 14:32:46 [INFO] 14:32:46 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.pdf --- 14:32:46 [INFO] Checking for updates 14:32:46 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:32:46 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:32:46 [INFO] Check for updates complete (191 ms) 14:32:46 [INFO] 14:32:46 14:32:46 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:32:46 14:32:46 14:32:46 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:32:46 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:32:46 14:32:46 💖 Sponsor: https://github.com/sponsors/jeremylong 14:32:46 14:32:46 14:32:46 [INFO] Analysis Started 14:32:46 [INFO] Finished Archive Analyzer (0 seconds) 14:32:46 [INFO] Finished File Name Analyzer (0 seconds) 14:32:46 [INFO] Finished Jar Analyzer (0 seconds) 14:32:46 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:32:46 [INFO] Finished Hint Analyzer (0 seconds) 14:32:46 [INFO] Finished Version Filter Analyzer (0 seconds) 14:32:48 [INFO] Created CPE Index (1 seconds) 14:32:48 [INFO] Finished CPE Analyzer (1 seconds) 14:32:48 [INFO] Finished False Positive Analyzer (0 seconds) 14:32:48 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:32:48 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:32:48 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:32:48 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:32:48 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 14:32:48 14:32:48 14:32:48 ## Recommendation 14:32:48 14:32:48 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 14:32:48 14:32:48 The following template can be used to demonstrate the vulnerability: 14:32:48 ```{{#with "constructor"}} 14:32:48 {{#with split as |a|}} 14:32:48 {{pop (push "alert('Vulnerable Handlebars JS');")}} 14:32:48 {{#with (concat (lookup join (slice 0 1)))}} 14:32:48 {{#each (slice 2 3)}} 14:32:48 {{#with (apply 0 a)}} 14:32:48 {{.}} 14:32:48 {{/with}} 14:32:48 {{/each}} 14:32:48 {{/with}} 14:32:48 {{/with}} 14:32:48 {{/with}}``` 14:32:48 14:32:48 14:32:48 ## Recommendation 14:32:48 14:32:48 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 14:32:48 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:32:48 [INFO] Analysis Complete (1 seconds) 14:32:48 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 14:32:48 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 14:32:48 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 14:32:48 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 14:32:48 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 14:32:48 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 14:32:48 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 14:32:48 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 14:32:48 [INFO] 14:32:48 [INFO] ---------------< org.openspcoop2:org.openspcoop2.redis >---------------- 14:32:48 [INFO] Building dependencies.redis 1.0 [23/69] 14:32:48 [INFO] --------------------------------[ pom ]--------------------------------- 14:32:48 [INFO] 14:32:48 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.redis --- 14:32:48 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/redis (includes = [*.jar], excludes = []) 14:32:48 [INFO] 14:32:48 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.redis --- 14:32:48 [INFO] 14:32:48 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.redis --- 14:32:48 [INFO] Executing tasks 14:32:53 [INFO] Executed tasks 14:32:53 [INFO] 14:32:53 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.redis --- 14:32:53 [INFO] Checking for updates 14:32:53 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:32:53 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:32:53 [INFO] Check for updates complete (74 ms) 14:32:54 [INFO] 14:32:54 14:32:54 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:32:54 14:32:54 14:32:54 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:32:54 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:32:54 14:32:54 💖 Sponsor: https://github.com/sponsors/jeremylong 14:32:54 14:32:54 14:32:54 [INFO] Analysis Started 14:32:54 [INFO] Finished Archive Analyzer (0 seconds) 14:32:54 [INFO] Finished File Name Analyzer (0 seconds) 14:32:54 [INFO] Finished Jar Analyzer (0 seconds) 14:32:54 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:32:54 [INFO] Finished Hint Analyzer (0 seconds) 14:32:54 [INFO] Finished Version Filter Analyzer (0 seconds) 14:32:55 [INFO] Created CPE Index (1 seconds) 14:32:55 [INFO] Finished CPE Analyzer (1 seconds) 14:32:55 [INFO] Finished False Positive Analyzer (0 seconds) 14:32:55 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:32:55 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:32:55 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:32:55 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:32:55 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 14:32:55 14:32:55 14:32:55 ## Recommendation 14:32:55 14:32:55 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 14:32:55 14:32:55 The following template can be used to demonstrate the vulnerability: 14:32:55 ```{{#with "constructor"}} 14:32:55 {{#with split as |a|}} 14:32:55 {{pop (push "alert('Vulnerable Handlebars JS');")}} 14:32:55 {{#with (concat (lookup join (slice 0 1)))}} 14:32:55 {{#each (slice 2 3)}} 14:32:55 {{#with (apply 0 a)}} 14:32:55 {{.}} 14:32:55 {{/with}} 14:32:55 {{/each}} 14:32:55 {{/with}} 14:32:55 {{/with}} 14:32:55 {{/with}}``` 14:32:55 14:32:55 14:32:55 ## Recommendation 14:32:55 14:32:55 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:32:55 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 14:32:55 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:32:55 [INFO] Analysis Complete (1 seconds) 14:32:55 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 14:32:55 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 14:32:55 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 14:32:55 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 14:32:55 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 14:32:55 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 14:32:55 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 14:32:55 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 14:32:55 [INFO] 14:32:55 [INFO] --------------< org.openspcoop2:org.openspcoop2.reports >--------------- 14:32:55 [INFO] Building dependencies.reports 1.0 [24/69] 14:32:55 [INFO] --------------------------------[ pom ]--------------------------------- 14:32:55 [INFO] 14:32:55 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.reports --- 14:32:55 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/reports (includes = [*.jar], excludes = []) 14:32:55 [INFO] 14:32:55 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.reports --- 14:32:55 [INFO] 14:32:55 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.reports --- 14:32:55 [INFO] Executing tasks 14:33:00 [INFO] Executed tasks 14:33:00 [INFO] 14:33:00 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.reports --- 14:33:00 [INFO] Checking for updates 14:33:00 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:33:00 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:33:00 [INFO] Check for updates complete (76 ms) 14:33:01 [INFO] 14:33:01 14:33:01 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:33:01 14:33:01 14:33:01 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:33:01 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:33:01 14:33:01 💖 Sponsor: https://github.com/sponsors/jeremylong 14:33:01 14:33:01 14:33:01 [INFO] Analysis Started 14:33:01 [INFO] Finished Archive Analyzer (0 seconds) 14:33:01 [INFO] Finished File Name Analyzer (0 seconds) 14:33:01 [INFO] Finished Jar Analyzer (0 seconds) 14:33:01 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:33:01 [INFO] Finished Hint Analyzer (0 seconds) 14:33:01 [INFO] Finished Version Filter Analyzer (0 seconds) 14:33:02 [INFO] Created CPE Index (1 seconds) 14:33:02 [INFO] Finished CPE Analyzer (1 seconds) 14:33:02 [INFO] Finished False Positive Analyzer (0 seconds) 14:33:02 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:33:02 [INFO] Finished RetireJS Analyzer (0 seconds) 14:33:02 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:33:02 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:33:02 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:33:02 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 14:33:02 14:33:02 14:33:02 ## Recommendation 14:33:02 14:33:02 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 14:33:02 14:33:02 The following template can be used to demonstrate the vulnerability: 14:33:02 ```{{#with "constructor"}} 14:33:02 {{#with split as |a|}} 14:33:02 {{pop (push "alert('Vulnerable Handlebars JS');")}} 14:33:02 {{#with (concat (lookup join (slice 0 1)))}} 14:33:02 {{#each (slice 2 3)}} 14:33:02 {{#with (apply 0 a)}} 14:33:02 {{.}} 14:33:02 {{/with}} 14:33:02 {{/each}} 14:33:02 {{/with}} 14:33:02 {{/with}} 14:33:02 {{/with}}``` 14:33:02 14:33:02 14:33:02 ## Recommendation 14:33:02 14:33:02 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:02 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 14:33:02 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:33:03 [INFO] Analysis Complete (1 seconds) 14:33:03 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 14:33:03 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 14:33:03 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 14:33:03 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 14:33:03 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 14:33:03 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 14:33:03 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 14:33:03 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 14:33:03 [INFO] 14:33:03 [INFO] ----------------< org.openspcoop2:org.openspcoop2.saaj >---------------- 14:33:03 [INFO] Building dependencies.saaj 1.0 [25/69] 14:33:03 [INFO] --------------------------------[ pom ]--------------------------------- 14:33:03 [INFO] 14:33:03 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.saaj --- 14:33:03 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/saaj (includes = [*.jar], excludes = []) 14:33:03 [INFO] 14:33:03 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.saaj --- 14:33:03 [INFO] 14:33:03 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.saaj --- 14:33:03 [INFO] Executing tasks 14:33:03 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/saaj/saaj-impl-1.5.3.jar 14:33:03 [INFO] Executed tasks 14:33:03 [INFO] 14:33:03 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.saaj --- 14:33:03 [INFO] Executing tasks 14:33:08 [INFO] Executed tasks 14:33:08 [INFO] 14:33:08 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.saaj --- 14:33:08 [INFO] Checking for updates 14:33:08 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:33:08 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:33:08 [INFO] Check for updates complete (75 ms) 14:33:08 [INFO] 14:33:08 14:33:08 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:33:08 14:33:08 14:33:08 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:33:08 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:33:08 14:33:08 💖 Sponsor: https://github.com/sponsors/jeremylong 14:33:08 14:33:08 14:33:08 [INFO] Analysis Started 14:33:08 [INFO] Finished Archive Analyzer (0 seconds) 14:33:08 [INFO] Finished File Name Analyzer (0 seconds) 14:33:08 [INFO] Finished Jar Analyzer (0 seconds) 14:33:08 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:33:08 [INFO] Finished Hint Analyzer (0 seconds) 14:33:08 [INFO] Finished Version Filter Analyzer (0 seconds) 14:33:10 [INFO] Created CPE Index (1 seconds) 14:33:10 [INFO] Finished CPE Analyzer (1 seconds) 14:33:10 [INFO] Finished False Positive Analyzer (0 seconds) 14:33:10 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:33:10 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:33:10 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:33:10 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:33:10 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 14:33:10 14:33:10 14:33:10 ## Recommendation 14:33:10 14:33:10 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 14:33:10 14:33:10 The following template can be used to demonstrate the vulnerability: 14:33:10 ```{{#with "constructor"}} 14:33:10 {{#with split as |a|}} 14:33:10 {{pop (push "alert('Vulnerable Handlebars JS');")}} 14:33:10 {{#with (concat (lookup join (slice 0 1)))}} 14:33:10 {{#each (slice 2 3)}} 14:33:10 {{#with (apply 0 a)}} 14:33:10 {{.}} 14:33:10 {{/with}} 14:33:10 {{/each}} 14:33:10 {{/with}} 14:33:10 {{/with}} 14:33:10 {{/with}}``` 14:33:10 14:33:10 14:33:10 ## Recommendation 14:33:10 14:33:10 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:10 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 14:33:10 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:33:10 [INFO] Analysis Complete (1 seconds) 14:33:10 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 14:33:10 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 14:33:10 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 14:33:10 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 14:33:10 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 14:33:10 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 14:33:10 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 14:33:10 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 14:33:10 [INFO] 14:33:10 [INFO] --------------< org.openspcoop2:org.openspcoop2.security >-------------- 14:33:10 [INFO] Building dependencies.security 1.0 [26/69] 14:33:10 [INFO] --------------------------------[ pom ]--------------------------------- 14:33:10 [INFO] 14:33:10 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.security --- 14:33:10 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/security (includes = [*.jar], excludes = []) 14:33:10 [INFO] 14:33:10 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.security --- 14:33:10 [INFO] 14:33:10 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.security --- 14:33:10 [INFO] Executing tasks 14:33:10 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/security/xmlsec-2.3.4.jar 14:33:10 [INFO] Executed tasks 14:33:10 [INFO] 14:33:10 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.security --- 14:33:10 [INFO] Executing tasks 14:33:15 [INFO] Executed tasks 14:33:15 [INFO] 14:33:15 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.security --- 14:33:15 [INFO] Checking for updates 14:33:15 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:33:15 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:33:15 [INFO] Check for updates complete (83 ms) 14:33:16 [INFO] 14:33:16 14:33:16 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:33:16 14:33:16 14:33:16 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:33:16 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:33:16 14:33:16 💖 Sponsor: https://github.com/sponsors/jeremylong 14:33:16 14:33:16 14:33:16 [INFO] Analysis Started 14:33:16 [INFO] Finished Archive Analyzer (0 seconds) 14:33:16 [INFO] Finished File Name Analyzer (0 seconds) 14:33:16 [INFO] Finished Jar Analyzer (0 seconds) 14:33:16 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:33:16 [INFO] Finished Hint Analyzer (0 seconds) 14:33:16 [INFO] Finished Version Filter Analyzer (0 seconds) 14:33:17 [INFO] Created CPE Index (1 seconds) 14:33:17 [INFO] Finished CPE Analyzer (1 seconds) 14:33:17 [INFO] Finished False Positive Analyzer (0 seconds) 14:33:17 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:33:17 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:33:17 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:33:17 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:33:17 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 14:33:17 14:33:17 14:33:17 ## Recommendation 14:33:17 14:33:17 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 14:33:17 14:33:17 The following template can be used to demonstrate the vulnerability: 14:33:17 ```{{#with "constructor"}} 14:33:17 {{#with split as |a|}} 14:33:17 {{pop (push "alert('Vulnerable Handlebars JS');")}} 14:33:17 {{#with (concat (lookup join (slice 0 1)))}} 14:33:17 {{#each (slice 2 3)}} 14:33:17 {{#with (apply 0 a)}} 14:33:17 {{.}} 14:33:17 {{/with}} 14:33:17 {{/each}} 14:33:17 {{/with}} 14:33:17 {{/with}} 14:33:17 {{/with}}``` 14:33:17 14:33:17 14:33:17 ## Recommendation 14:33:17 14:33:17 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 14:33:17 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:33:17 [INFO] Analysis Complete (1 seconds) 14:33:17 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 14:33:17 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 14:33:17 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 14:33:17 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 14:33:17 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 14:33:17 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 14:33:17 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 14:33:17 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 14:33:17 [INFO] 14:33:17 [INFO] ---------------< org.openspcoop2:org.openspcoop2.shared >--------------- 14:33:17 [INFO] Building dependencies.shared 1.0 [27/69] 14:33:17 [INFO] --------------------------------[ pom ]--------------------------------- 14:33:17 [INFO] 14:33:17 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.shared --- 14:33:17 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/shared (includes = [*.jar], excludes = []) 14:33:17 [INFO] 14:33:17 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.shared --- 14:33:17 [INFO] 14:33:17 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.shared --- 14:33:18 [INFO] Executing tasks 14:33:18 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/commons-jcs3-core-3.1.jar 14:33:18 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/Saxon-HE-11.4.jar 14:33:18 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/snakeyaml-1.33.jar 14:33:18 [INFO] Executed tasks 14:33:18 [INFO] 14:33:18 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.shared --- 14:33:18 [INFO] Executing tasks 14:33:23 [INFO] Executed tasks 14:33:23 [INFO] 14:33:23 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.shared --- 14:33:23 [INFO] Checking for updates 14:33:23 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:33:23 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:33:23 [INFO] Check for updates complete (86 ms) 14:33:23 [INFO] 14:33:23 14:33:23 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:33:23 14:33:23 14:33:23 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:33:23 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:33:23 14:33:23 💖 Sponsor: https://github.com/sponsors/jeremylong 14:33:23 14:33:23 14:33:23 [INFO] Analysis Started 14:33:24 [INFO] Finished Archive Analyzer (0 seconds) 14:33:24 [INFO] Finished File Name Analyzer (0 seconds) 14:33:24 [INFO] Finished Jar Analyzer (0 seconds) 14:33:24 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:33:24 [INFO] Finished Hint Analyzer (0 seconds) 14:33:24 [INFO] Finished Version Filter Analyzer (0 seconds) 14:33:26 [INFO] Created CPE Index (1 seconds) 14:33:27 [INFO] Finished CPE Analyzer (2 seconds) 14:33:27 [INFO] Finished False Positive Analyzer (0 seconds) 14:33:27 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:33:27 [INFO] Finished RetireJS Analyzer (0 seconds) 14:33:27 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:33:27 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:33:27 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:33:27 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 14:33:27 14:33:27 14:33:27 ## Recommendation 14:33:27 14:33:27 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 14:33:27 14:33:27 The following template can be used to demonstrate the vulnerability: 14:33:27 ```{{#with "constructor"}} 14:33:27 {{#with split as |a|}} 14:33:27 {{pop (push "alert('Vulnerable Handlebars JS');")}} 14:33:27 {{#with (concat (lookup join (slice 0 1)))}} 14:33:27 {{#each (slice 2 3)}} 14:33:27 {{#with (apply 0 a)}} 14:33:27 {{.}} 14:33:27 {{/with}} 14:33:27 {{/each}} 14:33:27 {{/with}} 14:33:27 {{/with}} 14:33:27 {{/with}}``` 14:33:27 14:33:27 14:33:27 ## Recommendation 14:33:27 14:33:27 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 14:33:27 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:33:27 [INFO] Analysis Complete (3 seconds) 14:33:27 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 14:33:27 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 14:33:27 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 14:33:27 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 14:33:27 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 14:33:27 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 14:33:27 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 14:33:27 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 14:33:27 [INFO] 14:33:27 [INFO] ---------------< org.openspcoop2:org.openspcoop2.spring >--------------- 14:33:27 [INFO] Building dependencies.spring 1.0 [28/69] 14:33:27 [INFO] --------------------------------[ pom ]--------------------------------- 14:33:27 [INFO] 14:33:27 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring --- 14:33:27 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring (includes = [*.jar], excludes = []) 14:33:27 [INFO] 14:33:27 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring --- 14:33:27 [INFO] 14:33:27 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.spring --- 14:33:27 [INFO] Executing tasks 14:33:27 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-beans-5.3.39.jar 14:33:27 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-5.3.39.jar 14:33:27 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-support-5.3.39.jar 14:33:27 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-core-5.3.39.jar 14:33:27 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-expression-5.3.39.jar 14:33:27 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-web-5.3.39.jar 14:33:27 [INFO] Executed tasks 14:33:27 [INFO] 14:33:27 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.spring --- 14:33:27 [INFO] Executing tasks 14:33:32 [INFO] Executed tasks 14:33:32 [INFO] 14:33:32 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.spring --- 14:33:32 [INFO] Checking for updates 14:33:32 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:33:32 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:33:32 [INFO] Check for updates complete (79 ms) 14:33:33 [INFO] 14:33:33 14:33:33 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:33:33 14:33:33 14:33:33 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:33:33 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:33:33 14:33:33 💖 Sponsor: https://github.com/sponsors/jeremylong 14:33:33 14:33:33 14:33:33 [INFO] Analysis Started 14:33:33 [INFO] Finished Archive Analyzer (0 seconds) 14:33:33 [INFO] Finished File Name Analyzer (0 seconds) 14:33:33 [INFO] Finished Jar Analyzer (0 seconds) 14:33:33 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:33:33 [INFO] Finished Hint Analyzer (0 seconds) 14:33:33 [INFO] Finished Version Filter Analyzer (0 seconds) 14:33:34 [INFO] Created CPE Index (1 seconds) 14:33:34 [INFO] Finished CPE Analyzer (1 seconds) 14:33:34 [INFO] Finished False Positive Analyzer (0 seconds) 14:33:34 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:33:34 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:33:34 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:33:34 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:33:34 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 14:33:34 14:33:34 14:33:34 ## Recommendation 14:33:34 14:33:34 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 14:33:34 14:33:34 The following template can be used to demonstrate the vulnerability: 14:33:34 ```{{#with "constructor"}} 14:33:34 {{#with split as |a|}} 14:33:34 {{pop (push "alert('Vulnerable Handlebars JS');")}} 14:33:34 {{#with (concat (lookup join (slice 0 1)))}} 14:33:34 {{#each (slice 2 3)}} 14:33:34 {{#with (apply 0 a)}} 14:33:34 {{.}} 14:33:34 {{/with}} 14:33:34 {{/each}} 14:33:34 {{/with}} 14:33:34 {{/with}} 14:33:34 {{/with}}``` 14:33:34 14:33:34 14:33:34 ## Recommendation 14:33:34 14:33:34 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:33:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:33:34 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:33:34 [INFO] Analysis Complete (1 seconds) 14:33:34 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 14:33:34 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 14:33:34 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 14:33:34 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 14:33:34 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 14:33:34 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 14:33:34 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 14:33:34 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 14:33:35 [INFO] 14:33:35 [INFO] ------------< org.openspcoop2:org.openspcoop2.spring-ldap >------------- 14:33:35 [INFO] Building dependencies.spring-ldap 1.0 [29/69] 14:33:35 [INFO] --------------------------------[ pom ]--------------------------------- 14:33:35 [INFO] 14:33:35 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-ldap --- 14:33:35 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-ldap (includes = [*.jar], excludes = []) 14:33:35 [INFO] 14:33:35 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-ldap --- 14:33:35 [INFO] 14:33:35 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.spring-ldap --- 14:33:35 [INFO] Executing tasks 14:33:40 [INFO] Executed tasks 14:33:40 [INFO] 14:33:40 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.spring-ldap --- 14:33:40 [INFO] Checking for updates 14:33:40 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:33:40 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:33:40 [INFO] Check for updates complete (86 ms) 14:33:40 [INFO] 14:33:40 14:33:40 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:33:40 14:33:40 14:33:40 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:33:40 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:33:40 14:33:40 💖 Sponsor: https://github.com/sponsors/jeremylong 14:33:40 14:33:40 14:33:40 [INFO] Analysis Started 14:33:40 [INFO] Finished Archive Analyzer (0 seconds) 14:33:40 [INFO] Finished File Name Analyzer (0 seconds) 14:33:40 [INFO] Finished Jar Analyzer (0 seconds) 14:33:40 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:33:40 [INFO] Finished Hint Analyzer (0 seconds) 14:33:40 [INFO] Finished Version Filter Analyzer (0 seconds) 14:33:41 [INFO] Created CPE Index (1 seconds) 14:33:41 [INFO] Finished CPE Analyzer (1 seconds) 14:33:41 [INFO] Finished False Positive Analyzer (0 seconds) 14:33:41 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:33:41 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:33:41 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:33:41 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:33:41 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 14:33:41 14:33:41 14:33:41 ## Recommendation 14:33:41 14:33:41 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 14:33:41 14:33:41 The following template can be used to demonstrate the vulnerability: 14:33:41 ```{{#with "constructor"}} 14:33:41 {{#with split as |a|}} 14:33:41 {{pop (push "alert('Vulnerable Handlebars JS');")}} 14:33:41 {{#with (concat (lookup join (slice 0 1)))}} 14:33:41 {{#each (slice 2 3)}} 14:33:41 {{#with (apply 0 a)}} 14:33:41 {{.}} 14:33:41 {{/with}} 14:33:41 {{/each}} 14:33:41 {{/with}} 14:33:41 {{/with}} 14:33:41 {{/with}}``` 14:33:41 14:33:41 14:33:41 ## Recommendation 14:33:41 14:33:41 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 14:33:41 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:33:41 [INFO] Analysis Complete (1 seconds) 14:33:41 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 14:33:41 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 14:33:42 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 14:33:42 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 14:33:42 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 14:33:42 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 14:33:42 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 14:33:42 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 14:33:42 [INFO] 14:33:42 [INFO] ----------< org.openspcoop2:org.openspcoop2.spring-security >----------- 14:33:42 [INFO] Building dependencies.spring-security 1.0 [30/69] 14:33:42 [INFO] --------------------------------[ pom ]--------------------------------- 14:33:42 [INFO] 14:33:42 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-security --- 14:33:42 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-security (includes = [*.jar], excludes = []) 14:33:42 [INFO] 14:33:42 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-security --- 14:33:42 [INFO] 14:33:42 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.spring-security --- 14:33:42 [INFO] Executing tasks 14:33:47 [INFO] Executed tasks 14:33:47 [INFO] 14:33:47 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.spring-security --- 14:33:47 [INFO] Checking for updates 14:33:47 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:33:47 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:33:47 [INFO] Check for updates complete (89 ms) 14:33:47 [INFO] 14:33:47 14:33:47 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:33:47 14:33:47 14:33:47 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:33:47 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:33:47 14:33:47 💖 Sponsor: https://github.com/sponsors/jeremylong 14:33:47 14:33:47 14:33:47 [INFO] Analysis Started 14:33:47 [INFO] Finished Archive Analyzer (0 seconds) 14:33:47 [INFO] Finished File Name Analyzer (0 seconds) 14:33:47 [INFO] Finished Jar Analyzer (0 seconds) 14:33:47 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:33:47 [INFO] Finished Hint Analyzer (0 seconds) 14:33:47 [INFO] Finished Version Filter Analyzer (0 seconds) 14:33:48 [INFO] Created CPE Index (1 seconds) 14:33:49 [INFO] Finished CPE Analyzer (1 seconds) 14:33:49 [INFO] Finished False Positive Analyzer (0 seconds) 14:33:49 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:33:49 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:33:49 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:33:49 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:33:49 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 14:33:49 14:33:49 14:33:49 ## Recommendation 14:33:49 14:33:49 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 14:33:49 14:33:49 The following template can be used to demonstrate the vulnerability: 14:33:49 ```{{#with "constructor"}} 14:33:49 {{#with split as |a|}} 14:33:49 {{pop (push "alert('Vulnerable Handlebars JS');")}} 14:33:49 {{#with (concat (lookup join (slice 0 1)))}} 14:33:49 {{#each (slice 2 3)}} 14:33:49 {{#with (apply 0 a)}} 14:33:49 {{.}} 14:33:49 {{/with}} 14:33:49 {{/each}} 14:33:49 {{/with}} 14:33:49 {{/with}} 14:33:49 {{/with}}``` 14:33:49 14:33:49 14:33:49 ## Recommendation 14:33:49 14:33:49 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:33:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 14:33:49 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:33:49 [INFO] Analysis Complete (1 seconds) 14:33:49 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 14:33:49 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 14:33:49 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 14:33:49 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 14:33:49 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 14:33:49 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 14:33:49 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 14:33:49 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 14:33:49 [INFO] 14:33:49 [INFO] --------------< org.openspcoop2:org.openspcoop2.swagger >--------------- 14:33:49 [INFO] Building dependencies.swagger 1.0 [31/69] 14:33:49 [INFO] --------------------------------[ pom ]--------------------------------- 14:33:49 [INFO] 14:33:49 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.swagger --- 14:33:49 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/swagger (includes = [*.jar], excludes = []) 14:33:49 [INFO] 14:33:49 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.swagger --- 14:33:49 [INFO] 14:33:49 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.swagger --- 14:33:49 [INFO] Executing tasks 14:33:49 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-parser-v3-2.1.6.jar 14:33:49 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-request-validator-core-2.30.0.jar 14:33:49 [INFO] Executed tasks 14:33:49 [INFO] 14:33:49 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.swagger --- 14:33:49 [INFO] Executing tasks 14:33:54 [INFO] Executed tasks 14:33:54 [INFO] 14:33:54 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.swagger --- 14:33:54 [INFO] Checking for updates 14:33:54 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:33:54 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:33:54 [INFO] Check for updates complete (80 ms) 14:33:54 [INFO] 14:33:54 14:33:54 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:33:54 14:33:54 14:33:54 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:33:54 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:33:54 14:33:54 💖 Sponsor: https://github.com/sponsors/jeremylong 14:33:54 14:33:54 14:33:54 [INFO] Analysis Started 14:33:55 [INFO] Finished Archive Analyzer (0 seconds) 14:33:55 [INFO] Finished File Name Analyzer (0 seconds) 14:33:55 [INFO] Finished Jar Analyzer (0 seconds) 14:33:55 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:33:55 [INFO] Finished Hint Analyzer (0 seconds) 14:33:55 [INFO] Finished Version Filter Analyzer (0 seconds) 14:33:56 [INFO] Created CPE Index (1 seconds) 14:33:56 [INFO] Finished CPE Analyzer (1 seconds) 14:33:56 [INFO] Finished False Positive Analyzer (0 seconds) 14:33:56 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:34:04 [INFO] Finished RetireJS Analyzer (8 seconds) 14:34:04 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:34:04 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:34:04 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:34:04 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 14:34:04 14:34:04 14:34:04 ## Recommendation 14:34:04 14:34:04 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 14:34:04 14:34:04 The following template can be used to demonstrate the vulnerability: 14:34:04 ```{{#with "constructor"}} 14:34:04 {{#with split as |a|}} 14:34:04 {{pop (push "alert('Vulnerable Handlebars JS');")}} 14:34:04 {{#with (concat (lookup join (slice 0 1)))}} 14:34:04 {{#each (slice 2 3)}} 14:34:04 {{#with (apply 0 a)}} 14:34:04 {{.}} 14:34:04 {{/with}} 14:34:04 {{/each}} 14:34:04 {{/with}} 14:34:04 {{/with}} 14:34:04 {{/with}}``` 14:34:04 14:34:04 14:34:04 ## Recommendation 14:34:04 14:34:04 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:34:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 14:34:04 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:34:04 [INFO] Analysis Complete (10 seconds) 14:34:04 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 14:34:04 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 14:34:04 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 14:34:04 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 14:34:04 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 14:34:04 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 14:34:04 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 14:34:04 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 14:34:04 [INFO] 14:34:04 [INFO] ----------------< org.openspcoop2:org.openspcoop2.wadl >---------------- 14:34:04 [INFO] Building dependencies.wadl 1.0 [32/69] 14:34:04 [INFO] --------------------------------[ pom ]--------------------------------- 14:34:04 [INFO] 14:34:04 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wadl --- 14:34:04 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wadl (includes = [*.jar], excludes = []) 14:34:04 [INFO] 14:34:04 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wadl --- 14:34:04 [INFO] 14:34:04 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.wadl --- 14:34:04 [INFO] Executing tasks 14:34:09 [INFO] Executed tasks 14:34:09 [INFO] 14:34:09 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.wadl --- 14:34:10 [INFO] Checking for updates 14:34:10 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:34:10 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:34:10 [INFO] Check for updates complete (81 ms) 14:34:10 [INFO] 14:34:10 14:34:10 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:34:10 14:34:10 14:34:10 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:34:10 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:34:10 14:34:10 💖 Sponsor: https://github.com/sponsors/jeremylong 14:34:10 14:34:10 14:34:10 [INFO] Analysis Started 14:34:10 [INFO] Finished Archive Analyzer (0 seconds) 14:34:10 [INFO] Finished File Name Analyzer (0 seconds) 14:34:10 [INFO] Finished Jar Analyzer (0 seconds) 14:34:10 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:34:10 [INFO] Finished Hint Analyzer (0 seconds) 14:34:10 [INFO] Finished Version Filter Analyzer (0 seconds) 14:34:11 [INFO] Created CPE Index (1 seconds) 14:34:11 [INFO] Finished CPE Analyzer (1 seconds) 14:34:11 [INFO] Finished False Positive Analyzer (0 seconds) 14:34:11 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:34:11 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:34:11 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:34:11 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:34:11 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 14:34:11 14:34:11 14:34:11 ## Recommendation 14:34:11 14:34:11 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 14:34:11 14:34:11 The following template can be used to demonstrate the vulnerability: 14:34:11 ```{{#with "constructor"}} 14:34:11 {{#with split as |a|}} 14:34:11 {{pop (push "alert('Vulnerable Handlebars JS');")}} 14:34:11 {{#with (concat (lookup join (slice 0 1)))}} 14:34:11 {{#each (slice 2 3)}} 14:34:11 {{#with (apply 0 a)}} 14:34:11 {{.}} 14:34:11 {{/with}} 14:34:11 {{/each}} 14:34:11 {{/with}} 14:34:11 {{/with}} 14:34:11 {{/with}}``` 14:34:11 14:34:11 14:34:11 ## Recommendation 14:34:11 14:34:11 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:34:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 14:34:11 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:34:11 [INFO] Analysis Complete (1 seconds) 14:34:11 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 14:34:11 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 14:34:12 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 14:34:12 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 14:34:12 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 14:34:12 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 14:34:12 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 14:34:12 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 14:34:12 [INFO] 14:34:12 [INFO] ---------------< org.openspcoop2:org.openspcoop2.wss4j >---------------- 14:34:12 [INFO] Building dependencies.wss4j 1.0 [33/69] 14:34:12 [INFO] --------------------------------[ pom ]--------------------------------- 14:34:12 [INFO] 14:34:12 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wss4j --- 14:34:12 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wss4j (includes = [*.jar], excludes = []) 14:34:12 [INFO] 14:34:12 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wss4j --- 14:34:12 [INFO] 14:34:12 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.wss4j --- 14:34:12 [INFO] Executing tasks 14:34:12 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-common-2.4.1.jar 14:34:12 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-dom-2.4.1.jar 14:34:12 [INFO] Executed tasks 14:34:12 [INFO] 14:34:12 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.wss4j --- 14:34:12 [INFO] Executing tasks 14:34:17 [INFO] Executed tasks 14:34:17 [INFO] 14:34:17 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.wss4j --- 14:34:17 [INFO] Checking for updates 14:34:17 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:34:17 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:34:17 [INFO] Check for updates complete (80 ms) 14:34:17 [INFO] 14:34:17 14:34:17 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:34:17 14:34:17 14:34:17 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:34:17 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:34:17 14:34:17 💖 Sponsor: https://github.com/sponsors/jeremylong 14:34:17 14:34:17 14:34:17 [INFO] Analysis Started 14:34:17 [INFO] Finished Archive Analyzer (0 seconds) 14:34:17 [INFO] Finished File Name Analyzer (0 seconds) 14:34:17 [INFO] Finished Jar Analyzer (0 seconds) 14:34:17 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:34:17 [INFO] Finished Hint Analyzer (0 seconds) 14:34:17 [INFO] Finished Version Filter Analyzer (0 seconds) 14:34:18 [INFO] Created CPE Index (1 seconds) 14:34:18 [INFO] Finished CPE Analyzer (1 seconds) 14:34:18 [INFO] Finished False Positive Analyzer (0 seconds) 14:34:18 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:34:18 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:34:18 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:34:19 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:34:19 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 14:34:19 14:34:19 14:34:19 ## Recommendation 14:34:19 14:34:19 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 14:34:19 14:34:19 The following template can be used to demonstrate the vulnerability: 14:34:19 ```{{#with "constructor"}} 14:34:19 {{#with split as |a|}} 14:34:19 {{pop (push "alert('Vulnerable Handlebars JS');")}} 14:34:19 {{#with (concat (lookup join (slice 0 1)))}} 14:34:19 {{#each (slice 2 3)}} 14:34:19 {{#with (apply 0 a)}} 14:34:19 {{.}} 14:34:19 {{/with}} 14:34:19 {{/each}} 14:34:19 {{/with}} 14:34:19 {{/with}} 14:34:19 {{/with}}``` 14:34:19 14:34:19 14:34:19 ## Recommendation 14:34:19 14:34:19 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 14:34:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 14:34:19 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:34:19 [INFO] Analysis Complete (1 seconds) 14:34:19 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 14:34:19 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 14:34:19 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 14:34:19 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 14:34:19 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 14:34:19 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 14:34:19 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 14:34:19 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 14:34:19 [INFO] 14:34:19 [INFO] -------------< org.openspcoop2:org.openspcoop2.testsuite >-------------- 14:34:19 [INFO] Building dependencies.testsuite 1.0 [34/69] 14:34:19 [INFO] --------------------------------[ pom ]--------------------------------- 14:34:19 [INFO] 14:34:19 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite --- 14:34:19 [INFO] Executing tasks 14:34:24 [INFO] Executed tasks 14:34:24 [INFO] 14:34:24 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.testsuite --- 14:34:24 [INFO] Checking for updates 14:34:24 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:34:24 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:34:24 [INFO] Check for updates complete (69 ms) 14:34:24 [INFO] 14:34:24 14:34:24 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:34:24 14:34:24 14:34:24 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:34:24 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:34:24 14:34:24 💖 Sponsor: https://github.com/sponsors/jeremylong 14:34:24 14:34:24 14:34:24 [INFO] Analysis Started 14:34:24 [INFO] Finished File Name Analyzer (0 seconds) 14:34:24 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:34:24 [INFO] Finished Hint Analyzer (0 seconds) 14:34:24 [INFO] Finished Version Filter Analyzer (0 seconds) 14:34:25 [INFO] Created CPE Index (1 seconds) 14:34:25 [INFO] Finished CPE Analyzer (1 seconds) 14:34:25 [INFO] Finished False Positive Analyzer (0 seconds) 14:34:25 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:34:25 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:34:25 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:34:25 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:34:25 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:34:25 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:34:25 [INFO] Analysis Complete (1 seconds) 14:34:25 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 14:34:25 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 14:34:25 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 14:34:25 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 14:34:25 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 14:34:25 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 14:34:25 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 14:34:25 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 14:34:26 [INFO] 14:34:26 [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.axis14 >---------- 14:34:26 [INFO] Building dependencies.testsuite.axis14 1.0 [35/69] 14:34:26 [INFO] --------------------------------[ pom ]--------------------------------- 14:34:26 [INFO] 14:34:26 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.axis14 --- 14:34:26 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axis14 (includes = [*.jar], excludes = []) 14:34:26 [INFO] 14:34:26 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.axis14 --- 14:34:26 [INFO] 14:34:26 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.axis14 --- 14:34:26 [INFO] Executing tasks 14:34:26 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-1.4.jar 14:34:26 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-jaxrpc-1.4.jar 14:34:26 [INFO] Executed tasks 14:34:26 [INFO] 14:34:26 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.axis14 --- 14:34:26 [INFO] Executing tasks 14:34:31 [INFO] Executed tasks 14:34:31 [INFO] 14:34:31 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.testsuite.axis14 --- 14:34:31 [INFO] Checking for updates 14:34:31 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:34:31 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:34:31 [INFO] Check for updates complete (85 ms) 14:34:31 [INFO] 14:34:31 14:34:31 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:34:31 14:34:31 14:34:31 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:34:31 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:34:31 14:34:31 💖 Sponsor: https://github.com/sponsors/jeremylong 14:34:31 14:34:31 14:34:31 [INFO] Analysis Started 14:34:31 [INFO] Finished File Name Analyzer (0 seconds) 14:34:31 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:34:31 [INFO] Finished Hint Analyzer (0 seconds) 14:34:31 [INFO] Finished Version Filter Analyzer (0 seconds) 14:34:32 [INFO] Created CPE Index (1 seconds) 14:34:32 [INFO] Finished CPE Analyzer (1 seconds) 14:34:32 [INFO] Finished False Positive Analyzer (0 seconds) 14:34:32 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:34:32 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:34:32 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:34:32 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:34:32 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:34:32 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:34:32 [INFO] Analysis Complete (1 seconds) 14:34:32 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.xml 14:34:32 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.html 14:34:32 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.json 14:34:32 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.csv 14:34:32 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.sarif 14:34:32 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-jenkins.html 14:34:32 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-junit.xml 14:34:32 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-gitlab.json 14:34:32 [INFO] 14:34:32 [INFO] ----< org.openspcoop2:org.openspcoop2.testsuite.applicationServer >----- 14:34:32 [INFO] Building dependencies.testsuite.as 1.0 [36/69] 14:34:32 [INFO] --------------------------------[ pom ]--------------------------------- 14:34:32 [INFO] 14:34:32 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer --- 14:34:32 [INFO] Executing tasks 14:34:37 [INFO] Executed tasks 14:34:37 [INFO] 14:34:37 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer --- 14:34:38 [INFO] Checking for updates 14:34:38 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:34:38 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:34:38 [INFO] Check for updates complete (68 ms) 14:34:38 [INFO] 14:34:38 14:34:38 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:34:38 14:34:38 14:34:38 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:34:38 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:34:38 14:34:38 💖 Sponsor: https://github.com/sponsors/jeremylong 14:34:38 14:34:38 14:34:38 [INFO] Analysis Started 14:34:38 [INFO] Finished File Name Analyzer (0 seconds) 14:34:38 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:34:38 [INFO] Finished Hint Analyzer (0 seconds) 14:34:38 [INFO] Finished Version Filter Analyzer (0 seconds) 14:34:39 [INFO] Created CPE Index (1 seconds) 14:34:39 [INFO] Finished CPE Analyzer (1 seconds) 14:34:39 [INFO] Finished False Positive Analyzer (0 seconds) 14:34:39 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:34:39 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:34:39 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:34:39 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:34:39 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:34:39 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:34:39 [INFO] Analysis Complete (1 seconds) 14:34:39 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.xml 14:34:39 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.html 14:34:39 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.json 14:34:39 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.csv 14:34:39 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.sarif 14:34:39 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-jenkins.html 14:34:39 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-junit.xml 14:34:39 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-gitlab.json 14:34:39 [INFO] 14:34:39 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly9 >-- 14:34:39 [INFO] Building dependencies.testsuite.as.wildfly9 1.0 [37/69] 14:34:39 [INFO] --------------------------------[ pom ]--------------------------------- 14:34:39 [INFO] 14:34:39 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 14:34:39 [INFO] 14:34:39 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 14:34:39 [INFO] org.wildfly:wildfly-client-all:jar:9.0.0.Final already exists in destination. 14:34:39 [INFO] 14:34:39 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 14:34:39 [INFO] Executing tasks 14:34:44 [INFO] Executed tasks 14:34:44 [INFO] 14:34:44 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 14:34:44 [INFO] Checking for updates 14:34:44 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:34:45 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:34:45 [INFO] Check for updates complete (78 ms) 14:34:45 [INFO] 14:34:45 14:34:45 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:34:45 14:34:45 14:34:45 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:34:45 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:34:45 14:34:45 💖 Sponsor: https://github.com/sponsors/jeremylong 14:34:45 14:34:45 14:34:45 [INFO] Analysis Started 14:34:45 [INFO] Finished File Name Analyzer (0 seconds) 14:34:45 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:34:45 [INFO] Finished Hint Analyzer (0 seconds) 14:34:45 [INFO] Finished Version Filter Analyzer (0 seconds) 14:34:46 [INFO] Created CPE Index (1 seconds) 14:34:46 [INFO] Finished CPE Analyzer (1 seconds) 14:34:46 [INFO] Finished False Positive Analyzer (0 seconds) 14:34:46 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:34:46 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:34:46 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:34:46 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:34:46 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:34:46 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:34:46 [INFO] Analysis Complete (1 seconds) 14:34:46 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 14:34:46 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 14:34:47 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 14:34:47 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 14:34:47 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 14:34:47 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 14:34:47 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 14:34:47 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 14:34:47 [INFO] 14:34:47 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly10 >-- 14:34:47 [INFO] Building dependencies.testsuite.as.wildfly10 1.0 [38/69] 14:34:47 [INFO] --------------------------------[ pom ]--------------------------------- 14:34:47 [INFO] 14:34:47 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 14:34:47 [INFO] 14:34:47 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 14:34:47 [INFO] org.wildfly:wildfly-client-all:jar:10.0.0.Final already exists in destination. 14:34:47 [INFO] 14:34:47 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 14:34:47 [INFO] Executing tasks 14:34:52 [INFO] Executed tasks 14:34:52 [INFO] 14:34:52 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 14:34:52 [INFO] Checking for updates 14:34:52 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:34:52 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:34:52 [INFO] Check for updates complete (95 ms) 14:34:52 [INFO] 14:34:52 14:34:52 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:34:52 14:34:52 14:34:52 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:34:52 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:34:52 14:34:52 💖 Sponsor: https://github.com/sponsors/jeremylong 14:34:52 14:34:52 14:34:52 [INFO] Analysis Started 14:34:52 [INFO] Finished File Name Analyzer (0 seconds) 14:34:52 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:34:52 [INFO] Finished Hint Analyzer (0 seconds) 14:34:52 [INFO] Finished Version Filter Analyzer (0 seconds) 14:34:53 [INFO] Created CPE Index (1 seconds) 14:34:53 [INFO] Finished CPE Analyzer (1 seconds) 14:34:53 [INFO] Finished False Positive Analyzer (0 seconds) 14:34:53 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:34:53 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:34:53 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:34:53 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:34:53 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:34:53 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:34:53 [INFO] Analysis Complete (1 seconds) 14:34:53 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 14:34:53 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 14:34:53 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 14:34:54 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 14:34:54 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 14:34:54 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 14:34:54 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 14:34:54 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 14:34:54 [INFO] 14:34:54 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly11 >-- 14:34:54 [INFO] Building dependencies.testsuite.as.wildfly11 1.0 [39/69] 14:34:54 [INFO] --------------------------------[ pom ]--------------------------------- 14:34:54 [INFO] 14:34:54 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 14:34:54 [INFO] 14:34:54 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 14:34:54 [INFO] org.wildfly:wildfly-client-all:jar:11.0.0.Final already exists in destination. 14:34:54 [INFO] 14:34:54 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 14:34:54 [INFO] Executing tasks 14:34:59 [INFO] Executed tasks 14:34:59 [INFO] 14:34:59 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 14:34:59 [INFO] Checking for updates 14:34:59 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:34:59 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:34:59 [INFO] Check for updates complete (107 ms) 14:34:59 [INFO] 14:34:59 14:34:59 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:34:59 14:34:59 14:34:59 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:34:59 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:34:59 14:34:59 💖 Sponsor: https://github.com/sponsors/jeremylong 14:34:59 14:34:59 14:34:59 [INFO] Analysis Started 14:34:59 [INFO] Finished File Name Analyzer (0 seconds) 14:34:59 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:34:59 [INFO] Finished Hint Analyzer (0 seconds) 14:34:59 [INFO] Finished Version Filter Analyzer (0 seconds) 14:35:01 [INFO] Created CPE Index (2 seconds) 14:35:01 [INFO] Finished CPE Analyzer (2 seconds) 14:35:01 [INFO] Finished False Positive Analyzer (0 seconds) 14:35:01 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:35:01 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:35:01 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:35:01 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:35:01 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:35:01 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:35:01 [INFO] Analysis Complete (2 seconds) 14:35:01 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 14:35:01 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 14:35:01 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 14:35:01 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 14:35:01 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 14:35:01 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 14:35:01 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 14:35:01 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 14:35:01 [INFO] 14:35:01 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly12 >-- 14:35:01 [INFO] Building dependencies.testsuite.as.wildfly12 1.0 [40/69] 14:35:01 [INFO] --------------------------------[ pom ]--------------------------------- 14:35:01 [INFO] 14:35:01 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 14:35:01 [INFO] 14:35:01 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 14:35:01 [INFO] org.wildfly:wildfly-client-all:jar:12.0.0.Final already exists in destination. 14:35:01 [INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination. 14:35:01 [INFO] 14:35:01 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 14:35:01 [INFO] Executing tasks 14:35:06 [INFO] Executed tasks 14:35:06 [INFO] 14:35:06 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 14:35:06 [INFO] Checking for updates 14:35:06 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:35:07 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:35:07 [INFO] Check for updates complete (100 ms) 14:35:07 [INFO] 14:35:07 14:35:07 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:35:07 14:35:07 14:35:07 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:35:07 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:35:07 14:35:07 💖 Sponsor: https://github.com/sponsors/jeremylong 14:35:07 14:35:07 14:35:07 [INFO] Analysis Started 14:35:07 [INFO] Finished File Name Analyzer (0 seconds) 14:35:07 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:35:07 [INFO] Finished Hint Analyzer (0 seconds) 14:35:07 [INFO] Finished Version Filter Analyzer (0 seconds) 14:35:08 [INFO] Created CPE Index (1 seconds) 14:35:08 [INFO] Finished CPE Analyzer (1 seconds) 14:35:08 [INFO] Finished False Positive Analyzer (0 seconds) 14:35:08 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:35:08 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:35:08 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:35:08 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:35:08 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:35:08 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:35:08 [INFO] Analysis Complete (1 seconds) 14:35:08 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 14:35:08 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 14:35:08 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 14:35:08 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 14:35:08 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 14:35:08 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 14:35:08 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 14:35:08 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 14:35:08 [INFO] 14:35:08 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly13 >-- 14:35:08 [INFO] Building dependencies.testsuite.as.wildfly13 1.0 [41/69] 14:35:08 [INFO] --------------------------------[ pom ]--------------------------------- 14:35:08 [INFO] 14:35:08 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 14:35:08 [INFO] 14:35:08 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 14:35:08 [INFO] org.wildfly:wildfly-client-all:jar:13.0.0.Final already exists in destination. 14:35:08 [INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination. 14:35:08 [INFO] 14:35:08 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 14:35:08 [INFO] Executing tasks 14:35:13 [INFO] Executed tasks 14:35:13 [INFO] 14:35:13 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 14:35:13 [INFO] Checking for updates 14:35:13 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:35:13 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:35:13 [INFO] Check for updates complete (66 ms) 14:35:14 [INFO] 14:35:14 14:35:14 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:35:14 14:35:14 14:35:14 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:35:14 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:35:14 14:35:14 💖 Sponsor: https://github.com/sponsors/jeremylong 14:35:14 14:35:14 14:35:14 [INFO] Analysis Started 14:35:14 [INFO] Finished File Name Analyzer (0 seconds) 14:35:14 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:35:14 [INFO] Finished Hint Analyzer (0 seconds) 14:35:14 [INFO] Finished Version Filter Analyzer (0 seconds) 14:35:15 [INFO] Created CPE Index (1 seconds) 14:35:15 [INFO] Finished CPE Analyzer (1 seconds) 14:35:15 [INFO] Finished False Positive Analyzer (0 seconds) 14:35:15 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:35:15 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:35:15 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:35:15 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:35:15 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:35:15 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:35:15 [INFO] Analysis Complete (1 seconds) 14:35:15 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 14:35:15 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 14:35:15 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 14:35:15 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 14:35:15 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 14:35:15 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 14:35:15 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 14:35:15 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 14:35:15 [INFO] 14:35:15 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly14 >-- 14:35:15 [INFO] Building dependencies.testsuite.as.wildfly14 1.0 [42/69] 14:35:15 [INFO] --------------------------------[ pom ]--------------------------------- 14:35:15 [INFO] 14:35:15 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 14:35:15 [INFO] 14:35:15 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 14:35:15 [INFO] org.wildfly:wildfly-client-all:jar:14.0.0.Final already exists in destination. 14:35:15 [INFO] 14:35:15 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 14:35:15 [INFO] Executing tasks 14:35:20 [INFO] Executed tasks 14:35:20 [INFO] 14:35:20 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 14:35:20 [INFO] Checking for updates 14:35:20 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:35:20 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:35:20 [INFO] Check for updates complete (120 ms) 14:35:21 [INFO] 14:35:21 14:35:21 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:35:21 14:35:21 14:35:21 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:35:21 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:35:21 14:35:21 💖 Sponsor: https://github.com/sponsors/jeremylong 14:35:21 14:35:21 14:35:21 [INFO] Analysis Started 14:35:21 [INFO] Finished File Name Analyzer (0 seconds) 14:35:21 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:35:21 [INFO] Finished Hint Analyzer (0 seconds) 14:35:21 [INFO] Finished Version Filter Analyzer (0 seconds) 14:35:22 [INFO] Created CPE Index (1 seconds) 14:35:22 [INFO] Finished CPE Analyzer (1 seconds) 14:35:22 [INFO] Finished False Positive Analyzer (0 seconds) 14:35:22 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:35:22 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:35:22 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:35:22 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:35:22 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:35:22 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:35:22 [INFO] Analysis Complete (1 seconds) 14:35:22 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 14:35:22 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 14:35:22 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 14:35:22 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 14:35:22 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 14:35:22 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 14:35:22 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 14:35:22 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 14:35:22 [INFO] 14:35:22 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly15 >-- 14:35:22 [INFO] Building dependencies.testsuite.as.wildfly15 1.0 [43/69] 14:35:22 [INFO] --------------------------------[ pom ]--------------------------------- 14:35:23 [INFO] 14:35:23 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 14:35:23 [INFO] 14:35:23 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 14:35:23 [INFO] org.wildfly:wildfly-client-all:jar:15.0.0.Final already exists in destination. 14:35:23 [INFO] 14:35:23 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 14:35:23 [INFO] Executing tasks 14:35:28 [INFO] Executed tasks 14:35:28 [INFO] 14:35:28 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 14:35:28 [INFO] Checking for updates 14:35:28 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:35:28 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:35:28 [INFO] Check for updates complete (85 ms) 14:35:28 [INFO] 14:35:28 14:35:28 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:35:28 14:35:28 14:35:28 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:35:28 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:35:28 14:35:28 💖 Sponsor: https://github.com/sponsors/jeremylong 14:35:28 14:35:28 14:35:28 [INFO] Analysis Started 14:35:28 [INFO] Finished File Name Analyzer (0 seconds) 14:35:28 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:35:28 [INFO] Finished Hint Analyzer (0 seconds) 14:35:28 [INFO] Finished Version Filter Analyzer (0 seconds) 14:35:29 [INFO] Created CPE Index (1 seconds) 14:35:29 [INFO] Finished CPE Analyzer (1 seconds) 14:35:29 [INFO] Finished False Positive Analyzer (0 seconds) 14:35:29 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:35:29 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:35:29 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:35:29 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:35:29 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:35:29 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:35:29 [INFO] Analysis Complete (1 seconds) 14:35:29 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 14:35:29 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 14:35:30 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 14:35:30 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 14:35:30 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 14:35:30 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 14:35:30 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 14:35:30 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 14:35:30 [INFO] 14:35:30 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly16 >-- 14:35:30 [INFO] Building dependencies.testsuite.as.wildfly16 1.0 [44/69] 14:35:30 [INFO] --------------------------------[ pom ]--------------------------------- 14:35:30 [INFO] 14:35:30 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 14:35:30 [INFO] 14:35:30 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 14:35:30 [INFO] org.wildfly:wildfly-client-all:jar:16.0.0.Final already exists in destination. 14:35:30 [INFO] 14:35:30 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 14:35:30 [INFO] Executing tasks 14:35:35 [INFO] Executed tasks 14:35:35 [INFO] 14:35:35 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 14:35:35 [INFO] Checking for updates 14:35:35 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:35:35 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:35:35 [INFO] Check for updates complete (70 ms) 14:35:35 [INFO] 14:35:35 14:35:35 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:35:35 14:35:35 14:35:35 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:35:35 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:35:35 14:35:35 💖 Sponsor: https://github.com/sponsors/jeremylong 14:35:35 14:35:35 14:35:35 [INFO] Analysis Started 14:35:35 [INFO] Finished File Name Analyzer (0 seconds) 14:35:35 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:35:35 [INFO] Finished Hint Analyzer (0 seconds) 14:35:35 [INFO] Finished Version Filter Analyzer (0 seconds) 14:35:36 [INFO] Created CPE Index (1 seconds) 14:35:36 [INFO] Finished CPE Analyzer (1 seconds) 14:35:36 [INFO] Finished False Positive Analyzer (0 seconds) 14:35:36 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:35:36 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:35:36 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:35:36 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:35:36 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:35:36 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:35:36 [INFO] Analysis Complete (1 seconds) 14:35:36 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 14:35:36 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 14:35:36 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 14:35:36 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 14:35:36 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 14:35:36 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 14:35:36 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 14:35:36 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 14:35:36 [INFO] 14:35:36 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly17 >-- 14:35:36 [INFO] Building dependencies.testsuite.as.wildfly17 1.0 [45/69] 14:35:36 [INFO] --------------------------------[ pom ]--------------------------------- 14:35:36 [INFO] 14:35:36 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 14:35:36 [INFO] 14:35:36 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 14:35:36 [INFO] org.wildfly:wildfly-client-all:jar:17.0.0.Final already exists in destination. 14:35:36 [INFO] 14:35:36 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 14:35:36 [INFO] Executing tasks 14:35:41 [INFO] Executed tasks 14:35:41 [INFO] 14:35:41 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 14:35:41 [INFO] Checking for updates 14:35:42 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:35:42 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:35:42 [INFO] Check for updates complete (77 ms) 14:35:42 [INFO] 14:35:42 14:35:42 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:35:42 14:35:42 14:35:42 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:35:42 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:35:42 14:35:42 💖 Sponsor: https://github.com/sponsors/jeremylong 14:35:42 14:35:42 14:35:42 [INFO] Analysis Started 14:35:42 [INFO] Finished File Name Analyzer (0 seconds) 14:35:42 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:35:42 [INFO] Finished Hint Analyzer (0 seconds) 14:35:42 [INFO] Finished Version Filter Analyzer (0 seconds) 14:35:43 [INFO] Created CPE Index (1 seconds) 14:35:43 [INFO] Finished CPE Analyzer (1 seconds) 14:35:43 [INFO] Finished False Positive Analyzer (0 seconds) 14:35:43 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:35:43 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:35:43 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:35:43 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:35:43 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:35:43 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:35:43 [INFO] Analysis Complete (1 seconds) 14:35:43 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 14:35:43 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 14:35:43 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 14:35:43 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 14:35:43 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 14:35:43 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 14:35:43 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 14:35:43 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 14:35:43 [INFO] 14:35:43 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly18 >-- 14:35:43 [INFO] Building dependencies.testsuite.as.wildfly18 1.0 [46/69] 14:35:43 [INFO] --------------------------------[ pom ]--------------------------------- 14:35:43 [INFO] 14:35:43 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 14:35:43 [INFO] 14:35:43 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 14:35:43 [INFO] org.wildfly:wildfly-client-all:jar:18.0.0.Final already exists in destination. 14:35:43 [INFO] 14:35:43 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 14:35:43 [INFO] Executing tasks 14:35:48 [INFO] Executed tasks 14:35:48 [INFO] 14:35:48 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 14:35:48 [INFO] Checking for updates 14:35:48 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:35:48 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:35:48 [INFO] Check for updates complete (87 ms) 14:35:49 [INFO] 14:35:49 14:35:49 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:35:49 14:35:49 14:35:49 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:35:49 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:35:49 14:35:49 💖 Sponsor: https://github.com/sponsors/jeremylong 14:35:49 14:35:49 14:35:49 [INFO] Analysis Started 14:35:49 [INFO] Finished File Name Analyzer (0 seconds) 14:35:49 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:35:49 [INFO] Finished Hint Analyzer (0 seconds) 14:35:49 [INFO] Finished Version Filter Analyzer (0 seconds) 14:35:50 [INFO] Created CPE Index (1 seconds) 14:35:50 [INFO] Finished CPE Analyzer (1 seconds) 14:35:50 [INFO] Finished False Positive Analyzer (0 seconds) 14:35:50 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:35:50 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:35:50 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:35:50 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:35:50 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:35:50 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:35:50 [INFO] Analysis Complete (1 seconds) 14:35:50 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 14:35:50 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 14:35:50 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 14:35:50 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 14:35:50 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 14:35:50 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 14:35:50 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 14:35:50 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 14:35:50 [INFO] 14:35:50 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly19 >-- 14:35:50 [INFO] Building dependencies.testsuite.as.wildfly19 1.0 [47/69] 14:35:50 [INFO] --------------------------------[ pom ]--------------------------------- 14:35:50 [INFO] 14:35:50 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 14:35:50 [INFO] 14:35:50 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 14:35:50 [INFO] org.wildfly:wildfly-client-all:jar:19.0.0.Final already exists in destination. 14:35:50 [INFO] 14:35:50 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 14:35:50 [INFO] Executing tasks 14:35:55 [INFO] Executed tasks 14:35:55 [INFO] 14:35:55 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 14:35:55 [INFO] Checking for updates 14:35:55 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:35:55 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:35:55 [INFO] Check for updates complete (76 ms) 14:35:56 [INFO] 14:35:56 14:35:56 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:35:56 14:35:56 14:35:56 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:35:56 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:35:56 14:35:56 💖 Sponsor: https://github.com/sponsors/jeremylong 14:35:56 14:35:56 14:35:56 [INFO] Analysis Started 14:35:56 [INFO] Finished File Name Analyzer (0 seconds) 14:35:56 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:35:56 [INFO] Finished Hint Analyzer (0 seconds) 14:35:56 [INFO] Finished Version Filter Analyzer (0 seconds) 14:35:57 [INFO] Created CPE Index (1 seconds) 14:35:57 [INFO] Finished CPE Analyzer (1 seconds) 14:35:57 [INFO] Finished False Positive Analyzer (0 seconds) 14:35:57 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:35:57 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:35:57 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:35:57 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:35:57 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:35:57 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:35:57 [INFO] Analysis Complete (1 seconds) 14:35:57 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 14:35:57 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 14:35:57 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 14:35:57 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 14:35:57 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 14:35:57 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 14:35:57 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 14:35:57 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 14:35:57 [INFO] 14:35:57 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly20 >-- 14:35:57 [INFO] Building dependencies.testsuite.as.wildfly20 1.0 [48/69] 14:35:57 [INFO] --------------------------------[ pom ]--------------------------------- 14:35:57 [INFO] 14:35:57 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 14:35:57 [INFO] 14:35:57 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 14:35:57 [INFO] org.wildfly:wildfly-client-all:jar:20.0.0.Final already exists in destination. 14:35:57 [INFO] 14:35:57 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 14:35:57 [INFO] Executing tasks 14:36:02 [INFO] Executed tasks 14:36:02 [INFO] 14:36:02 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 14:36:02 [INFO] Checking for updates 14:36:02 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:36:02 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:36:02 [INFO] Check for updates complete (78 ms) 14:36:02 [INFO] 14:36:02 14:36:02 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:36:02 14:36:02 14:36:02 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:36:02 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:36:02 14:36:02 💖 Sponsor: https://github.com/sponsors/jeremylong 14:36:02 14:36:02 14:36:02 [INFO] Analysis Started 14:36:02 [INFO] Finished File Name Analyzer (0 seconds) 14:36:02 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:36:02 [INFO] Finished Hint Analyzer (0 seconds) 14:36:02 [INFO] Finished Version Filter Analyzer (0 seconds) 14:36:04 [INFO] Created CPE Index (1 seconds) 14:36:04 [INFO] Finished CPE Analyzer (1 seconds) 14:36:04 [INFO] Finished False Positive Analyzer (0 seconds) 14:36:04 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:36:04 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:36:04 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:36:04 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:36:04 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:36:04 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:36:04 [INFO] Analysis Complete (1 seconds) 14:36:04 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 14:36:04 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 14:36:04 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 14:36:04 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 14:36:04 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 14:36:04 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 14:36:04 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 14:36:04 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 14:36:04 [INFO] 14:36:04 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly21 >-- 14:36:04 [INFO] Building dependencies.testsuite.as.wildfly21 1.0 [49/69] 14:36:04 [INFO] --------------------------------[ pom ]--------------------------------- 14:36:04 [INFO] 14:36:04 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 14:36:04 [INFO] 14:36:04 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 14:36:04 [INFO] org.wildfly:wildfly-client-all:jar:21.0.0.Final already exists in destination. 14:36:04 [INFO] 14:36:04 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 14:36:04 [INFO] Executing tasks 14:36:09 [INFO] Executed tasks 14:36:09 [INFO] 14:36:09 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 14:36:09 [INFO] Checking for updates 14:36:09 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:36:09 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:36:09 [INFO] Check for updates complete (72 ms) 14:36:09 [INFO] 14:36:09 14:36:09 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:36:09 14:36:09 14:36:09 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:36:09 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:36:09 14:36:09 💖 Sponsor: https://github.com/sponsors/jeremylong 14:36:09 14:36:09 14:36:09 [INFO] Analysis Started 14:36:09 [INFO] Finished File Name Analyzer (0 seconds) 14:36:09 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:36:09 [INFO] Finished Hint Analyzer (0 seconds) 14:36:09 [INFO] Finished Version Filter Analyzer (0 seconds) 14:36:10 [INFO] Created CPE Index (1 seconds) 14:36:11 [INFO] Finished CPE Analyzer (1 seconds) 14:36:11 [INFO] Finished False Positive Analyzer (0 seconds) 14:36:11 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:36:11 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:36:11 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:36:11 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:36:11 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:36:11 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:36:11 [INFO] Analysis Complete (1 seconds) 14:36:11 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 14:36:11 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 14:36:11 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 14:36:11 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 14:36:11 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 14:36:11 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 14:36:11 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 14:36:11 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 14:36:11 [INFO] 14:36:11 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly22 >-- 14:36:11 [INFO] Building dependencies.testsuite.as.wildfly22 1.0 [50/69] 14:36:11 [INFO] --------------------------------[ pom ]--------------------------------- 14:36:11 [INFO] 14:36:11 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 14:36:11 [INFO] 14:36:11 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 14:36:11 [INFO] org.wildfly:wildfly-client-all:jar:22.0.0.Final already exists in destination. 14:36:11 [INFO] 14:36:11 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 14:36:11 [INFO] Executing tasks 14:36:16 [INFO] Executed tasks 14:36:16 [INFO] 14:36:16 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 14:36:16 [INFO] Checking for updates 14:36:16 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:36:16 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:36:16 [INFO] Check for updates complete (70 ms) 14:36:16 [INFO] 14:36:16 14:36:16 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:36:16 14:36:16 14:36:16 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:36:16 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:36:16 14:36:16 💖 Sponsor: https://github.com/sponsors/jeremylong 14:36:16 14:36:16 14:36:16 [INFO] Analysis Started 14:36:16 [INFO] Finished File Name Analyzer (0 seconds) 14:36:16 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:36:16 [INFO] Finished Hint Analyzer (0 seconds) 14:36:16 [INFO] Finished Version Filter Analyzer (0 seconds) 14:36:17 [INFO] Created CPE Index (1 seconds) 14:36:17 [INFO] Finished CPE Analyzer (1 seconds) 14:36:17 [INFO] Finished False Positive Analyzer (0 seconds) 14:36:17 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:36:17 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:36:17 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:36:17 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:36:17 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:36:17 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:36:17 [INFO] Analysis Complete (1 seconds) 14:36:17 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 14:36:17 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 14:36:17 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 14:36:17 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 14:36:17 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 14:36:17 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 14:36:17 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 14:36:17 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 14:36:17 [INFO] 14:36:17 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly23 >-- 14:36:17 [INFO] Building dependencies.testsuite.as.wildfly23 1.0 [51/69] 14:36:17 [INFO] --------------------------------[ pom ]--------------------------------- 14:36:17 [INFO] 14:36:17 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 14:36:17 [INFO] 14:36:17 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 14:36:17 [INFO] org.wildfly:wildfly-client-all:jar:23.0.0.Final already exists in destination. 14:36:17 [INFO] 14:36:17 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 14:36:17 [INFO] Executing tasks 14:36:22 [INFO] Executed tasks 14:36:22 [INFO] 14:36:22 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 14:36:23 [INFO] Checking for updates 14:36:23 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:36:23 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:36:23 [INFO] Check for updates complete (71 ms) 14:36:23 [INFO] 14:36:23 14:36:23 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:36:23 14:36:23 14:36:23 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:36:23 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:36:23 14:36:23 💖 Sponsor: https://github.com/sponsors/jeremylong 14:36:23 14:36:23 14:36:23 [INFO] Analysis Started 14:36:23 [INFO] Finished File Name Analyzer (0 seconds) 14:36:23 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:36:23 [INFO] Finished Hint Analyzer (0 seconds) 14:36:23 [INFO] Finished Version Filter Analyzer (0 seconds) 14:36:24 [INFO] Created CPE Index (1 seconds) 14:36:24 [INFO] Finished CPE Analyzer (1 seconds) 14:36:24 [INFO] Finished False Positive Analyzer (0 seconds) 14:36:24 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:36:24 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:36:24 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:36:24 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:36:24 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:36:24 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:36:24 [INFO] Analysis Complete (1 seconds) 14:36:24 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 14:36:24 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 14:36:24 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 14:36:24 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 14:36:24 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 14:36:24 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 14:36:24 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 14:36:24 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 14:36:24 [INFO] 14:36:24 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly24 >-- 14:36:24 [INFO] Building dependencies.testsuite.as.wildfly24 1.0 [52/69] 14:36:24 [INFO] --------------------------------[ pom ]--------------------------------- 14:36:24 [INFO] 14:36:24 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 14:36:24 [INFO] 14:36:24 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 14:36:24 [INFO] org.wildfly:wildfly-client-all:jar:24.0.0.Final already exists in destination. 14:36:24 [INFO] 14:36:24 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 14:36:24 [INFO] Executing tasks 14:36:29 [INFO] Executed tasks 14:36:29 [INFO] 14:36:29 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 14:36:29 [INFO] Checking for updates 14:36:29 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:36:29 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:36:29 [INFO] Check for updates complete (68 ms) 14:36:30 [INFO] 14:36:30 14:36:30 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:36:30 14:36:30 14:36:30 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:36:30 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:36:30 14:36:30 💖 Sponsor: https://github.com/sponsors/jeremylong 14:36:30 14:36:30 14:36:30 [INFO] Analysis Started 14:36:30 [INFO] Finished File Name Analyzer (0 seconds) 14:36:30 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:36:30 [INFO] Finished Hint Analyzer (0 seconds) 14:36:30 [INFO] Finished Version Filter Analyzer (0 seconds) 14:36:31 [INFO] Created CPE Index (1 seconds) 14:36:31 [INFO] Finished CPE Analyzer (1 seconds) 14:36:31 [INFO] Finished False Positive Analyzer (0 seconds) 14:36:31 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:36:31 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:36:31 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:36:31 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:36:31 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:36:31 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:36:31 [INFO] Analysis Complete (1 seconds) 14:36:31 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 14:36:31 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 14:36:31 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 14:36:31 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 14:36:31 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 14:36:31 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 14:36:31 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 14:36:31 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 14:36:32 [INFO] 14:36:32 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly25 >-- 14:36:32 [INFO] Building dependencies.testsuite.as.wildfly25 1.0 [53/69] 14:36:32 [INFO] --------------------------------[ pom ]--------------------------------- 14:36:32 [INFO] 14:36:32 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 14:36:32 [INFO] 14:36:32 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 14:36:32 [INFO] org.wildfly:wildfly-client-all:jar:25.0.0.Final already exists in destination. 14:36:32 [INFO] 14:36:32 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 14:36:32 [INFO] Executing tasks 14:36:37 [INFO] Executed tasks 14:36:37 [INFO] 14:36:37 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 14:36:37 [INFO] Checking for updates 14:36:37 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:36:37 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:36:37 [INFO] Check for updates complete (82 ms) 14:36:37 [INFO] 14:36:37 14:36:37 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:36:37 14:36:37 14:36:37 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:36:37 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:36:37 14:36:37 💖 Sponsor: https://github.com/sponsors/jeremylong 14:36:37 14:36:37 14:36:37 [INFO] Analysis Started 14:36:37 [INFO] Finished File Name Analyzer (0 seconds) 14:36:37 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:36:37 [INFO] Finished Hint Analyzer (0 seconds) 14:36:37 [INFO] Finished Version Filter Analyzer (0 seconds) 14:36:38 [INFO] Created CPE Index (1 seconds) 14:36:38 [INFO] Finished CPE Analyzer (1 seconds) 14:36:38 [INFO] Finished False Positive Analyzer (0 seconds) 14:36:38 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:36:38 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:36:38 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:36:38 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:36:38 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:36:38 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:36:38 [INFO] Analysis Complete (1 seconds) 14:36:38 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 14:36:38 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 14:36:38 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 14:36:38 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 14:36:38 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 14:36:38 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 14:36:38 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 14:36:38 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 14:36:38 [INFO] 14:36:38 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly26 >-- 14:36:38 [INFO] Building dependencies.testsuite.as.wildfly26 1.0 [54/69] 14:36:38 [INFO] --------------------------------[ pom ]--------------------------------- 14:36:38 [INFO] 14:36:38 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 14:36:38 [INFO] 14:36:38 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 14:36:38 [INFO] org.wildfly:wildfly-client-all:jar:26.0.0.Final already exists in destination. 14:36:38 [INFO] 14:36:38 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 14:36:38 [INFO] Executing tasks 14:36:43 [INFO] Executed tasks 14:36:43 [INFO] 14:36:43 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 14:36:43 [INFO] Checking for updates 14:36:43 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:36:43 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:36:43 [INFO] Check for updates complete (71 ms) 14:36:44 [INFO] 14:36:44 14:36:44 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:36:44 14:36:44 14:36:44 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:36:44 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:36:44 14:36:44 💖 Sponsor: https://github.com/sponsors/jeremylong 14:36:44 14:36:44 14:36:44 [INFO] Analysis Started 14:36:44 [INFO] Finished File Name Analyzer (0 seconds) 14:36:44 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:36:44 [INFO] Finished Hint Analyzer (0 seconds) 14:36:44 [INFO] Finished Version Filter Analyzer (0 seconds) 14:36:45 [INFO] Created CPE Index (1 seconds) 14:36:45 [INFO] Finished CPE Analyzer (1 seconds) 14:36:45 [INFO] Finished False Positive Analyzer (0 seconds) 14:36:45 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:36:45 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:36:45 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:36:45 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:36:45 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:36:45 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:36:45 [INFO] Analysis Complete (1 seconds) 14:36:45 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 14:36:45 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 14:36:45 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 14:36:45 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 14:36:45 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 14:36:45 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 14:36:45 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 14:36:45 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 14:36:45 [INFO] 14:36:45 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.tomcat9 >-- 14:36:45 [INFO] Building dependencies.testsuite.as.tomcat9 1.0 [55/69] 14:36:45 [INFO] --------------------------------[ pom ]--------------------------------- 14:36:45 [INFO] 14:36:45 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 14:36:45 [INFO] 14:36:45 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 14:36:45 [INFO] org.apache.tomcat:tomcat-catalina:jar:9.0.98 already exists in destination. 14:36:45 [INFO] org.apache.tomcat:tomcat-juli:jar:9.0.98 already exists in destination. 14:36:45 [INFO] 14:36:45 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 14:36:45 [INFO] Executing tasks 14:36:50 [INFO] Executed tasks 14:36:50 [INFO] 14:36:50 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 14:36:50 [INFO] Checking for updates 14:36:50 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:36:50 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:36:50 [INFO] Check for updates complete (73 ms) 14:36:51 [INFO] 14:36:51 14:36:51 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:36:51 14:36:51 14:36:51 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:36:51 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:36:51 14:36:51 💖 Sponsor: https://github.com/sponsors/jeremylong 14:36:51 14:36:51 14:36:51 [INFO] Analysis Started 14:36:51 [INFO] Finished File Name Analyzer (0 seconds) 14:36:51 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:36:51 [INFO] Finished Hint Analyzer (0 seconds) 14:36:51 [INFO] Finished Version Filter Analyzer (0 seconds) 14:36:52 [INFO] Created CPE Index (1 seconds) 14:36:52 [INFO] Finished CPE Analyzer (1 seconds) 14:36:52 [INFO] Finished False Positive Analyzer (0 seconds) 14:36:52 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:36:52 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:36:52 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:36:52 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:36:52 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:36:52 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:36:52 [INFO] Analysis Complete (1 seconds) 14:36:52 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 14:36:52 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 14:36:52 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 14:36:52 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 14:36:52 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 14:36:52 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 14:36:52 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 14:36:52 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 14:36:52 [INFO] 14:36:52 [INFO] -----------< org.openspcoop2:org.openspcoop2.testsuite.test >----------- 14:36:52 [INFO] Building dependencies.testsuite.test 1.0 [56/69] 14:36:52 [INFO] --------------------------------[ pom ]--------------------------------- 14:36:52 [INFO] 14:36:52 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.test --- 14:36:52 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/testsuite (includes = [*.jar], excludes = []) 14:36:52 [INFO] 14:36:52 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.test --- 14:36:52 [INFO] 14:36:52 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.test --- 14:36:52 [INFO] Executing tasks 14:36:52 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/testsuite/apacheds-all-2.0.0.AM27.jar 14:36:52 [INFO] Executed tasks 14:36:52 [INFO] 14:36:52 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.test --- 14:36:52 [INFO] Executing tasks 14:36:57 [INFO] Executed tasks 14:36:57 [INFO] 14:36:57 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.testsuite.test --- 14:36:57 [INFO] Checking for updates 14:36:57 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:36:57 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:36:57 [INFO] Check for updates complete (84 ms) 14:36:57 [INFO] 14:36:57 14:36:57 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:36:57 14:36:57 14:36:57 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:36:57 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:36:57 14:36:57 💖 Sponsor: https://github.com/sponsors/jeremylong 14:36:57 14:36:57 14:36:57 [INFO] Analysis Started 14:36:57 [INFO] Finished File Name Analyzer (0 seconds) 14:36:57 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:36:57 [INFO] Finished Hint Analyzer (0 seconds) 14:36:57 [INFO] Finished Version Filter Analyzer (0 seconds) 14:36:59 [INFO] Created CPE Index (1 seconds) 14:36:59 [INFO] Finished CPE Analyzer (1 seconds) 14:36:59 [INFO] Finished False Positive Analyzer (0 seconds) 14:36:59 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:36:59 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:36:59 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:36:59 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:36:59 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:36:59 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:36:59 [INFO] Analysis Complete (1 seconds) 14:36:59 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.xml 14:36:59 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.html 14:36:59 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.json 14:36:59 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.csv 14:36:59 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.sarif 14:36:59 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-jenkins.html 14:36:59 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-junit.xml 14:36:59 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-gitlab.json 14:36:59 [INFO] 14:36:59 [INFO] ------< org.openspcoop2:org.openspcoop2.testsuite.staticAnalysis >------ 14:36:59 [INFO] Building dependencies.testsuite.staticAnalysis 1.0 [57/69] 14:36:59 [INFO] --------------------------------[ pom ]--------------------------------- 14:36:59 [INFO] 14:36:59 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.staticAnalysis --- 14:36:59 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/staticAnalysis (includes = [*.jar], excludes = []) 14:36:59 [INFO] 14:36:59 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.staticAnalysis --- 14:36:59 [INFO] 14:36:59 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.staticAnalysis --- 14:36:59 [INFO] Executing tasks 14:37:04 [INFO] Executed tasks 14:37:04 [INFO] 14:37:04 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.testsuite.staticAnalysis --- 14:37:04 [INFO] Checking for updates 14:37:04 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:37:04 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:37:04 [INFO] Check for updates complete (83 ms) 14:37:05 [INFO] 14:37:05 14:37:05 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:37:05 14:37:05 14:37:05 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:37:05 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:37:05 14:37:05 💖 Sponsor: https://github.com/sponsors/jeremylong 14:37:05 14:37:05 14:37:05 [INFO] Analysis Started 14:37:05 [INFO] Finished File Name Analyzer (0 seconds) 14:37:05 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:37:05 [INFO] Finished Hint Analyzer (0 seconds) 14:37:05 [INFO] Finished Version Filter Analyzer (0 seconds) 14:37:06 [INFO] Created CPE Index (1 seconds) 14:37:06 [INFO] Finished CPE Analyzer (1 seconds) 14:37:06 [INFO] Finished False Positive Analyzer (0 seconds) 14:37:06 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:37:06 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:37:06 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:37:06 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:37:06 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:37:06 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:37:06 [INFO] Analysis Complete (1 seconds) 14:37:06 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.xml 14:37:06 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.html 14:37:06 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.json 14:37:06 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.csv 14:37:06 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.sarif 14:37:06 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-jenkins.html 14:37:06 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-junit.xml 14:37:06 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-gitlab.json 14:37:06 [INFO] 14:37:06 [INFO] -----< org.openspcoop2:org.openspcoop2.testsuite.dynamicAnalysis >------ 14:37:06 [INFO] Building dependencies.testsuite.dynamicAnalysis 1.0 [58/69] 14:37:06 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:06 [INFO] 14:37:06 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.dynamicAnalysis --- 14:37:06 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/dynamicAnalysis (includes = [*.jar], excludes = []) 14:37:06 [INFO] 14:37:06 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.dynamicAnalysis --- 14:37:06 [INFO] 14:37:06 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.dynamicAnalysis --- 14:37:06 [INFO] Executing tasks 14:37:11 [INFO] Executed tasks 14:37:11 [INFO] 14:37:11 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.testsuite.dynamicAnalysis --- 14:37:11 [INFO] Checking for updates 14:37:11 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:37:11 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:37:11 [INFO] Check for updates complete (74 ms) 14:37:12 [INFO] 14:37:12 14:37:12 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:37:12 14:37:12 14:37:12 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:37:12 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:37:12 14:37:12 💖 Sponsor: https://github.com/sponsors/jeremylong 14:37:12 14:37:12 14:37:12 [INFO] Analysis Started 14:37:12 [INFO] Finished File Name Analyzer (0 seconds) 14:37:12 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:37:12 [INFO] Finished Hint Analyzer (0 seconds) 14:37:12 [INFO] Finished Version Filter Analyzer (0 seconds) 14:37:13 [INFO] Created CPE Index (1 seconds) 14:37:13 [INFO] Finished CPE Analyzer (1 seconds) 14:37:13 [INFO] Finished False Positive Analyzer (0 seconds) 14:37:13 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:37:13 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:37:13 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:37:13 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:37:13 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:37:13 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:37:13 [INFO] Analysis Complete (1 seconds) 14:37:13 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.xml 14:37:13 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.html 14:37:13 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.json 14:37:13 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.csv 14:37:13 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.sarif 14:37:13 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-jenkins.html 14:37:13 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-junit.xml 14:37:13 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-gitlab.json 14:37:13 [INFO] 14:37:13 [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.coverage >--------- 14:37:13 [INFO] Building dependencies.testsuite.coverage 1.0 [59/69] 14:37:13 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:13 [INFO] 14:37:13 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.coverage --- 14:37:13 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/coverage (includes = [*.jar], excludes = []) 14:37:13 [INFO] 14:37:13 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.coverage --- 14:37:13 [INFO] 14:37:13 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.coverage --- 14:37:13 [INFO] Executing tasks 14:37:18 [INFO] Executed tasks 14:37:18 [INFO] 14:37:18 [INFO] --- dependency-check-maven:11.1.1:aggregate (check owasp) @ org.openspcoop2.testsuite.coverage --- 14:37:18 [INFO] Checking for updates 14:37:18 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 14:37:18 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 14:37:18 [INFO] Check for updates complete (71 ms) 14:37:18 [INFO] 14:37:18 14:37:18 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 14:37:18 14:37:18 14:37:18 About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html 14:37:18 False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html 14:37:18 14:37:18 💖 Sponsor: https://github.com/sponsors/jeremylong 14:37:18 14:37:18 14:37:18 [INFO] Analysis Started 14:37:18 [INFO] Finished File Name Analyzer (0 seconds) 14:37:18 [INFO] Finished Dependency Merging Analyzer (0 seconds) 14:37:18 [INFO] Finished Hint Analyzer (0 seconds) 14:37:18 [INFO] Finished Version Filter Analyzer (0 seconds) 14:37:20 [INFO] Created CPE Index (1 seconds) 14:37:20 [INFO] Finished CPE Analyzer (1 seconds) 14:37:20 [INFO] Finished False Positive Analyzer (0 seconds) 14:37:20 [INFO] Finished NVD CVE Analyzer (0 seconds) 14:37:20 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 14:37:20 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 14:37:20 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 14:37:20 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 14:37:20 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 14:37:20 [INFO] Analysis Complete (1 seconds) 14:37:20 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.xml 14:37:20 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.html 14:37:20 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.json 14:37:20 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.csv 14:37:20 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.sarif 14:37:20 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-jenkins.html 14:37:20 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-junit.xml 14:37:20 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-gitlab.json 14:37:20 [INFO] 14:37:20 [INFO] --------------< org.openspcoop2:org.openspcoop2.compile >--------------- 14:37:20 [INFO] Building compile 1.0 [60/69] 14:37:20 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:20 [INFO] 14:37:20 [INFO] --------------< org.openspcoop2:org.openspcoop2.package >--------------- 14:37:20 [INFO] Building package 1.0 [61/69] 14:37:20 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:20 [INFO] 14:37:20 [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.utils >----------- 14:37:20 [INFO] Building testsuite.utils 1.0 [62/69] 14:37:20 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:20 [INFO] 14:37:20 [INFO] --------< org.openspcoop2:org.openspcoop2.testsuite.utils.sql >--------- 14:37:20 [INFO] Building testsuite.utils.sql 1.0 [63/69] 14:37:20 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:20 [INFO] 14:37:20 [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core >--------- 14:37:20 [INFO] Building testsuite.pdd.core 1.0 [64/69] 14:37:20 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:20 [INFO] 14:37:20 [INFO] -------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core.sql >------- 14:37:20 [INFO] Building testsuite.pdd.core.sql 1.0 [65/69] 14:37:20 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:20 [INFO] 14:37:20 [INFO] ------< org.openspcoop2:org.openspcoop2.static_analysis.spotbugs >------ 14:37:20 [INFO] Building static_analysis.spotbugs 1.0 [66/69] 14:37:20 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:20 [INFO] 14:37:20 [INFO] -----< org.openspcoop2:org.openspcoop2.static_analysis.sonarqube >------ 14:37:20 [INFO] Building static_analysis.sonarqube 1.0 [67/69] 14:37:20 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:20 [INFO] 14:37:20 [INFO] --------< org.openspcoop2:org.openspcoop2.dynamic_analysis.zap >-------- 14:37:20 [INFO] Building dynamic_analysis.zap 1.0 [68/69] 14:37:20 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:20 [INFO] 14:37:20 [INFO] ----------< org.openspcoop2:org.openspcoop2.coverage.jacoco >----------- 14:37:20 [INFO] Building coverage.jacoco 1.0 [69/69] 14:37:20 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:20 [INFO] ------------------------------------------------------------------------ 14:37:20 [INFO] Reactor Summary for govway 1.0: 14:37:20 [INFO] 14:37:20 [INFO] govway ............................................. SUCCESS [ 0.004 s] 14:37:20 [INFO] dependencies ....................................... SUCCESS [ 58.828 s] 14:37:20 [INFO] dependencies.ant ................................... SUCCESS [ 10.031 s] 14:37:20 [INFO] dependencies.antinstaller .......................... SUCCESS [ 8.115 s] 14:37:20 [INFO] dependencies.axiom ................................. SUCCESS [ 8.383 s] 14:37:20 [INFO] dependencies.bean-validation ....................... SUCCESS [ 7.401 s] 14:37:20 [INFO] dependencies.cxf ................................... SUCCESS [ 8.526 s] 14:37:20 [INFO] dependencies.commons ............................... SUCCESS [ 8.449 s] 14:37:20 [INFO] dependencies.faces ................................. SUCCESS [ 18.042 s] 14:37:20 [INFO] dependencies.git ................................... SUCCESS [ 7.442 s] 14:37:20 [INFO] dependencies.httpcore .............................. SUCCESS [ 7.581 s] 14:37:20 [INFO] dependencies.jackson ............................... SUCCESS [ 7.460 s] 14:37:20 [INFO] dependencies.javax ................................. SUCCESS [ 7.581 s] 14:37:20 [INFO] dependencies.jax ................................... SUCCESS [ 7.965 s] 14:37:20 [INFO] dependencies.jetty ................................. SUCCESS [ 7.123 s] 14:37:20 [INFO] dependencies.jminix ................................ SUCCESS [ 8.604 s] 14:37:20 [INFO] dependencies.json .................................. SUCCESS [ 7.552 s] 14:37:20 [INFO] dependencies.log ................................... SUCCESS [ 7.476 s] 14:37:20 [INFO] dependencies.lucene ................................ SUCCESS [ 7.512 s] 14:37:20 [INFO] dependencies.openapi4j ............................. SUCCESS [ 7.734 s] 14:37:20 [INFO] dependencies.opensaml .............................. SUCCESS [ 7.575 s] 14:37:20 [INFO] dependencies.pdf ................................... SUCCESS [ 7.642 s] 14:37:20 [INFO] dependencies.redis ................................. SUCCESS [ 7.065 s] 14:37:20 [INFO] dependencies.reports ............................... SUCCESS [ 7.463 s] 14:37:20 [INFO] dependencies.saaj .................................. SUCCESS [ 7.398 s] 14:37:20 [INFO] dependencies.security .............................. SUCCESS [ 7.287 s] 14:37:20 [INFO] dependencies.shared ................................ SUCCESS [ 9.732 s] 14:37:20 [INFO] dependencies.spring ................................ SUCCESS [ 7.397 s] 14:37:20 [INFO] dependencies.spring-ldap ........................... SUCCESS [ 7.048 s] 14:37:20 [INFO] dependencies.spring-security ....................... SUCCESS [ 7.206 s] 14:37:20 [INFO] dependencies.swagger ............................... SUCCESS [ 15.612 s] 14:37:20 [INFO] dependencies.wadl .................................. SUCCESS [ 7.235 s] 14:37:20 [INFO] dependencies.wss4j ................................. SUCCESS [ 7.053 s] 14:37:20 [INFO] dependencies.testsuite ............................. SUCCESS [ 6.827 s] 14:37:20 [INFO] dependencies.testsuite.axis14 ...................... SUCCESS [ 6.914 s] 14:37:20 [INFO] dependencies.testsuite.as .......................... SUCCESS [ 6.956 s] 14:37:20 [INFO] dependencies.testsuite.as.wildfly9 ................. SUCCESS [ 7.193 s] 14:37:20 [INFO] dependencies.testsuite.as.wildfly10 ................ SUCCESS [ 7.025 s] 14:37:20 [INFO] dependencies.testsuite.as.wildfly11 ................ SUCCESS [ 7.737 s] 14:37:20 [INFO] dependencies.testsuite.as.wildfly12 ................ SUCCESS [ 6.914 s] 14:37:20 [INFO] dependencies.testsuite.as.wildfly13 ................ SUCCESS [ 6.870 s] 14:37:20 [INFO] dependencies.testsuite.as.wildfly14 ................ SUCCESS [ 7.389 s] 14:37:20 [INFO] dependencies.testsuite.as.wildfly15 ................ SUCCESS [ 7.111 s] 14:37:20 [INFO] dependencies.testsuite.as.wildfly16 ................ SUCCESS [ 6.759 s] 14:37:20 [INFO] dependencies.testsuite.as.wildfly17 ................ SUCCESS [ 6.861 s] 14:37:20 [INFO] dependencies.testsuite.as.wildfly18 ................ SUCCESS [ 6.912 s] 14:37:20 [INFO] dependencies.testsuite.as.wildfly19 ................ SUCCESS [ 6.848 s] 14:37:20 [INFO] dependencies.testsuite.as.wildfly20 ................ SUCCESS [ 6.920 s] 14:37:20 [INFO] dependencies.testsuite.as.wildfly21 ................ SUCCESS [ 6.721 s] 14:37:20 [INFO] dependencies.testsuite.as.wildfly22 ................ SUCCESS [ 6.828 s] 14:37:20 [INFO] dependencies.testsuite.as.wildfly23 ................ SUCCESS [ 6.678 s] 14:37:20 [INFO] dependencies.testsuite.as.wildfly24 ................ SUCCESS [ 7.392 s] 14:37:20 [INFO] dependencies.testsuite.as.wildfly25 ................ SUCCESS [ 6.736 s] 14:37:20 [INFO] dependencies.testsuite.as.wildfly26 ................ SUCCESS [ 6.956 s] 14:37:20 [INFO] dependencies.testsuite.as.tomcat9 .................. SUCCESS [ 6.756 s] 14:37:20 [INFO] dependencies.testsuite.test ........................ SUCCESS [ 7.102 s] 14:37:20 [INFO] dependencies.testsuite.staticAnalysis .............. SUCCESS [ 7.186 s] 14:37:20 [INFO] dependencies.testsuite.dynamicAnalysis ............. SUCCESS [ 6.774 s] 14:37:20 [INFO] dependencies.testsuite.coverage .................... SUCCESS [ 6.621 s] 14:37:20 [INFO] compile ............................................ SUCCESS [ 0.000 s] 14:37:20 [INFO] package ............................................ SUCCESS [ 0.001 s] 14:37:20 [INFO] testsuite.utils .................................... SUCCESS [ 0.000 s] 14:37:20 [INFO] testsuite.utils.sql ................................ SUCCESS [ 0.000 s] 14:37:20 [INFO] testsuite.pdd.core ................................. SUCCESS [ 0.001 s] 14:37:20 [INFO] testsuite.pdd.core.sql ............................. SUCCESS [ 0.000 s] 14:37:20 [INFO] static_analysis.spotbugs ........................... SUCCESS [ 0.001 s] 14:37:20 [INFO] static_analysis.sonarqube .......................... SUCCESS [ 0.000 s] 14:37:20 [INFO] dynamic_analysis.zap ............................... SUCCESS [ 0.000 s] 14:37:20 [INFO] coverage.jacoco .................................... SUCCESS [ 0.001 s] 14:37:20 [INFO] ------------------------------------------------------------------------ 14:37:20 [INFO] BUILD SUCCESS 14:37:20 [INFO] ------------------------------------------------------------------------ 14:37:20 [INFO] Total time: 08:19 min 14:37:20 [INFO] Finished at: 2025-01-08T14:37:20+01:00 14:37:20 [INFO] ------------------------------------------------------------------------ 14:37:20 [GovWay] $ /bin/bash /tmp/jenkins5352361116266450508.sh 14:37:20 Pubblicazione risultati dependency check ... 14:37:20 cp: cannot create directory ‘/opt/apache-tomcat-9.0.91/webapps/dependency-check/result’: No such file or directory 14:37:20 Pubblicazione risultati dependency check effettuata 14:37:20 Pubblicazione installer su risultati testsuite ... 14:37:20 Pubblicazione installer su risultati testsuite effettuata 14:37:20 [GovWay] $ /opt/apache-maven-3.6.3/bin/mvn -Dpackage=none -Dcompile=compile -Dowasp=none -Dtestsuite=none compile 14:37:21 [INFO] Scanning for projects... 14:37:22 [INFO] ------------------------------------------------------------------------ 14:37:22 [INFO] Reactor Build Order: 14:37:22 [INFO] 14:37:22 [INFO] govway [pom] 14:37:22 [INFO] dependencies [pom] 14:37:22 [INFO] dependencies.ant [pom] 14:37:22 [INFO] dependencies.antinstaller [pom] 14:37:22 [INFO] dependencies.axiom [pom] 14:37:22 [INFO] dependencies.bean-validation [pom] 14:37:22 [INFO] dependencies.cxf [pom] 14:37:22 [INFO] dependencies.commons [pom] 14:37:22 [INFO] dependencies.faces [pom] 14:37:22 [INFO] dependencies.git [pom] 14:37:22 [INFO] dependencies.httpcore [pom] 14:37:22 [INFO] dependencies.jackson [pom] 14:37:22 [INFO] dependencies.javax [pom] 14:37:22 [INFO] dependencies.jax [pom] 14:37:22 [INFO] dependencies.jetty [pom] 14:37:22 [INFO] dependencies.jminix [pom] 14:37:22 [INFO] dependencies.json [pom] 14:37:22 [INFO] dependencies.log [pom] 14:37:22 [INFO] dependencies.lucene [pom] 14:37:22 [INFO] dependencies.openapi4j [pom] 14:37:22 [INFO] dependencies.opensaml [pom] 14:37:22 [INFO] dependencies.pdf [pom] 14:37:22 [INFO] dependencies.redis [pom] 14:37:22 [INFO] dependencies.reports [pom] 14:37:22 [INFO] dependencies.saaj [pom] 14:37:22 [INFO] dependencies.security [pom] 14:37:22 [INFO] dependencies.shared [pom] 14:37:22 [INFO] dependencies.spring [pom] 14:37:22 [INFO] dependencies.spring-ldap [pom] 14:37:22 [INFO] dependencies.spring-security [pom] 14:37:22 [INFO] dependencies.swagger [pom] 14:37:22 [INFO] dependencies.wadl [pom] 14:37:22 [INFO] dependencies.wss4j [pom] 14:37:22 [INFO] dependencies.testsuite [pom] 14:37:22 [INFO] dependencies.testsuite.axis14 [pom] 14:37:22 [INFO] dependencies.testsuite.as [pom] 14:37:22 [INFO] dependencies.testsuite.as.wildfly9 [pom] 14:37:22 [INFO] dependencies.testsuite.as.wildfly10 [pom] 14:37:22 [INFO] dependencies.testsuite.as.wildfly11 [pom] 14:37:22 [INFO] dependencies.testsuite.as.wildfly12 [pom] 14:37:22 [INFO] dependencies.testsuite.as.wildfly13 [pom] 14:37:22 [INFO] dependencies.testsuite.as.wildfly14 [pom] 14:37:22 [INFO] dependencies.testsuite.as.wildfly15 [pom] 14:37:22 [INFO] dependencies.testsuite.as.wildfly16 [pom] 14:37:22 [INFO] dependencies.testsuite.as.wildfly17 [pom] 14:37:22 [INFO] dependencies.testsuite.as.wildfly18 [pom] 14:37:22 [INFO] dependencies.testsuite.as.wildfly19 [pom] 14:37:22 [INFO] dependencies.testsuite.as.wildfly20 [pom] 14:37:22 [INFO] dependencies.testsuite.as.wildfly21 [pom] 14:37:22 [INFO] dependencies.testsuite.as.wildfly22 [pom] 14:37:22 [INFO] dependencies.testsuite.as.wildfly23 [pom] 14:37:22 [INFO] dependencies.testsuite.as.wildfly24 [pom] 14:37:22 [INFO] dependencies.testsuite.as.wildfly25 [pom] 14:37:22 [INFO] dependencies.testsuite.as.wildfly26 [pom] 14:37:22 [INFO] dependencies.testsuite.as.tomcat9 [pom] 14:37:22 [INFO] dependencies.testsuite.test [pom] 14:37:22 [INFO] dependencies.testsuite.staticAnalysis [pom] 14:37:22 [INFO] dependencies.testsuite.dynamicAnalysis [pom] 14:37:22 [INFO] dependencies.testsuite.coverage [pom] 14:37:22 [INFO] compile [pom] 14:37:22 [INFO] package [pom] 14:37:22 [INFO] testsuite.utils [pom] 14:37:22 [INFO] testsuite.utils.sql [pom] 14:37:22 [INFO] testsuite.pdd.core [pom] 14:37:22 [INFO] testsuite.pdd.core.sql [pom] 14:37:22 [INFO] static_analysis.spotbugs [pom] 14:37:22 [INFO] static_analysis.sonarqube [pom] 14:37:22 [INFO] dynamic_analysis.zap [pom] 14:37:22 [INFO] coverage.jacoco [pom] 14:37:22 [INFO] 14:37:22 [INFO] ------------------< org.openspcoop2:org.openspcoop2 >------------------- 14:37:22 [INFO] Building govway 1.0 [1/69] 14:37:22 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:22 [INFO] 14:37:22 [INFO] ------------< org.openspcoop2:org.openspcoop2.dependencies >------------ 14:37:22 [INFO] Building dependencies 1.0 [2/69] 14:37:22 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:22 [INFO] 14:37:22 [INFO] ----------------< org.openspcoop2:org.openspcoop2.ant >----------------- 14:37:22 [INFO] Building dependencies.ant 1.0 [3/69] 14:37:22 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:22 [INFO] 14:37:22 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.ant --- 14:37:22 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/ant (includes = [*.jar], excludes = []) 14:37:22 [INFO] 14:37:22 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.ant --- 14:37:23 [INFO] 14:37:23 [INFO] ------------< org.openspcoop2:org.openspcoop2.antinstaller >------------ 14:37:23 [INFO] Building dependencies.antinstaller 1.0 [4/69] 14:37:23 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:23 [INFO] 14:37:23 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.antinstaller --- 14:37:23 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/antinstaller (includes = [*.jar], excludes = []) 14:37:23 [INFO] 14:37:23 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.antinstaller --- 14:37:23 [INFO] 14:37:23 [INFO] ---------------< org.openspcoop2:org.openspcoop2.axiom >---------------- 14:37:23 [INFO] Building dependencies.axiom 1.0 [5/69] 14:37:23 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:23 [INFO] 14:37:23 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.axiom --- 14:37:23 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axiom (includes = [*.jar], excludes = []) 14:37:23 [INFO] 14:37:23 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.axiom --- 14:37:23 [INFO] 14:37:23 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.axiom --- 14:37:23 [INFO] Executing tasks 14:37:23 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-api-1.2.13.jar 14:37:23 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-dom-1.2.13.jar 14:37:23 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-impl-1.2.13.jar 14:37:23 [INFO] Executed tasks 14:37:23 [INFO] 14:37:23 [INFO] ----------< org.openspcoop2:org.openspcoop2.bean-validation >----------- 14:37:23 [INFO] Building dependencies.bean-validation 1.0 [6/69] 14:37:23 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:23 [INFO] 14:37:23 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.bean-validation --- 14:37:23 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/bean-validation (includes = [*.jar], excludes = []) 14:37:23 [INFO] 14:37:23 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.bean-validation --- 14:37:23 [INFO] 14:37:23 [INFO] ----------------< org.openspcoop2:org.openspcoop2.cxf >----------------- 14:37:23 [INFO] Building dependencies.cxf 1.0 [7/69] 14:37:23 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:24 [INFO] 14:37:24 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.cxf --- 14:37:24 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/cxf (includes = [*.jar], excludes = []) 14:37:24 [INFO] 14:37:24 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.cxf --- 14:37:24 [INFO] 14:37:24 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.cxf --- 14:37:24 [INFO] Executing tasks 14:37:24 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-core-3.6.4.jar 14:37:24 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-security-jose-3.6.4.jar 14:37:24 [INFO] Executed tasks 14:37:24 [INFO] 14:37:24 [INFO] --------------< org.openspcoop2:org.openspcoop2.commons >--------------- 14:37:24 [INFO] Building dependencies.commons 1.0 [8/69] 14:37:24 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:24 [INFO] 14:37:24 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.commons --- 14:37:24 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/commons (includes = [*.jar], excludes = []) 14:37:24 [INFO] 14:37:24 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.commons --- 14:37:24 [INFO] 14:37:24 [INFO] ---------------< org.openspcoop2:org.openspcoop2.faces >---------------- 14:37:24 [INFO] Building dependencies.faces 1.0 [9/69] 14:37:24 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:24 [INFO] 14:37:24 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.faces --- 14:37:24 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/faces (includes = [*.jar], excludes = []) 14:37:24 [INFO] 14:37:24 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.faces --- 14:37:24 [INFO] 14:37:24 [INFO] ----------------< org.openspcoop2:org.openspcoop2.git >----------------- 14:37:24 [INFO] Building dependencies.git 1.0 [10/69] 14:37:24 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:24 [INFO] 14:37:24 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.git --- 14:37:24 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/git (includes = [*.jar], excludes = []) 14:37:24 [INFO] 14:37:24 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.git --- 14:37:24 [INFO] 14:37:24 [INFO] --------------< org.openspcoop2:org.openspcoop2.httpcore >-------------- 14:37:24 [INFO] Building dependencies.httpcore 1.0 [11/69] 14:37:24 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:24 [INFO] 14:37:24 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.httpcore --- 14:37:24 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/httpcore (includes = [*.jar], excludes = []) 14:37:24 [INFO] 14:37:24 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.httpcore --- 14:37:24 [INFO] 14:37:24 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.httpcore --- 14:37:24 [INFO] Executing tasks 14:37:24 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpcore-ab-4.4.15.jar 14:37:24 [INFO] Executed tasks 14:37:24 [INFO] 14:37:24 [INFO] --------------< org.openspcoop2:org.openspcoop2.jackson >--------------- 14:37:24 [INFO] Building dependencies.jackson 1.0 [12/69] 14:37:24 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:24 [INFO] 14:37:24 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jackson --- 14:37:24 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jackson (includes = [*.jar], excludes = []) 14:37:24 [INFO] 14:37:24 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jackson --- 14:37:24 [INFO] 14:37:24 [INFO] ---------------< org.openspcoop2:org.openspcoop2.javax >---------------- 14:37:24 [INFO] Building dependencies.javax 1.0 [13/69] 14:37:24 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:24 [INFO] 14:37:24 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.javax --- 14:37:24 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/javax (includes = [*.jar], excludes = []) 14:37:24 [INFO] 14:37:24 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.javax --- 14:37:24 [INFO] 14:37:24 [INFO] ----------------< org.openspcoop2:org.openspcoop2.jax >----------------- 14:37:24 [INFO] Building dependencies.jax 1.0 [14/69] 14:37:24 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:24 [INFO] 14:37:24 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jax --- 14:37:24 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jax (includes = [*.jar], excludes = []) 14:37:24 [INFO] 14:37:24 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jax --- 14:37:24 [INFO] 14:37:24 [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.jax --- 14:37:24 [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/jax/jsr181-api-1.0-MR1.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxws-jsr181-api-2.3.1.jar 14:37:24 [INFO] 14:37:24 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jax --- 14:37:24 [INFO] Executing tasks 14:37:24 [INFO] Executed tasks 14:37:24 [INFO] 14:37:24 [INFO] ---------------< org.openspcoop2:org.openspcoop2.jetty >---------------- 14:37:24 [INFO] Building dependencies.jetty 1.0 [15/69] 14:37:24 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:24 [INFO] 14:37:24 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jetty --- 14:37:24 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jetty (includes = [*.jar], excludes = []) 14:37:24 [INFO] 14:37:24 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jetty --- 14:37:24 [INFO] 14:37:24 [INFO] ---------------< org.openspcoop2:org.openspcoop2.jminix >--------------- 14:37:24 [INFO] Building dependencies.jminix 1.0 [16/69] 14:37:24 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:24 [INFO] 14:37:24 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jminix --- 14:37:24 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jminix (includes = [*.jar], excludes = []) 14:37:24 [INFO] 14:37:24 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jminix --- 14:37:24 [INFO] 14:37:24 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jminix --- 14:37:24 [INFO] Executing tasks 14:37:24 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/jminix/jminix-1.2.0.jar 14:37:24 [INFO] Executed tasks 14:37:24 [INFO] 14:37:24 [INFO] ----------------< org.openspcoop2:org.openspcoop2.json >---------------- 14:37:24 [INFO] Building dependencies.json 1.0 [17/69] 14:37:24 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:24 [INFO] 14:37:24 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.json --- 14:37:24 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/json (includes = [*.jar], excludes = []) 14:37:24 [INFO] 14:37:24 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.json --- 14:37:24 [INFO] 14:37:24 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.json --- 14:37:24 [INFO] Executing tasks 14:37:24 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/json/json-path-2.9.0.jar 14:37:24 [INFO] Executed tasks 14:37:24 [INFO] 14:37:24 [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.json --- 14:37:24 [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/json/json-schema-validator-1.0.73.jar to /var/lib/jenkins/workspace/GovWay/lib/json/networknt_json-schema-validator-1.0.73.jar 14:37:24 [INFO] 14:37:24 [INFO] ----------------< org.openspcoop2:org.openspcoop2.log >----------------- 14:37:24 [INFO] Building dependencies.log 1.0 [18/69] 14:37:24 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:24 [INFO] 14:37:24 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.log --- 14:37:24 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/log (includes = [*.jar], excludes = []) 14:37:24 [INFO] 14:37:24 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.log --- 14:37:24 [INFO] 14:37:24 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.log --- 14:37:24 [INFO] Executing tasks 14:37:24 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/log/slf4j-api-2.0.16.jar 14:37:24 [INFO] Executed tasks 14:37:24 [INFO] 14:37:24 [INFO] ---------------< org.openspcoop2:org.openspcoop2.lucene >--------------- 14:37:24 [INFO] Building dependencies.lucene 1.0 [19/69] 14:37:24 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:24 [INFO] 14:37:24 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.lucene --- 14:37:24 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/lucene (includes = [*.jar], excludes = []) 14:37:24 [INFO] 14:37:24 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.lucene --- 14:37:24 [INFO] 14:37:24 [INFO] -------------< org.openspcoop2:org.openspcoop2.openapi4j >-------------- 14:37:24 [INFO] Building dependencies.openapi4j 1.0 [20/69] 14:37:24 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:25 [INFO] 14:37:25 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.openapi4j --- 14:37:25 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/openapi4j (includes = [*.jar], excludes = []) 14:37:25 [INFO] 14:37:25 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.openapi4j --- 14:37:25 [INFO] 14:37:25 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.openapi4j --- 14:37:25 [INFO] Executing tasks 14:37:25 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-core-1.0.7.jar 14:37:25 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-parser-1.0.7.jar 14:37:25 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-schema-validator-1.0.7.jar 14:37:25 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-operation-validator-1.0.7.jar 14:37:25 [INFO] Executed tasks 14:37:25 [INFO] 14:37:25 [INFO] --------------< org.openspcoop2:org.openspcoop2.opensaml >-------------- 14:37:25 [INFO] Building dependencies.opensaml 1.0 [21/69] 14:37:25 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:25 [INFO] 14:37:25 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.opensaml --- 14:37:25 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/opensaml (includes = [*.jar], excludes = []) 14:37:25 [INFO] 14:37:25 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.opensaml --- 14:37:25 [INFO] 14:37:25 [INFO] ----------------< org.openspcoop2:org.openspcoop2.pdf >----------------- 14:37:25 [INFO] Building dependencies.pdf 1.0 [22/69] 14:37:25 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:25 [INFO] 14:37:25 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.pdf --- 14:37:25 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/pdf (includes = [*.jar], excludes = []) 14:37:25 [INFO] 14:37:25 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.pdf --- 14:37:25 [INFO] 14:37:25 [INFO] ---------------< org.openspcoop2:org.openspcoop2.redis >---------------- 14:37:25 [INFO] Building dependencies.redis 1.0 [23/69] 14:37:25 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:25 [INFO] 14:37:25 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.redis --- 14:37:25 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/redis (includes = [*.jar], excludes = []) 14:37:25 [INFO] 14:37:25 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.redis --- 14:37:25 [INFO] 14:37:25 [INFO] --------------< org.openspcoop2:org.openspcoop2.reports >--------------- 14:37:25 [INFO] Building dependencies.reports 1.0 [24/69] 14:37:25 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:25 [INFO] 14:37:25 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.reports --- 14:37:25 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/reports (includes = [*.jar], excludes = []) 14:37:25 [INFO] 14:37:25 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.reports --- 14:37:25 [INFO] 14:37:25 [INFO] ----------------< org.openspcoop2:org.openspcoop2.saaj >---------------- 14:37:25 [INFO] Building dependencies.saaj 1.0 [25/69] 14:37:25 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:25 [INFO] 14:37:25 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.saaj --- 14:37:25 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/saaj (includes = [*.jar], excludes = []) 14:37:25 [INFO] 14:37:25 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.saaj --- 14:37:25 [INFO] 14:37:25 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.saaj --- 14:37:25 [INFO] Executing tasks 14:37:25 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/saaj/saaj-impl-1.5.3.jar 14:37:25 [INFO] Executed tasks 14:37:25 [INFO] 14:37:25 [INFO] --------------< org.openspcoop2:org.openspcoop2.security >-------------- 14:37:25 [INFO] Building dependencies.security 1.0 [26/69] 14:37:25 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:25 [INFO] 14:37:25 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.security --- 14:37:25 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/security (includes = [*.jar], excludes = []) 14:37:25 [INFO] 14:37:25 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.security --- 14:37:25 [INFO] 14:37:25 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.security --- 14:37:25 [INFO] Executing tasks 14:37:25 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/security/xmlsec-2.3.4.jar 14:37:25 [INFO] Executed tasks 14:37:25 [INFO] 14:37:25 [INFO] ---------------< org.openspcoop2:org.openspcoop2.shared >--------------- 14:37:25 [INFO] Building dependencies.shared 1.0 [27/69] 14:37:25 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:25 [INFO] 14:37:25 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.shared --- 14:37:25 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/shared (includes = [*.jar], excludes = []) 14:37:25 [INFO] 14:37:25 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.shared --- 14:37:25 [INFO] 14:37:25 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.shared --- 14:37:25 [INFO] Executing tasks 14:37:25 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/commons-jcs3-core-3.1.jar 14:37:25 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/Saxon-HE-11.4.jar 14:37:25 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/snakeyaml-1.33.jar 14:37:25 [INFO] Executed tasks 14:37:25 [INFO] 14:37:25 [INFO] ---------------< org.openspcoop2:org.openspcoop2.spring >--------------- 14:37:25 [INFO] Building dependencies.spring 1.0 [28/69] 14:37:25 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:25 [INFO] 14:37:25 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring --- 14:37:25 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring (includes = [*.jar], excludes = []) 14:37:25 [INFO] 14:37:25 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring --- 14:37:25 [INFO] 14:37:25 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.spring --- 14:37:25 [INFO] Executing tasks 14:37:25 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-beans-5.3.39.jar 14:37:25 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-5.3.39.jar 14:37:25 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-support-5.3.39.jar 14:37:25 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-core-5.3.39.jar 14:37:25 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-expression-5.3.39.jar 14:37:25 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-web-5.3.39.jar 14:37:25 [INFO] Executed tasks 14:37:25 [INFO] 14:37:25 [INFO] ------------< org.openspcoop2:org.openspcoop2.spring-ldap >------------- 14:37:25 [INFO] Building dependencies.spring-ldap 1.0 [29/69] 14:37:25 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:25 [INFO] 14:37:25 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-ldap --- 14:37:25 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-ldap (includes = [*.jar], excludes = []) 14:37:25 [INFO] 14:37:25 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-ldap --- 14:37:25 [INFO] 14:37:25 [INFO] ----------< org.openspcoop2:org.openspcoop2.spring-security >----------- 14:37:25 [INFO] Building dependencies.spring-security 1.0 [30/69] 14:37:25 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:25 [INFO] 14:37:25 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-security --- 14:37:25 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-security (includes = [*.jar], excludes = []) 14:37:25 [INFO] 14:37:25 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-security --- 14:37:25 [INFO] 14:37:25 [INFO] --------------< org.openspcoop2:org.openspcoop2.swagger >--------------- 14:37:25 [INFO] Building dependencies.swagger 1.0 [31/69] 14:37:25 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:25 [INFO] 14:37:25 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.swagger --- 14:37:25 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/swagger (includes = [*.jar], excludes = []) 14:37:25 [INFO] 14:37:25 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.swagger --- 14:37:25 [INFO] 14:37:25 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.swagger --- 14:37:25 [INFO] Executing tasks 14:37:25 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-parser-v3-2.1.6.jar 14:37:25 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-request-validator-core-2.30.0.jar 14:37:25 [INFO] Executed tasks 14:37:25 [INFO] 14:37:25 [INFO] ----------------< org.openspcoop2:org.openspcoop2.wadl >---------------- 14:37:25 [INFO] Building dependencies.wadl 1.0 [32/69] 14:37:25 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:25 [INFO] 14:37:25 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wadl --- 14:37:25 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wadl (includes = [*.jar], excludes = []) 14:37:25 [INFO] 14:37:25 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wadl --- 14:37:25 [INFO] 14:37:25 [INFO] ---------------< org.openspcoop2:org.openspcoop2.wss4j >---------------- 14:37:25 [INFO] Building dependencies.wss4j 1.0 [33/69] 14:37:25 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:25 [INFO] 14:37:25 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wss4j --- 14:37:25 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wss4j (includes = [*.jar], excludes = []) 14:37:25 [INFO] 14:37:25 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wss4j --- 14:37:25 [INFO] 14:37:25 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.wss4j --- 14:37:25 [INFO] Executing tasks 14:37:25 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-common-2.4.1.jar 14:37:25 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-dom-2.4.1.jar 14:37:25 [INFO] Executed tasks 14:37:25 [INFO] 14:37:25 [INFO] -------------< org.openspcoop2:org.openspcoop2.testsuite >-------------- 14:37:25 [INFO] Building dependencies.testsuite 1.0 [34/69] 14:37:25 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:25 [INFO] 14:37:25 [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.axis14 >---------- 14:37:25 [INFO] Building dependencies.testsuite.axis14 1.0 [35/69] 14:37:25 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:25 [INFO] 14:37:25 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.axis14 --- 14:37:25 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axis14 (includes = [*.jar], excludes = []) 14:37:25 [INFO] 14:37:25 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.axis14 --- 14:37:25 [INFO] 14:37:25 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.axis14 --- 14:37:25 [INFO] Executing tasks 14:37:25 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-1.4.jar 14:37:25 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-jaxrpc-1.4.jar 14:37:25 [INFO] Executed tasks 14:37:25 [INFO] 14:37:25 [INFO] ----< org.openspcoop2:org.openspcoop2.testsuite.applicationServer >----- 14:37:25 [INFO] Building dependencies.testsuite.as 1.0 [36/69] 14:37:25 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:25 [INFO] 14:37:25 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly9 >-- 14:37:25 [INFO] Building dependencies.testsuite.as.wildfly9 1.0 [37/69] 14:37:25 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:25 [INFO] 14:37:25 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 14:37:25 [INFO] 14:37:25 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 14:37:25 [INFO] org.wildfly:wildfly-client-all:jar:9.0.0.Final already exists in destination. 14:37:25 [INFO] 14:37:25 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly10 >-- 14:37:25 [INFO] Building dependencies.testsuite.as.wildfly10 1.0 [38/69] 14:37:25 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:25 [INFO] 14:37:25 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 14:37:26 [INFO] org.wildfly:wildfly-client-all:jar:10.0.0.Final already exists in destination. 14:37:26 [INFO] 14:37:26 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly11 >-- 14:37:26 [INFO] Building dependencies.testsuite.as.wildfly11 1.0 [39/69] 14:37:26 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 14:37:26 [INFO] org.wildfly:wildfly-client-all:jar:11.0.0.Final already exists in destination. 14:37:26 [INFO] 14:37:26 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly12 >-- 14:37:26 [INFO] Building dependencies.testsuite.as.wildfly12 1.0 [40/69] 14:37:26 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 14:37:26 [INFO] org.wildfly:wildfly-client-all:jar:12.0.0.Final already exists in destination. 14:37:26 [INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination. 14:37:26 [INFO] 14:37:26 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly13 >-- 14:37:26 [INFO] Building dependencies.testsuite.as.wildfly13 1.0 [41/69] 14:37:26 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 14:37:26 [INFO] org.wildfly:wildfly-client-all:jar:13.0.0.Final already exists in destination. 14:37:26 [INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination. 14:37:26 [INFO] 14:37:26 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly14 >-- 14:37:26 [INFO] Building dependencies.testsuite.as.wildfly14 1.0 [42/69] 14:37:26 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 14:37:26 [INFO] org.wildfly:wildfly-client-all:jar:14.0.0.Final already exists in destination. 14:37:26 [INFO] 14:37:26 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly15 >-- 14:37:26 [INFO] Building dependencies.testsuite.as.wildfly15 1.0 [43/69] 14:37:26 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 14:37:26 [INFO] org.wildfly:wildfly-client-all:jar:15.0.0.Final already exists in destination. 14:37:26 [INFO] 14:37:26 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly16 >-- 14:37:26 [INFO] Building dependencies.testsuite.as.wildfly16 1.0 [44/69] 14:37:26 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 14:37:26 [INFO] org.wildfly:wildfly-client-all:jar:16.0.0.Final already exists in destination. 14:37:26 [INFO] 14:37:26 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly17 >-- 14:37:26 [INFO] Building dependencies.testsuite.as.wildfly17 1.0 [45/69] 14:37:26 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 14:37:26 [INFO] org.wildfly:wildfly-client-all:jar:17.0.0.Final already exists in destination. 14:37:26 [INFO] 14:37:26 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly18 >-- 14:37:26 [INFO] Building dependencies.testsuite.as.wildfly18 1.0 [46/69] 14:37:26 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 14:37:26 [INFO] org.wildfly:wildfly-client-all:jar:18.0.0.Final already exists in destination. 14:37:26 [INFO] 14:37:26 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly19 >-- 14:37:26 [INFO] Building dependencies.testsuite.as.wildfly19 1.0 [47/69] 14:37:26 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 14:37:26 [INFO] org.wildfly:wildfly-client-all:jar:19.0.0.Final already exists in destination. 14:37:26 [INFO] 14:37:26 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly20 >-- 14:37:26 [INFO] Building dependencies.testsuite.as.wildfly20 1.0 [48/69] 14:37:26 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 14:37:26 [INFO] org.wildfly:wildfly-client-all:jar:20.0.0.Final already exists in destination. 14:37:26 [INFO] 14:37:26 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly21 >-- 14:37:26 [INFO] Building dependencies.testsuite.as.wildfly21 1.0 [49/69] 14:37:26 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 14:37:26 [INFO] org.wildfly:wildfly-client-all:jar:21.0.0.Final already exists in destination. 14:37:26 [INFO] 14:37:26 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly22 >-- 14:37:26 [INFO] Building dependencies.testsuite.as.wildfly22 1.0 [50/69] 14:37:26 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 14:37:26 [INFO] org.wildfly:wildfly-client-all:jar:22.0.0.Final already exists in destination. 14:37:26 [INFO] 14:37:26 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly23 >-- 14:37:26 [INFO] Building dependencies.testsuite.as.wildfly23 1.0 [51/69] 14:37:26 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 14:37:26 [INFO] org.wildfly:wildfly-client-all:jar:23.0.0.Final already exists in destination. 14:37:26 [INFO] 14:37:26 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly24 >-- 14:37:26 [INFO] Building dependencies.testsuite.as.wildfly24 1.0 [52/69] 14:37:26 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 14:37:26 [INFO] org.wildfly:wildfly-client-all:jar:24.0.0.Final already exists in destination. 14:37:26 [INFO] 14:37:26 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly25 >-- 14:37:26 [INFO] Building dependencies.testsuite.as.wildfly25 1.0 [53/69] 14:37:26 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 14:37:26 [INFO] org.wildfly:wildfly-client-all:jar:25.0.0.Final already exists in destination. 14:37:26 [INFO] 14:37:26 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly26 >-- 14:37:26 [INFO] Building dependencies.testsuite.as.wildfly26 1.0 [54/69] 14:37:26 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 14:37:26 [INFO] org.wildfly:wildfly-client-all:jar:26.0.0.Final already exists in destination. 14:37:26 [INFO] 14:37:26 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.tomcat9 >-- 14:37:26 [INFO] Building dependencies.testsuite.as.tomcat9 1.0 [55/69] 14:37:26 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 14:37:26 [INFO] org.apache.tomcat:tomcat-catalina:jar:9.0.98 already exists in destination. 14:37:26 [INFO] org.apache.tomcat:tomcat-juli:jar:9.0.98 already exists in destination. 14:37:26 [INFO] 14:37:26 [INFO] -----------< org.openspcoop2:org.openspcoop2.testsuite.test >----------- 14:37:26 [INFO] Building dependencies.testsuite.test 1.0 [56/69] 14:37:26 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.test --- 14:37:26 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/testsuite (includes = [*.jar], excludes = []) 14:37:26 [INFO] 14:37:26 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.test --- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.test --- 14:37:26 [INFO] Executing tasks 14:37:26 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/testsuite/apacheds-all-2.0.0.AM27.jar 14:37:26 [INFO] Executed tasks 14:37:26 [INFO] 14:37:26 [INFO] ------< org.openspcoop2:org.openspcoop2.testsuite.staticAnalysis >------ 14:37:26 [INFO] Building dependencies.testsuite.staticAnalysis 1.0 [57/69] 14:37:26 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.staticAnalysis --- 14:37:26 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/staticAnalysis (includes = [*.jar], excludes = []) 14:37:26 [INFO] 14:37:26 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.staticAnalysis --- 14:37:26 [INFO] 14:37:26 [INFO] -----< org.openspcoop2:org.openspcoop2.testsuite.dynamicAnalysis >------ 14:37:26 [INFO] Building dependencies.testsuite.dynamicAnalysis 1.0 [58/69] 14:37:26 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.dynamicAnalysis --- 14:37:26 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/dynamicAnalysis (includes = [*.jar], excludes = []) 14:37:26 [INFO] 14:37:26 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.dynamicAnalysis --- 14:37:26 [INFO] 14:37:26 [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.coverage >--------- 14:37:26 [INFO] Building dependencies.testsuite.coverage 1.0 [59/69] 14:37:26 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.coverage --- 14:37:26 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/coverage (includes = [*.jar], excludes = []) 14:37:26 [INFO] 14:37:26 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.coverage --- 14:37:26 [INFO] 14:37:26 [INFO] --------------< org.openspcoop2:org.openspcoop2.compile >--------------- 14:37:26 [INFO] Building compile 1.0 [60/69] 14:37:26 [INFO] --------------------------------[ pom ]--------------------------------- 14:37:26 [INFO] 14:37:26 [INFO] --- maven-antrun-plugin:3.1.0:run (default) @ org.openspcoop2.compile --- 14:37:27 [INFO] Executing tasks 14:37:31 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/dist 14:37:34 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build 14:37:34 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/tmp 14:37:34 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist 14:37:38 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:37:38 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:37:38 [WARNING] [echo] **************************************** 14:37:38 [WARNING] [echo] **** DEBUG MODE ON ***** 14:37:38 [WARNING] [echo] **************************************** 14:37:38 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/utils 14:37:38 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:37:39 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils] 14:37:39 [INFO] [javac] Compiling 35 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:37:42 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils_RELEASE.jar 14:37:42 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:37:46 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:37:46 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:37:46 [WARNING] [echo] **************************************** 14:37:46 [WARNING] [echo] **** DEBUG MODE ON ***** 14:37:46 [WARNING] [echo] **************************************** 14:37:46 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:37:46 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/instrument] 14:37:46 [INFO] [javac] Compiling 2 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:37:47 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-instrument_RELEASE.jar 14:37:47 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:37:50 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:37:50 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:37:50 [WARNING] [echo] **************************************** 14:37:50 [WARNING] [echo] **** DEBUG MODE ON ***** 14:37:50 [WARNING] [echo] **************************************** 14:37:50 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:37:50 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/resources] 14:37:50 [INFO] [javac] Compiling 17 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:37:51 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-resources_RELEASE.jar 14:37:51 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:37:54 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:37:54 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:37:54 [WARNING] [echo] **************************************** 14:37:54 [WARNING] [echo] **** DEBUG MODE ON ***** 14:37:54 [WARNING] [echo] **************************************** 14:37:54 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:37:54 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/mime] 14:37:54 [INFO] [javac] Compiling 4 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:37:55 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-mime_RELEASE.jar 14:37:55 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:37:59 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:37:59 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:37:59 [WARNING] [echo] **************************************** 14:37:59 [WARNING] [echo] **** DEBUG MODE ON ***** 14:37:59 [WARNING] [echo] **************************************** 14:37:59 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:37:59 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/date] 14:37:59 [INFO] [javac] Compiling 18 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:00 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-date_RELEASE.jar 14:38:00 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:03 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:03 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:38:03 [WARNING] [echo] **************************************** 14:38:03 [WARNING] [echo] **** DEBUG MODE ON ***** 14:38:03 [WARNING] [echo] **************************************** 14:38:03 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:38:03 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/io] 14:38:03 [INFO] [javac] Compiling 27 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:04 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-io_RELEASE.jar 14:38:04 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:07 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:07 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:38:07 [WARNING] [echo] **************************************** 14:38:07 [WARNING] [echo] **** DEBUG MODE ON ***** 14:38:07 [WARNING] [echo] **************************************** 14:38:07 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:38:07 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/random] 14:38:07 [INFO] [javac] Compiling 4 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:08 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-random_RELEASE.jar 14:38:08 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:11 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:11 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:38:11 [WARNING] [echo] **************************************** 14:38:11 [WARNING] [echo] **** DEBUG MODE ON ***** 14:38:11 [WARNING] [echo] **************************************** 14:38:11 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:38:11 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/properties] 14:38:11 [INFO] [javac] Compiling 5 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:12 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-properties_RELEASE.jar 14:38:12 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:15 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:15 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:38:15 [WARNING] [echo] **************************************** 14:38:15 [WARNING] [echo] **** DEBUG MODE ON ***** 14:38:15 [WARNING] [echo] **************************************** 14:38:15 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:38:15 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/jaxb] 14:38:15 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:38:15 [INFO] [javac] Compiling 15 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:16 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-jaxb_RELEASE.jar 14:38:16 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:19 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:19 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:38:19 [WARNING] [echo] **************************************** 14:38:19 [WARNING] [echo] **** DEBUG MODE ON ***** 14:38:19 [WARNING] [echo] **************************************** 14:38:19 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:38:19 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/jaxrs] 14:38:19 [INFO] [javac] Compiling 9 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:20 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-jaxrs_RELEASE.jar 14:38:20 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:22 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:22 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:38:22 [WARNING] [echo] **************************************** 14:38:22 [WARNING] [echo] **** DEBUG MODE ON ***** 14:38:22 [WARNING] [echo] **************************************** 14:38:22 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:38:22 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/xml] 14:38:22 [INFO] [javac] Compiling 40 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:25 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-xml_RELEASE.jar 14:38:25 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:27 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:27 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:38:27 [WARNING] [echo] **************************************** 14:38:27 [WARNING] [echo] **** DEBUG MODE ON ***** 14:38:27 [WARNING] [echo] **************************************** 14:38:27 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:38:27 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/json] 14:38:27 [INFO] [javac] Compiling 23 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:28 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-json_RELEASE.jar 14:38:28 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:31 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:31 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:38:31 [WARNING] [echo] **************************************** 14:38:31 [WARNING] [echo] **** DEBUG MODE ON ***** 14:38:31 [WARNING] [echo] **************************************** 14:38:31 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:38:31 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/xml2json] 14:38:31 [INFO] [javac] Compiling 17 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:32 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-xml2json_RELEASE.jar 14:38:32 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:34 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:34 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:38:34 [WARNING] [echo] **************************************** 14:38:34 [WARNING] [echo] **** DEBUG MODE ON ***** 14:38:34 [WARNING] [echo] **************************************** 14:38:34 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:38:34 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/digest] 14:38:34 [INFO] [javac] Compiling 8 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:35 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-digest_RELEASE.jar 14:38:35 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:38 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:38 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:38:38 [WARNING] [echo] **************************************** 14:38:38 [WARNING] [echo] **** DEBUG MODE ON ***** 14:38:38 [WARNING] [echo] **************************************** 14:38:38 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:38:38 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/regexp] 14:38:38 [INFO] [javac] Compiling 7 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:39 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-regexp_RELEASE.jar 14:38:39 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:41 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:41 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:38:41 [WARNING] [echo] **************************************** 14:38:41 [WARNING] [echo] **** DEBUG MODE ON ***** 14:38:41 [WARNING] [echo] **************************************** 14:38:41 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:38:41 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/certificate] 14:38:41 [INFO] [javac] Compiling 45 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:43 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-certificate_RELEASE.jar 14:38:43 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:46 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:46 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:38:46 [WARNING] [echo] **************************************** 14:38:46 [WARNING] [echo] **** DEBUG MODE ON ***** 14:38:46 [WARNING] [echo] **************************************** 14:38:46 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:38:46 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/transport] 14:38:46 [INFO] [javac] Compiling 64 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:47 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-transport_RELEASE.jar 14:38:47 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:50 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:50 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:38:50 [WARNING] [echo] **************************************** 14:38:50 [WARNING] [echo] **** DEBUG MODE ON ***** 14:38:50 [WARNING] [echo] **************************************** 14:38:50 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:38:50 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/certificate/ocsp] 14:38:50 [INFO] [javac] Compiling 18 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:51 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-certificate-ocsp_RELEASE.jar 14:38:51 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:53 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:53 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:38:53 [WARNING] [echo] **************************************** 14:38:53 [WARNING] [echo] **** DEBUG MODE ON ***** 14:38:53 [WARNING] [echo] **************************************** 14:38:53 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:38:53 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/certificate/remote] 14:38:53 [INFO] [javac] Compiling 9 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:54 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-certificate-remote_RELEASE.jar 14:38:54 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:57 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:57 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:38:57 [WARNING] [echo] **************************************** 14:38:57 [WARNING] [echo] **** DEBUG MODE ON ***** 14:38:57 [WARNING] [echo] **************************************** 14:38:57 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:38:57 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/certificate/byok] 14:38:57 [INFO] [javac] Compiling 14 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:38:57 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-certificate-byok_RELEASE.jar 14:38:57 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:01 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:01 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:39:01 [WARNING] [echo] **************************************** 14:39:01 [WARNING] [echo] **** DEBUG MODE ON ***** 14:39:01 [WARNING] [echo] **************************************** 14:39:01 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:39:01 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/jmx] 14:39:01 [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:01 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-jmx_RELEASE.jar 14:39:01 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:04 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:04 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:39:04 [WARNING] [echo] **************************************** 14:39:04 [WARNING] [echo] **** DEBUG MODE ON ***** 14:39:04 [WARNING] [echo] **************************************** 14:39:04 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:39:04 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/cache] 14:39:04 [INFO] [javac] Compiling 22 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:05 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-cache_RELEASE.jar 14:39:05 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:08 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:08 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:39:08 [WARNING] [echo] **************************************** 14:39:08 [WARNING] [echo] **** DEBUG MODE ON ***** 14:39:08 [WARNING] [echo] **************************************** 14:39:08 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:39:08 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/checksum] 14:39:08 [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:08 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-checksum_RELEASE.jar 14:39:08 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:11 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:11 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:39:11 [WARNING] [echo] **************************************** 14:39:11 [WARNING] [echo] **** DEBUG MODE ON ***** 14:39:11 [WARNING] [echo] **************************************** 14:39:11 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:39:11 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/crypt] 14:39:11 [INFO] [javac] Compiling 23 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:12 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-crypt_RELEASE.jar 14:39:12 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:14 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:14 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:39:14 [WARNING] [echo] **************************************** 14:39:14 [WARNING] [echo] **** DEBUG MODE ON ***** 14:39:14 [WARNING] [echo] **************************************** 14:39:14 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:39:14 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/csv] 14:39:14 [INFO] [javac] Compiling 10 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:15 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-csv_RELEASE.jar 14:39:15 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:17 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:17 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:39:17 [WARNING] [echo] **************************************** 14:39:17 [WARNING] [echo] **** DEBUG MODE ON ***** 14:39:17 [WARNING] [echo] **************************************** 14:39:17 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:39:17 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/dch] 14:39:17 [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:18 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-dch_RELEASE.jar 14:39:18 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:21 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:21 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:39:21 [WARNING] [echo] **************************************** 14:39:21 [WARNING] [echo] **** DEBUG MODE ON ***** 14:39:21 [WARNING] [echo] **************************************** 14:39:21 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:39:21 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/sql] 14:39:21 [INFO] [javac] Compiling 21 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:22 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-sql_RELEASE.jar 14:39:22 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:25 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:25 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:39:25 [WARNING] [echo] **************************************** 14:39:25 [WARNING] [echo] **** DEBUG MODE ON ***** 14:39:25 [WARNING] [echo] **************************************** 14:39:25 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:39:25 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/jdbc] 14:39:25 [INFO] [javac] Compiling 35 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:26 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-jdbc_RELEASE.jar 14:39:26 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:29 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:29 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:39:29 [WARNING] [echo] **************************************** 14:39:29 [WARNING] [echo] **** DEBUG MODE ON ***** 14:39:29 [WARNING] [echo] **************************************** 14:39:29 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:39:29 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/id] 14:39:29 [INFO] [javac] Compiling 45 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:29 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-id_RELEASE.jar 14:39:29 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:32 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:32 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:39:32 [WARNING] [echo] **************************************** 14:39:32 [WARNING] [echo] **** DEBUG MODE ON ***** 14:39:32 [WARNING] [echo] **************************************** 14:39:32 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:39:32 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/serialization] 14:39:32 [INFO] [javac] Compiling 26 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:33 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-serialization_RELEASE.jar 14:39:33 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:36 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:36 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:39:36 [WARNING] [echo] **************************************** 14:39:36 [WARNING] [echo] **** DEBUG MODE ON ***** 14:39:36 [WARNING] [echo] **************************************** 14:39:36 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:39:36 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/logger] 14:39:36 [INFO] [javac] Compiling 77 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:37 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-logger_RELEASE.jar 14:39:37 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:40 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:40 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:39:41 [WARNING] [echo] **************************************** 14:39:41 [WARNING] [echo] **** DEBUG MODE ON ***** 14:39:41 [WARNING] [echo] **************************************** 14:39:41 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:39:41 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/service] 14:39:41 [INFO] [javac] Compiling 110 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:43 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-service_RELEASE.jar 14:39:43 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:46 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:46 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:39:46 [WARNING] [echo] **************************************** 14:39:46 [WARNING] [echo] **** DEBUG MODE ON ***** 14:39:46 [WARNING] [echo] **************************************** 14:39:46 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:39:46 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/beans] 14:39:46 [INFO] [javac] Compiling 5 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:47 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-beans_RELEASE.jar 14:39:47 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:50 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:50 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:39:50 [WARNING] [echo] **************************************** 14:39:50 [WARNING] [echo] **** DEBUG MODE ON ***** 14:39:50 [WARNING] [echo] **************************************** 14:39:50 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:39:50 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/security] 14:39:50 [INFO] [javac] Compiling 40 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:51 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-security_RELEASE.jar 14:39:51 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:54 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:54 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:39:54 [WARNING] [echo] **************************************** 14:39:54 [WARNING] [echo] **** DEBUG MODE ON ***** 14:39:54 [WARNING] [echo] **************************************** 14:39:54 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:39:54 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/pdf] 14:39:54 [INFO] [javac] Compiling 11 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:55 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-pdf_RELEASE.jar 14:39:55 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:58 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:58 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:39:58 [WARNING] [echo] **************************************** 14:39:58 [WARNING] [echo] **** DEBUG MODE ON ***** 14:39:58 [WARNING] [echo] **************************************** 14:39:58 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:39:58 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/wsdl] 14:39:58 [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:39:59 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-wsdl_RELEASE.jar 14:39:59 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:40:03 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:40:03 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:40:03 [WARNING] [echo] **************************************** 14:40:03 [WARNING] [echo] **** DEBUG MODE ON ***** 14:40:03 [WARNING] [echo] **************************************** 14:40:03 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:40:03 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/rest] 14:40:03 [INFO] [javac] Compiling 54 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:40:04 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-rest_RELEASE.jar 14:40:04 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:40:06 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:40:06 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:40:06 [WARNING] [echo] **************************************** 14:40:06 [WARNING] [echo] **** DEBUG MODE ON ***** 14:40:06 [WARNING] [echo] **************************************** 14:40:06 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:40:06 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/wadl] 14:40:06 [INFO] [javac] Compiling 14 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:40:07 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-wadl_RELEASE.jar 14:40:07 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:40:10 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:40:10 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:40:10 [WARNING] [echo] **************************************** 14:40:10 [WARNING] [echo] **** DEBUG MODE ON ***** 14:40:10 [WARNING] [echo] **************************************** 14:40:10 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:40:10 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/openapi] 14:40:10 [INFO] [javac] Compiling 27 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:40:12 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-openapi_RELEASE.jar 14:40:12 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:40:15 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:40:15 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:40:15 [WARNING] [echo] **************************************** 14:40:15 [WARNING] [echo] **** DEBUG MODE ON ***** 14:40:15 [WARNING] [echo] **************************************** 14:40:15 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:40:15 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/xacml] 14:40:15 [INFO] [javac] Compiling 8 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:40:15 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-xacml_RELEASE.jar 14:40:15 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:40:18 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:40:18 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:40:18 [WARNING] [echo] **************************************** 14:40:18 [WARNING] [echo] **** DEBUG MODE ON ***** 14:40:18 [WARNING] [echo] **************************************** 14:40:18 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:40:18 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/mail] 14:40:18 [INFO] [javac] Compiling 10 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:40:19 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-mail_RELEASE.jar 14:40:19 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:40:23 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:40:23 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:40:23 [WARNING] [echo] **************************************** 14:40:23 [WARNING] [echo] **** DEBUG MODE ON ***** 14:40:23 [WARNING] [echo] **************************************** 14:40:23 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:40:23 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/datasource] 14:40:23 [INFO] [javac] Compiling 7 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:40:23 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-datasource_RELEASE.jar 14:40:23 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:40:26 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:40:26 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:40:26 [WARNING] [echo] **************************************** 14:40:26 [WARNING] [echo] **** DEBUG MODE ON ***** 14:40:26 [WARNING] [echo] **************************************** 14:40:26 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:40:26 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/sonde] 14:40:26 [INFO] [javac] Compiling 8 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:40:27 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-sonde_RELEASE.jar 14:40:27 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:40:29 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:40:29 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:40:29 [WARNING] [echo] **************************************** 14:40:29 [WARNING] [echo] **** DEBUG MODE ON ***** 14:40:29 [WARNING] [echo] **************************************** 14:40:29 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:40:29 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/semaphore] 14:40:29 [INFO] [javac] Compiling 10 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:40:30 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-semaphore_RELEASE.jar 14:40:30 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:40:32 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:40:32 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:40:32 [WARNING] [echo] **************************************** 14:40:32 [WARNING] [echo] **** DEBUG MODE ON ***** 14:40:32 [WARNING] [echo] **************************************** 14:40:32 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:40:32 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/threads] 14:40:32 [INFO] [javac] Compiling 8 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:40:33 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-threads_RELEASE.jar 14:40:33 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:40:36 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:40:36 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:40:36 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 14:40:36 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_utils_RELEASE.jar 14:40:43 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:40:43 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:40:43 [WARNING] [echo] **************************************** 14:40:43 [WARNING] [echo] **** DEBUG MODE ON ***** 14:40:43 [WARNING] [echo] **************************************** 14:40:43 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/utils-test 14:40:43 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:40:43 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/test] 14:40:43 [INFO] [javac] Compiling 64 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:40:44 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils-test/openspcoop2_utils-test_RELEASE.jar 14:40:44 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:40:47 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:40:47 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:40:47 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 14:40:47 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_utils-test_RELEASE.jar 14:40:53 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:40:53 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:40:53 [WARNING] [echo] **************************************** 14:40:53 [WARNING] [echo] **** DEBUG MODE ON ***** 14:40:53 [WARNING] [echo] **************************************** 14:40:53 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:40:53 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/generic_project/src/] 14:40:53 [INFO] [javac] Compiling 211 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:40:56 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_generic-project_RELEASE.jar 14:40:56 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:41:05 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:41:05 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:41:05 [WARNING] [echo] **************************************** 14:41:05 [WARNING] [echo] **** DEBUG MODE ON ***** 14:41:05 [WARNING] [echo] **************************************** 14:41:05 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/schemi 14:41:05 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:41:05 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/schemi/openspcoop2_schemi-xsd-openspcoop2_RELEASE.jar 14:41:08 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:41:08 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:41:08 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:41:08 [WARNING] [echo] **************************************** 14:41:08 [WARNING] [echo] **** DEBUG MODE ON ***** 14:41:08 [WARNING] [echo] **************************************** 14:41:08 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:41:08 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/schemi/openspcoop2_schemi-xsd-standard_RELEASE.jar 14:41:10 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:41:10 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:41:10 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 14:41:10 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_schemi-xsd_RELEASE.jar 14:41:14 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:41:14 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:41:14 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:41:14 [WARNING] [echo] **************************************** 14:41:14 [WARNING] [echo] **** DEBUG MODE ON ***** 14:41:14 [WARNING] [echo] **************************************** 14:41:14 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/message 14:41:14 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:41:14 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/message/context] 14:41:14 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:41:14 [INFO] [javac] Compiling 42 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:41:16 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/message/openspcoop2_message-context_RELEASE.jar 14:41:16 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:41:19 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:41:19 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:41:19 [WARNING] [echo] **************************************** 14:41:19 [WARNING] [echo] **** DEBUG MODE ON ***** 14:41:19 [WARNING] [echo] **************************************** 14:41:19 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:41:19 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/message] 14:41:19 [INFO] [javac] Compiling 110 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:41:21 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/message/openspcoop2_message_RELEASE.jar 14:41:21 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:41:24 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:41:24 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:41:24 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 14:41:24 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_message_RELEASE.jar 14:41:30 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:41:30 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:41:30 [WARNING] [echo] **************************************** 14:41:30 [WARNING] [echo] **** DEBUG MODE ON ***** 14:41:30 [WARNING] [echo] **************************************** 14:41:30 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/core 14:41:30 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:41:30 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core] 14:41:30 [INFO] [javac] Compiling 12 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:41:31 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core_RELEASE.jar 14:41:31 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:41:33 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:41:33 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:41:33 [WARNING] [echo] **************************************** 14:41:33 [WARNING] [echo] **** DEBUG MODE ON ***** 14:41:33 [WARNING] [echo] **************************************** 14:41:33 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:41:33 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/id] 14:41:33 [INFO] [javac] Compiling 20 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:41:34 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-id_RELEASE.jar 14:41:34 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:41:37 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:41:37 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:41:37 [WARNING] [echo] **************************************** 14:41:37 [WARNING] [echo] **** DEBUG MODE ON ***** 14:41:37 [WARNING] [echo] **************************************** 14:41:37 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:41:37 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/commons] 14:41:37 [INFO] [javac] Compiling 20 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:41:38 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-commons_RELEASE.jar 14:41:38 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:41:41 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:41:41 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:41:41 [WARNING] [echo] **************************************** 14:41:41 [WARNING] [echo] **** DEBUG MODE ON ***** 14:41:41 [WARNING] [echo] **************************************** 14:41:41 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:41:41 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/byok] 14:41:41 [INFO] [javac] Compiling 4 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:41:42 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-byok_RELEASE.jar 14:41:42 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:41:44 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:41:44 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:41:44 [WARNING] [echo] **************************************** 14:41:44 [WARNING] [echo] **** DEBUG MODE ON ***** 14:41:44 [WARNING] [echo] **************************************** 14:41:44 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:41:44 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/config] 14:41:44 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:41:44 [INFO] [javac] Compiling 346 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:41:50 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 14:41:50 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-config_RELEASE.jar 14:41:50 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:41:53 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:41:53 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:41:53 [WARNING] [echo] **************************************** 14:41:53 [WARNING] [echo] **** DEBUG MODE ON ***** 14:41:53 [WARNING] [echo] **************************************** 14:41:53 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:41:53 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry] 14:41:53 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:41:53 [INFO] [javac] Compiling 139 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:41:55 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 14:41:55 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry_RELEASE.jar 14:41:55 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:41:58 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:41:58 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:41:58 [WARNING] [echo] **************************************** 14:41:58 [WARNING] [echo] **** DEBUG MODE ON ***** 14:41:58 [WARNING] [echo] **************************************** 14:41:58 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:41:58 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/tracciamento] 14:41:58 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:41:58 [INFO] [javac] Compiling 81 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:41:59 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 14:41:59 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-tracciamento_RELEASE.jar 14:41:59 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:03 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:03 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:42:03 [WARNING] [echo] **************************************** 14:42:03 [WARNING] [echo] **** DEBUG MODE ON ***** 14:42:03 [WARNING] [echo] **************************************** 14:42:03 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:42:03 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/diagnostica] 14:42:03 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:42:03 [INFO] [javac] Compiling 28 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:03 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-diagnostica_RELEASE.jar 14:42:03 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:06 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:06 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:42:06 [WARNING] [echo] **************************************** 14:42:06 [WARNING] [echo] **** DEBUG MODE ON ***** 14:42:06 [WARNING] [echo] **************************************** 14:42:06 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:42:06 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/transazioni] 14:42:06 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:42:06 [INFO] [javac] Compiling 142 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:10 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 14:42:10 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-transazioni_RELEASE.jar 14:42:10 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:13 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:13 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:42:13 [WARNING] [echo] **************************************** 14:42:13 [WARNING] [echo] **** DEBUG MODE ON ***** 14:42:13 [WARNING] [echo] **************************************** 14:42:13 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:42:13 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/eventi] 14:42:13 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:42:13 [INFO] [javac] Compiling 36 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:14 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 14:42:14 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-eventi_RELEASE.jar 14:42:14 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:17 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:17 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:42:17 [WARNING] [echo] **************************************** 14:42:17 [WARNING] [echo] **** DEBUG MODE ON ***** 14:42:17 [WARNING] [echo] **************************************** 14:42:17 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:42:17 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/statistiche] 14:42:17 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:42:17 [INFO] [javac] Compiling 91 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:19 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 14:42:19 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-statistiche_RELEASE.jar 14:42:19 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:21 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:21 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:42:21 [WARNING] [echo] **************************************** 14:42:21 [WARNING] [echo] **** DEBUG MODE ON ***** 14:42:21 [WARNING] [echo] **************************************** 14:42:21 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:42:21 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/plugins] 14:42:21 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:42:21 [INFO] [javac] Compiling 93 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:22 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 14:42:22 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-plugins_RELEASE.jar 14:42:22 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:25 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:25 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:42:25 [WARNING] [echo] **************************************** 14:42:25 [WARNING] [echo] **** DEBUG MODE ON ***** 14:42:25 [WARNING] [echo] **************************************** 14:42:25 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:42:25 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/controllo_traffico] 14:42:25 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:42:25 [INFO] [javac] Compiling 128 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:27 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 14:42:27 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-controllo_traffico_RELEASE.jar 14:42:28 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:30 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:30 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:42:30 [WARNING] [echo] **************************************** 14:42:30 [WARNING] [echo] **** DEBUG MODE ON ***** 14:42:30 [WARNING] [echo] **************************************** 14:42:30 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:42:30 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/allarmi] 14:42:30 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:42:30 [INFO] [javac] Compiling 76 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:31 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 14:42:31 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-allarmi_RELEASE.jar 14:42:31 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:34 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:34 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:42:34 [WARNING] [echo] **************************************** 14:42:34 [WARNING] [echo] **** DEBUG MODE ON ***** 14:42:34 [WARNING] [echo] **************************************** 14:42:34 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:42:34 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/mapping] 14:42:34 [INFO] [javac] Compiling 10 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:34 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-mapping_RELEASE.jar 14:42:34 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:37 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:37 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:42:37 [WARNING] [echo] **************************************** 14:42:37 [WARNING] [echo] **** DEBUG MODE ON ***** 14:42:37 [WARNING] [echo] **************************************** 14:42:37 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:42:37 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/eccezione/details] 14:42:37 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:42:37 [INFO] [javac] Compiling 34 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:37 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 14:42:37 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-eccezione-details_RELEASE.jar 14:42:37 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:40 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:40 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:42:40 [WARNING] [echo] **************************************** 14:42:40 [WARNING] [echo] **** DEBUG MODE ON ***** 14:42:40 [WARNING] [echo] **************************************** 14:42:40 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:42:40 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/eccezione/router_details] 14:42:40 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:42:40 [INFO] [javac] Compiling 25 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:41 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-eccezione-router_details_RELEASE.jar 14:42:41 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:43 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:43 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:42:43 [WARNING] [echo] **************************************** 14:42:43 [WARNING] [echo] **** DEBUG MODE ON ***** 14:42:43 [WARNING] [echo] **************************************** 14:42:43 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:42:43 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/eccezione/errore_applicativo] 14:42:43 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:42:43 [INFO] [javac] Compiling 38 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:44 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 14:42:44 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-eccezione-errore_applicativo_RELEASE.jar 14:42:44 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:47 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:47 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:42:47 [WARNING] [echo] **************************************** 14:42:47 [WARNING] [echo] **** DEBUG MODE ON ***** 14:42:47 [WARNING] [echo] **************************************** 14:42:47 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:42:47 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/integrazione] 14:42:47 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:42:47 [INFO] [javac] Compiling 19 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:48 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-integrazione_RELEASE.jar 14:42:48 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:50 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:50 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:42:50 [WARNING] [echo] **************************************** 14:42:50 [WARNING] [echo] **** DEBUG MODE ON ***** 14:42:50 [WARNING] [echo] **************************************** 14:42:50 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:42:50 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/config/driver] 14:42:50 [INFO] [javac] Compiling 18 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:51 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-config-driver_RELEASE.jar 14:42:51 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:53 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:53 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:42:53 [WARNING] [echo] **************************************** 14:42:53 [WARNING] [echo] **** DEBUG MODE ON ***** 14:42:53 [WARNING] [echo] **************************************** 14:42:53 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:42:53 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/config/driver/db] 14:42:53 [INFO] [javac] Compiling 38 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:55 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-config-driver-db_RELEASE.jar 14:42:55 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:58 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:58 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:42:58 [WARNING] [echo] **************************************** 14:42:58 [WARNING] [echo] **** DEBUG MODE ON ***** 14:42:58 [WARNING] [echo] **************************************** 14:42:58 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:42:58 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/config/driver/xml] 14:42:58 [INFO] [javac] Compiling 1 source file to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:42:59 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-config-driver-xml_RELEASE.jar 14:42:59 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:02 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:02 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:43:02 [WARNING] [echo] **************************************** 14:43:02 [WARNING] [echo] **** DEBUG MODE ON ***** 14:43:02 [WARNING] [echo] **************************************** 14:43:02 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:43:02 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/config/driver/utils] 14:43:02 [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:02 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-config-driver-utils_RELEASE.jar 14:43:02 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:05 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:05 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:43:05 [WARNING] [echo] **************************************** 14:43:05 [WARNING] [echo] **** DEBUG MODE ON ***** 14:43:05 [WARNING] [echo] **************************************** 14:43:05 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:43:05 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/driver] 14:43:05 [INFO] [javac] Compiling 83 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:08 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-driver_RELEASE.jar 14:43:08 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:11 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:11 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:43:11 [WARNING] [echo] **************************************** 14:43:11 [WARNING] [echo] **** DEBUG MODE ON ***** 14:43:11 [WARNING] [echo] **************************************** 14:43:11 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:43:11 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/wsdl] 14:43:11 [INFO] [javac] Compiling 15 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:12 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-wsdl_RELEASE.jar 14:43:12 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:14 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:14 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:43:14 [WARNING] [echo] **************************************** 14:43:14 [WARNING] [echo] **** DEBUG MODE ON ***** 14:43:14 [WARNING] [echo] **************************************** 14:43:14 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:43:14 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/rest] 14:43:14 [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:15 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-rest_RELEASE.jar 14:43:15 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:17 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:17 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:43:17 [WARNING] [echo] **************************************** 14:43:17 [WARNING] [echo] **** DEBUG MODE ON ***** 14:43:17 [WARNING] [echo] **************************************** 14:43:17 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:43:17 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/driver/db] 14:43:17 [INFO] [javac] Compiling 36 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:19 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-driver-db_RELEASE.jar 14:43:19 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:22 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:22 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:43:22 [WARNING] [echo] **************************************** 14:43:22 [WARNING] [echo] **** DEBUG MODE ON ***** 14:43:22 [WARNING] [echo] **************************************** 14:43:22 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:43:22 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/driver/xml] 14:43:22 [INFO] [javac] Compiling 1 source file to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:23 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-driver-xml_RELEASE.jar 14:43:23 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:26 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:26 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:43:26 [WARNING] [echo] **************************************** 14:43:26 [WARNING] [echo] **** DEBUG MODE ON ***** 14:43:26 [WARNING] [echo] **************************************** 14:43:26 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:43:26 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/driver/web] 14:43:26 [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:27 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-driver-web_RELEASE.jar 14:43:27 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:30 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:30 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:43:30 [WARNING] [echo] **************************************** 14:43:30 [WARNING] [echo] **** DEBUG MODE ON ***** 14:43:30 [WARNING] [echo] **************************************** 14:43:30 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:43:30 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/driver/uddi] 14:43:30 [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:31 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-driver-uddi_RELEASE.jar 14:43:31 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:34 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:34 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:43:34 [WARNING] [echo] **************************************** 14:43:34 [WARNING] [echo] **** DEBUG MODE ON ***** 14:43:34 [WARNING] [echo] **************************************** 14:43:34 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:43:34 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/driver/ws] 14:43:34 [INFO] [javac] Compiling 1 source file to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:35 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-driver-ws_RELEASE.jar 14:43:35 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:37 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:37 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:43:37 [WARNING] [echo] **************************************** 14:43:37 [WARNING] [echo] **** DEBUG MODE ON ***** 14:43:37 [WARNING] [echo] **************************************** 14:43:37 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:43:37 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/driver/utils] 14:43:37 [INFO] [javac] Compiling 5 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:38 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-driver-utils_RELEASE.jar 14:43:38 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:41 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:41 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:43:41 [WARNING] [echo] **************************************** 14:43:41 [WARNING] [echo] **** DEBUG MODE ON ***** 14:43:41 [WARNING] [echo] **************************************** 14:43:41 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:43:41 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/commons/search] 14:43:41 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:43:41 [INFO] [javac] Compiling 184 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:44 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 14:43:44 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-commons-search_RELEASE.jar 14:43:44 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:46 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:46 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:43:46 [WARNING] [echo] **************************************** 14:43:46 [WARNING] [echo] **** DEBUG MODE ON ***** 14:43:46 [WARNING] [echo] **************************************** 14:43:46 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:43:46 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/commons/dao] 14:43:46 [INFO] [javac] Compiling 4 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:47 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-commons-dao_RELEASE.jar 14:43:47 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:49 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:49 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:43:49 [WARNING] [echo] **************************************** 14:43:49 [WARNING] [echo] **** DEBUG MODE ON ***** 14:43:49 [WARNING] [echo] **************************************** 14:43:49 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:43:49 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/mvc/properties] 14:43:49 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:43:49 [INFO] [javac] Compiling 59 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:50 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 14:43:50 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-mvc_properties_RELEASE.jar 14:43:50 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:43:53 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:43:53 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:43:53 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 14:43:53 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_core_RELEASE.jar 14:44:00 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:44:00 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:44:00 [WARNING] [echo] **************************************** 14:44:00 [WARNING] [echo] **** DEBUG MODE ON ***** 14:44:00 [WARNING] [echo] **************************************** 14:44:00 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/protocol-api 14:44:00 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:44:00 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/manifest] 14:44:00 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:44:00 [INFO] [javac] Compiling 131 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:44:02 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 14:44:02 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol-api/openspcoop2_protocol-manifest_RELEASE.jar 14:44:02 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:44:05 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:44:05 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:44:05 [WARNING] [echo] **************************************** 14:44:05 [WARNING] [echo] **** DEBUG MODE ON ***** 14:44:05 [WARNING] [echo] **************************************** 14:44:05 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:44:05 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/information_missing] 14:44:05 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:44:05 [INFO] [javac] Compiling 83 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:44:06 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 14:44:06 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol-api/openspcoop2_protocol-information_missing_RELEASE.jar 14:44:06 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:44:09 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:44:09 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:44:09 [WARNING] [echo] **************************************** 14:44:09 [WARNING] [echo] **** DEBUG MODE ON ***** 14:44:09 [WARNING] [echo] **************************************** 14:44:09 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:44:09 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/sdk] 14:44:09 [INFO] [javac] Compiling 219 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:44:11 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol-api/openspcoop2_protocol-sdk_RELEASE.jar 14:44:11 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:44:14 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:44:14 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:44:14 [WARNING] [echo] **************************************** 14:44:14 [WARNING] [echo] **** DEBUG MODE ON ***** 14:44:14 [WARNING] [echo] **************************************** 14:44:14 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:44:14 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/utils] 14:44:14 [INFO] [javac] Compiling 19 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:44:15 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol-api/openspcoop2_protocol-utils_RELEASE.jar 14:44:15 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:44:18 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:44:18 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:44:18 [WARNING] [echo] **************************************** 14:44:18 [WARNING] [echo] **** DEBUG MODE ON ***** 14:44:18 [WARNING] [echo] **************************************** 14:44:18 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:44:18 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/registry] 14:44:18 [INFO] [javac] Compiling 9 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:44:19 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol-api/openspcoop2_protocol-registry_RELEASE.jar 14:44:19 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:44:22 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:44:22 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:44:22 [WARNING] [echo] **************************************** 14:44:22 [WARNING] [echo] **** DEBUG MODE ON ***** 14:44:22 [WARNING] [echo] **************************************** 14:44:22 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:44:22 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/abstraction] 14:44:22 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:44:22 [INFO] [javac] Compiling 64 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:44:23 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 14:44:23 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol-api/openspcoop2_protocol-abstraction_RELEASE.jar 14:44:23 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:44:25 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:44:25 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:44:25 [WARNING] [echo] **************************************** 14:44:25 [WARNING] [echo] **** DEBUG MODE ON ***** 14:44:25 [WARNING] [echo] **************************************** 14:44:25 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:44:25 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/basic] 14:44:25 [INFO] [javac] Compiling 63 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:44:27 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol-api/openspcoop2_protocol-basic_RELEASE.jar 14:44:27 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:44:30 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:44:30 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:44:30 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 14:44:30 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_protocol-api_RELEASE.jar 14:44:36 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:44:36 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:44:36 [WARNING] [echo] **************************************** 14:44:36 [WARNING] [echo] **** DEBUG MODE ON ***** 14:44:36 [WARNING] [echo] **************************************** 14:44:36 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/monitor-api 14:44:36 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:44:37 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/monitor/sdk] 14:44:37 [INFO] [javac] Compiling 69 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:44:37 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/monitor-api/openspcoop2_monitor-sdk_RELEASE.jar 14:44:37 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:44:41 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:44:41 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:44:41 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 14:44:41 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_monitor-api_RELEASE.jar 14:44:47 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:44:47 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:44:47 [WARNING] [echo] **************************************** 14:44:47 [WARNING] [echo] **** DEBUG MODE ON ***** 14:44:47 [WARNING] [echo] **************************************** 14:44:47 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/security 14:44:47 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:44:47 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/security] 14:44:47 [INFO] [javac] Compiling 49 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:44:48 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/security/openspcoop2_security-core_RELEASE.jar 14:44:48 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:44:51 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:44:51 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:44:51 [WARNING] [echo] **************************************** 14:44:51 [WARNING] [echo] **** DEBUG MODE ON ***** 14:44:51 [WARNING] [echo] **************************************** 14:44:51 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:44:51 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/security/message] 14:44:51 [INFO] [javac] Compiling 52 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:44:53 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/security/openspcoop2_security-message_RELEASE.jar 14:44:53 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:44:55 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:44:55 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:44:55 [WARNING] [echo] **************************************** 14:44:55 [WARNING] [echo] **** DEBUG MODE ON ***** 14:44:55 [WARNING] [echo] **************************************** 14:44:55 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:44:55 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/security/message/engine] 14:44:55 [INFO] [javac] Compiling 9 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:44:56 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/security/openspcoop2_security-message-engine_RELEASE.jar 14:44:56 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:44:59 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:44:59 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:44:59 [WARNING] [echo] **************************************** 14:44:59 [WARNING] [echo] **** DEBUG MODE ON ***** 14:44:59 [WARNING] [echo] **************************************** 14:44:59 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:44:59 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/security/message/jose] 14:44:59 [INFO] [javac] Compiling 14 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:45:00 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/security/openspcoop2_security-message-jose_RELEASE.jar 14:45:00 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:45:03 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:45:03 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:45:03 [WARNING] [echo] **************************************** 14:45:03 [WARNING] [echo] **** DEBUG MODE ON ***** 14:45:03 [WARNING] [echo] **************************************** 14:45:03 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:45:03 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/security/message/xml] 14:45:03 [INFO] [javac] Compiling 12 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:45:03 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/security/openspcoop2_security-message-xml_RELEASE.jar 14:45:03 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:45:06 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:45:06 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:45:06 [WARNING] [echo] **************************************** 14:45:06 [WARNING] [echo] **** DEBUG MODE ON ***** 14:45:06 [WARNING] [echo] **************************************** 14:45:06 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:45:06 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/security/message/wss4j] 14:45:06 [INFO] [javac] Compiling 14 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:45:06 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/security/openspcoop2_security-message-wss4j_RELEASE.jar 14:45:06 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:45:10 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:45:10 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:45:10 [WARNING] [echo] **************************************** 14:45:10 [WARNING] [echo] **** DEBUG MODE ON ***** 14:45:10 [WARNING] [echo] **************************************** 14:45:10 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:45:10 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/security/message/soapbox] 14:45:10 [INFO] [javac] Compiling 17 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:45:10 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/security/openspcoop2_security-message-soapbox_RELEASE.jar 14:45:10 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:45:13 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:45:13 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:45:13 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 14:45:13 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_security_RELEASE.jar 14:45:19 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:45:19 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:45:19 [WARNING] [echo] **************************************** 14:45:19 [WARNING] [echo] **** DEBUG MODE ON ***** 14:45:19 [WARNING] [echo] **************************************** 14:45:19 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/protocol 14:45:19 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:45:19 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/engine] 14:45:19 [INFO] [javac] Compiling 82 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:45:22 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol/openspcoop2_protocol_RELEASE.jar 14:45:22 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:45:25 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:45:25 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:45:25 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 14:45:25 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_protocol_RELEASE.jar 14:45:30 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:45:30 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:45:30 [WARNING] [echo] **************************************** 14:45:30 [WARNING] [echo] **** DEBUG MODE ON ***** 14:45:30 [WARNING] [echo] **************************************** 14:45:30 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/monitor 14:45:30 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:45:31 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/monitor/engine/config/transazioni] 14:45:31 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:45:31 [INFO] [javac] Compiling 54 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:45:32 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 14:45:32 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/monitor/openspcoop2_monitor-transazioni_RELEASE.jar 14:45:32 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:45:34 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:45:34 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:45:34 [WARNING] [echo] **************************************** 14:45:34 [WARNING] [echo] **** DEBUG MODE ON ***** 14:45:34 [WARNING] [echo] **************************************** 14:45:34 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:45:34 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/monitor/engine/config/ricerche] 14:45:34 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:45:34 [INFO] [javac] Compiling 40 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:45:35 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/monitor/openspcoop2_monitor-ricerche_RELEASE.jar 14:45:35 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:45:38 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:45:38 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:45:38 [WARNING] [echo] **************************************** 14:45:38 [WARNING] [echo] **** DEBUG MODE ON ***** 14:45:38 [WARNING] [echo] **************************************** 14:45:38 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:45:38 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/monitor/engine/config/statistiche] 14:45:38 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:45:38 [INFO] [javac] Compiling 40 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:45:39 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/monitor/openspcoop2_monitor-statistiche_RELEASE.jar 14:45:39 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:45:41 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:45:41 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:45:41 [WARNING] [echo] **************************************** 14:45:41 [WARNING] [echo] **** DEBUG MODE ON ***** 14:45:41 [WARNING] [echo] **************************************** 14:45:41 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:45:41 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/monitor/engine] 14:45:41 [INFO] [javac] Compiling 231 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:45:44 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/config/statistiche/package-info.class 14:45:44 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/config/ricerche/package-info.class 14:45:44 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/config/transazioni/constants/package-info.class 14:45:44 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/config/transazioni/package-info.class 14:45:44 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/monitor/openspcoop2_monitor-engine_RELEASE.jar 14:45:44 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:45:47 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:45:47 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:45:47 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 14:45:47 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_monitor_RELEASE.jar 14:45:50 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/SRC_VERSION/org/openspcoop2/pdd 14:45:50 [INFO] [copy] Copying 1106 files to /var/lib/jenkins/workspace/GovWay/build/SRC_VERSION/org/openspcoop2/pdd 14:45:51 [WARNING] [echo] Raccolta informazioni git per impostazione versione... 14:45:55 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:45:55 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:45:55 [WARNING] [echo] **************************************** 14:45:55 [WARNING] [echo] **** DEBUG MODE ON ***** 14:45:55 [WARNING] [echo] **************************************** 14:45:55 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/pdd 14:45:55 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:45:55 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/build/SRC_VERSION/org/openspcoop2/pdd] 14:45:55 [INFO] [javac] Compiling 1031 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:46:08 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/monitor/constants/package-info.class 14:46:08 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/monitor/package-info.class 14:46:08 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/services/skeleton/package-info.class 14:46:08 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/pdd/openspcoop2_pdd_RELEASE.jar 14:46:09 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:46:11 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:46:11 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:46:11 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 14:46:11 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_pdd_RELEASE.jar 14:46:14 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/SRC_VERSION 14:46:17 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:46:17 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:46:17 [WARNING] [echo] **************************************** 14:46:17 [WARNING] [echo] **** DEBUG MODE ON ***** 14:46:17 [WARNING] [echo] **************************************** 14:46:17 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/pdd-test 14:46:17 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:46:17 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/pdd_test] 14:46:17 [INFO] [javac] Compiling 13 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:46:17 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/pdd-test/openspcoop2_pdd-test_RELEASE.jar 14:46:17 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:46:20 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:46:20 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:46:20 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 14:46:20 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_pdd-test_RELEASE.jar 14:46:28 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:46:28 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:46:28 [WARNING] [echo] **************************************** 14:46:28 [WARNING] [echo] **** DEBUG MODE ON ***** 14:46:28 [WARNING] [echo] **************************************** 14:46:28 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/modipa 14:46:28 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:46:28 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/modipa/src] 14:46:28 [INFO] [javac] Compiling 47 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:46:30 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/modipa/openspcoop2_modipa-protocol-plugin_RELEASE.jar 14:46:30 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:46:32 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:46:32 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:46:32 [WARNING] [echo] **************************************** 14:46:32 [WARNING] [echo] **** DEBUG MODE ON ***** 14:46:32 [WARNING] [echo] **************************************** 14:46:32 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:46:32 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/modipa/src] 14:46:32 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/modipa/openspcoop2_modipa-protocol-config_RELEASE.jar 14:46:32 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:46:35 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:46:35 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:46:35 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 14:46:35 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_modipa-protocol_RELEASE.jar 14:46:44 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:46:44 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:46:44 [WARNING] [echo] **************************************** 14:46:44 [WARNING] [echo] **** DEBUG MODE ON ***** 14:46:44 [WARNING] [echo] **************************************** 14:46:44 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/spcoop 14:46:44 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:46:44 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src/it/gov/spcoop/sica/manifest] 14:46:44 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:46:44 [INFO] [javac] Compiling 73 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:46:45 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 14:46:46 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-sica-manifest_RELEASE.jar 14:46:46 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:46:49 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:46:49 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:46:49 [WARNING] [echo] **************************************** 14:46:49 [WARNING] [echo] **** DEBUG MODE ON ***** 14:46:49 [WARNING] [echo] **************************************** 14:46:49 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:46:49 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src/it/cnipa/collprofiles] 14:46:49 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:46:49 [INFO] [javac] Compiling 22 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:46:49 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 14:46:49 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-sica-cnipacollprofiles_RELEASE.jar 14:46:49 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:46:52 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:46:52 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:46:52 [WARNING] [echo] **************************************** 14:46:52 [WARNING] [echo] **** DEBUG MODE ON ***** 14:46:52 [WARNING] [echo] **************************************** 14:46:52 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:46:53 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src/it/cnipa/schemas/_2003/egovit/exception1_0] 14:46:53 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:46:53 [INFO] [javac] Compiling 24 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:46:53 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-sica-cnipaexception_RELEASE.jar 14:46:53 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:46:55 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:46:55 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:46:55 [WARNING] [echo] **************************************** 14:46:55 [WARNING] [echo] **** DEBUG MODE ON ***** 14:46:55 [WARNING] [echo] **************************************** 14:46:55 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:46:55 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src/it/gov/spcoop/sica/wscp] 14:46:55 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:46:55 [INFO] [javac] Compiling 22 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:46:56 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 14:46:56 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-sica-wscp_RELEASE.jar 14:46:56 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:46:59 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:46:59 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:46:59 [WARNING] [echo] **************************************** 14:46:59 [WARNING] [echo] **** DEBUG MODE ON ***** 14:46:59 [WARNING] [echo] **************************************** 14:46:59 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:46:59 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src] 14:46:59 [INFO] [javac] Compiling 21 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:47:00 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-sica_RELEASE.jar 14:47:00 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:47:03 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:47:03 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:47:03 [WARNING] [echo] **************************************** 14:47:03 [WARNING] [echo] **** DEBUG MODE ON ***** 14:47:03 [WARNING] [echo] **************************************** 14:47:03 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:47:03 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src/it/gov/spcoop/sica/wsbl] 14:47:03 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:47:03 [INFO] [javac] Compiling 60 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:47:04 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 14:47:04 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-sica-wsbl_RELEASE.jar 14:47:04 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:47:06 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:47:06 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:47:06 [WARNING] [echo] **************************************** 14:47:06 [WARNING] [echo] **** DEBUG MODE ON ***** 14:47:06 [WARNING] [echo] **************************************** 14:47:06 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:47:06 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src] 14:47:06 [INFO] [javac] Compiling 33 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:47:08 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-plugin_RELEASE.jar 14:47:08 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:47:10 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:47:10 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:47:10 [WARNING] [echo] **************************************** 14:47:10 [WARNING] [echo] **** DEBUG MODE ON ***** 14:47:10 [WARNING] [echo] **************************************** 14:47:10 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:47:10 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src] 14:47:10 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-config_RELEASE.jar 14:47:10 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:47:13 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:47:13 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:47:13 [WARNING] [echo] **************************************** 14:47:13 [WARNING] [echo] **** DEBUG MODE ON ***** 14:47:13 [WARNING] [echo] **************************************** 14:47:13 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:47:13 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-schemi_RELEASE.jar 14:47:16 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:47:16 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:47:16 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 14:47:16 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_spcoop-protocol_RELEASE.jar 14:47:24 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:47:24 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:47:24 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:47:24 [WARNING] [echo] **************************************** 14:47:24 [WARNING] [echo] **** DEBUG MODE ON ***** 14:47:24 [WARNING] [echo] **************************************** 14:47:24 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/trasparente 14:47:24 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:47:24 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/trasparente/src] 14:47:24 [INFO] [javac] Compiling 11 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:47:25 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/trasparente/openspcoop2_trasparente-protocol-plugin_RELEASE.jar 14:47:25 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:47:27 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:47:27 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:47:27 [WARNING] [echo] **************************************** 14:47:27 [WARNING] [echo] **** DEBUG MODE ON ***** 14:47:27 [WARNING] [echo] **************************************** 14:47:27 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:47:27 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/trasparente/src] 14:47:27 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/trasparente/openspcoop2_trasparente-protocol-config_RELEASE.jar 14:47:27 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:47:30 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:47:30 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:47:30 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 14:47:30 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_trasparente-protocol_RELEASE.jar 14:47:38 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:47:38 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:47:38 [WARNING] [echo] **************************************** 14:47:38 [WARNING] [echo] **** DEBUG MODE ON ***** 14:47:38 [WARNING] [echo] **************************************** 14:47:38 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/sdi 14:47:38 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:47:38 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/fatturapa/sdi/fatturapa/v1_0] 14:47:38 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:47:38 [INFO] [javac] Compiling 112 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:47:40 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 14:47:40 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-fatturapa-v10_RELEASE.jar 14:47:40 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:47:42 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:47:42 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:47:42 [WARNING] [echo] **************************************** 14:47:42 [WARNING] [echo] **** DEBUG MODE ON ***** 14:47:42 [WARNING] [echo] **************************************** 14:47:42 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:47:42 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/fatturapa/sdi/fatturapa/v1_1] 14:47:42 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:47:42 [INFO] [javac] Compiling 113 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:47:43 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 14:47:43 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-fatturapa-v11_RELEASE.jar 14:47:43 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:47:46 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:47:46 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:47:46 [WARNING] [echo] **************************************** 14:47:46 [WARNING] [echo] **** DEBUG MODE ON ***** 14:47:46 [WARNING] [echo] **************************************** 14:47:46 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:47:46 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/agenziaentrate/ivaservizi/docs/xsd/fatture/v1_0/] 14:47:46 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:47:46 [INFO] [javac] Compiling 60 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:47:47 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 14:47:47 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-fatturasemplificata-v10_RELEASE.jar 14:47:47 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:47:49 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:47:49 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:47:49 [WARNING] [echo] **************************************** 14:47:49 [WARNING] [echo] **** DEBUG MODE ON ***** 14:47:49 [WARNING] [echo] **************************************** 14:47:49 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:47:49 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/agenziaentrate/ivaservizi/docs/xsd/fatture/v1_2/] 14:47:49 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:47:49 [INFO] [javac] Compiling 114 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:47:51 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 14:47:51 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-fatturapa-v12_RELEASE.jar 14:47:51 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:47:53 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:47:53 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:47:53 [WARNING] [echo] **************************************** 14:47:53 [WARNING] [echo] **** DEBUG MODE ON ***** 14:47:53 [WARNING] [echo] **************************************** 14:47:53 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:47:53 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/fatturapa/sdi/messaggi/v1_0] 14:47:53 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:47:53 [INFO] [javac] Compiling 48 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:47:54 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 14:47:54 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-messaggi-v10_RELEASE.jar 14:47:54 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:47:56 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:47:56 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:47:56 [WARNING] [echo] **************************************** 14:47:56 [WARNING] [echo] **** DEBUG MODE ON ***** 14:47:56 [WARNING] [echo] **************************************** 14:47:56 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:47:56 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/agenziaentrate/ivaservizi/docs/xsd/fattura/messaggi/v1_0] 14:47:56 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:47:56 [INFO] [javac] Compiling 35 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:47:57 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 14:47:57 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-messaggi-fattura-v10_RELEASE.jar 14:47:57 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:47:59 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:47:59 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:47:59 [WARNING] [echo] **************************************** 14:47:59 [WARNING] [echo] **** DEBUG MODE ON ***** 14:47:59 [WARNING] [echo] **************************************** 14:47:59 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:47:59 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/fatturapa/sdi/ws/ricezione/v1_0/types] 14:47:59 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:47:59 [INFO] [javac] Compiling 28 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:48:00 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 14:48:00 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-wsricezione-v10_RELEASE.jar 14:48:00 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:48:03 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:48:03 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:48:03 [WARNING] [echo] **************************************** 14:48:03 [WARNING] [echo] **** DEBUG MODE ON ***** 14:48:03 [WARNING] [echo] **************************************** 14:48:03 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:48:03 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/fatturapa/sdi/ws/trasmissione/v1_0/types] 14:48:03 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:48:03 [INFO] [javac] Compiling 23 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:48:03 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 14:48:03 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-wstrasmissione-v10_RELEASE.jar 14:48:03 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:48:06 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:48:06 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:48:06 [WARNING] [echo] **************************************** 14:48:06 [WARNING] [echo] **** DEBUG MODE ON ***** 14:48:06 [WARNING] [echo] **************************************** 14:48:06 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:48:06 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/org/openspcoop2/protocol/sdi] 14:48:06 [INFO] [javac] Compiling 32 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:48:08 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-plugin_RELEASE.jar 14:48:08 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:48:11 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:48:11 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:48:11 [WARNING] [echo] **************************************** 14:48:11 [WARNING] [echo] **** DEBUG MODE ON ***** 14:48:11 [WARNING] [echo] **************************************** 14:48:11 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:48:11 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src] 14:48:11 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-config_RELEASE.jar 14:48:11 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:48:14 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:48:14 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:48:14 [WARNING] [echo] **************************************** 14:48:14 [WARNING] [echo] **** DEBUG MODE ON ***** 14:48:14 [WARNING] [echo] **************************************** 14:48:14 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:48:14 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-schemi_RELEASE.jar 14:48:16 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:48:16 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:48:16 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 14:48:16 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_sdi-protocol_RELEASE.jar 14:48:25 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:48:25 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:48:25 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:48:25 [WARNING] [echo] **************************************** 14:48:25 [WARNING] [echo] **** DEBUG MODE ON ***** 14:48:25 [WARNING] [echo] **************************************** 14:48:25 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/as4 14:48:25 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:48:25 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/as4/src/org/oasis_open/docs/ebxml_msg/ebms/v3_0/ns/core/_200704] 14:48:25 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:48:25 [INFO] [javac] Compiling 52 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:48:27 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/as4/openspcoop2_as4-protocol-ebms-v3_0_RELEASE.jar 14:48:27 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:48:29 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:48:29 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:48:29 [WARNING] [echo] **************************************** 14:48:29 [WARNING] [echo] **** DEBUG MODE ON ***** 14:48:29 [WARNING] [echo] **************************************** 14:48:29 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:48:29 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/as4/src/backend/ecodex/org/_1_1] 14:48:29 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:48:29 [INFO] [javac] Compiling 49 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:48:30 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 14:48:30 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/as4/openspcoop2_as4-protocol-backend-ecodex-v1_1_RELEASE.jar 14:48:30 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:48:34 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:48:34 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:48:34 [WARNING] [echo] **************************************** 14:48:34 [WARNING] [echo] **** DEBUG MODE ON ***** 14:48:34 [WARNING] [echo] **************************************** 14:48:34 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:48:34 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/as4/src/eu/domibus/configuration] 14:48:34 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:48:34 [INFO] [javac] Compiling 112 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:48:35 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/as4/openspcoop2_as4-protocol-eu-domibus-configuration_RELEASE.jar 14:48:35 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:48:38 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:48:38 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:48:38 [WARNING] [echo] **************************************** 14:48:38 [WARNING] [echo] **** DEBUG MODE ON ***** 14:48:38 [WARNING] [echo] **************************************** 14:48:38 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:48:38 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/as4/src] 14:48:38 [INFO] [javac] Compiling 52 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:48:40 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/as4/openspcoop2_as4-protocol-plugin_RELEASE.jar 14:48:40 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:48:43 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:48:43 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:48:43 [WARNING] [echo] **************************************** 14:48:43 [WARNING] [echo] **** DEBUG MODE ON ***** 14:48:43 [WARNING] [echo] **************************************** 14:48:43 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:48:43 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/as4/src] 14:48:43 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/as4/openspcoop2_as4-protocol-config_RELEASE.jar 14:48:43 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:48:45 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:48:45 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:48:45 [WARNING] [echo] **************************************** 14:48:45 [WARNING] [echo] **** DEBUG MODE ON ***** 14:48:45 [WARNING] [echo] **************************************** 14:48:45 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:48:45 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/as4/openspcoop2_as4-protocol-schemi_RELEASE.jar 14:48:48 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:48:48 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:48:48 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 14:48:48 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_as4-protocol_RELEASE.jar 14:48:53 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/users 14:48:57 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 14:48:57 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:48:57 [WARNING] [echo] **************************************** 14:48:57 [WARNING] [echo] **** DEBUG MODE ON ***** 14:48:57 [WARNING] [echo] **************************************** 14:48:57 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:48:57 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/users/src] 14:48:57 [INFO] [javac] Compiling 10 source files to /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 14:48:58 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-lib-users_RELEASE.jar 14:48:58 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 14:49:04 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/mvc 14:49:07 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 14:49:07 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:49:07 [WARNING] [echo] **************************************** 14:49:07 [WARNING] [echo] **** DEBUG MODE ON ***** 14:49:07 [WARNING] [echo] **************************************** 14:49:07 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:49:07 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/users/src] 14:49:07 [INFO] [javac] Compiling 10 source files to /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 14:49:08 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-lib-users_RELEASE.jar 14:49:08 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 14:49:13 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 14:49:13 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:49:13 [WARNING] [echo] **************************************** 14:49:13 [WARNING] [echo] **** DEBUG MODE ON ***** 14:49:13 [WARNING] [echo] **************************************** 14:49:13 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/web-lib-mvc 14:49:13 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:49:13 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/mvc/src] 14:49:13 [INFO] [javac] Compiling 35 source files to /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 14:49:14 warning: Implicitly compiled files were not subject to annotation processing. 14:49:14 Use -proc:none to disable annotation processing or -implicit to specify a policy for implicit compilation. 14:49:14 1 warning 14:49:14 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/web-lib-mvc/openspcoop2_web-lib-mvc-core_RELEASE.jar 14:49:14 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 14:49:17 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 14:49:17 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:49:17 [WARNING] [echo] **************************************** 14:49:17 [WARNING] [echo] **** DEBUG MODE ON ***** 14:49:17 [WARNING] [echo] **************************************** 14:49:17 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:49:17 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/mvc/src/org/openspcoop2/web/lib/mvc/properties] 14:49:17 [INFO] [javac] Compiling 12 source files to /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 14:49:18 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/web-lib-mvc/openspcoop2_web-lib-mvc-properties_RELEASE.jar 14:49:18 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 14:49:20 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:49:20 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:49:20 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 14:49:20 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-lib-mvc_RELEASE.jar 14:49:25 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/audit 14:49:28 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 14:49:28 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:49:28 [WARNING] [echo] **************************************** 14:49:28 [WARNING] [echo] **** DEBUG MODE ON ***** 14:49:28 [WARNING] [echo] **************************************** 14:49:28 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:49:29 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/users/src] 14:49:29 [INFO] [javac] Compiling 10 source files to /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 14:49:29 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-lib-users_RELEASE.jar 14:49:29 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 14:49:34 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 14:49:34 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:49:34 [WARNING] [echo] **************************************** 14:49:34 [WARNING] [echo] **** DEBUG MODE ON ***** 14:49:34 [WARNING] [echo] **************************************** 14:49:34 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:49:34 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/mvc/src] 14:49:34 [INFO] [javac] Compiling 35 source files to /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 14:49:35 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/web-lib-mvc/openspcoop2_web-lib-mvc-core_RELEASE.jar 14:49:35 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 14:49:38 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 14:49:38 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:49:38 [WARNING] [echo] **************************************** 14:49:38 [WARNING] [echo] **** DEBUG MODE ON ***** 14:49:38 [WARNING] [echo] **************************************** 14:49:38 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:49:38 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/mvc/src/org/openspcoop2/web/lib/mvc/properties] 14:49:38 [INFO] [javac] Compiling 12 source files to /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 14:49:38 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/web-lib-mvc/openspcoop2_web-lib-mvc-properties_RELEASE.jar 14:49:38 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 14:49:41 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:49:41 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:49:41 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 14:49:41 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-lib-mvc_RELEASE.jar 14:49:46 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 14:49:46 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:49:46 [WARNING] [echo] **************************************** 14:49:46 [WARNING] [echo] **** DEBUG MODE ON ***** 14:49:46 [WARNING] [echo] **************************************** 14:49:46 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/audit 14:49:46 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:49:46 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/audit/src/org/openspcoop2/web/lib/audit/costanti] 14:49:46 [INFO] [javac] Compiling 1 source file to /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 14:49:47 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/audit/openspcoop2_web-lib-audit-costanti_RELEASE.jar 14:49:47 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 14:49:49 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 14:49:49 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:49:49 [WARNING] [echo] **************************************** 14:49:49 [WARNING] [echo] **** DEBUG MODE ON ***** 14:49:49 [WARNING] [echo] **************************************** 14:49:49 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:49:50 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/audit/src/org/openspcoop2/web/lib/audit/log] 14:49:50 [WARNING] [javac] anomalous package-info.java path: package-info.java 14:49:50 [INFO] [javac] Compiling 22 source files to /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 14:49:50 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2/constants/package-info.class 14:49:50 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/audit/openspcoop2_web-lib-audit-log_RELEASE.jar 14:49:50 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 14:49:53 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 14:49:53 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:49:53 [WARNING] [echo] **************************************** 14:49:53 [WARNING] [echo] **** DEBUG MODE ON ***** 14:49:53 [WARNING] [echo] **************************************** 14:49:53 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:49:53 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/audit/src/org/openspcoop2/web/lib/audit/dao] 14:49:53 [INFO] [javac] Compiling 4 source files to /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 14:49:53 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/audit/openspcoop2_web-lib-audit-dao_RELEASE.jar 14:49:53 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 14:49:56 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 14:49:56 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:49:56 [WARNING] [echo] **************************************** 14:49:56 [WARNING] [echo] **** DEBUG MODE ON ***** 14:49:56 [WARNING] [echo] **************************************** 14:49:56 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:49:56 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/audit/src] 14:49:56 [INFO] [javac] Compiling 33 source files to /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 14:49:57 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/audit/openspcoop2_web-lib-audit_RELEASE.jar 14:49:57 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 14:50:00 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:50:00 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:50:00 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 14:50:00 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-lib-audit_RELEASE.jar 14:50:05 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/queue 14:50:07 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/queue/compile-jar-openspcoop2 14:50:07 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:50:07 [WARNING] [echo] **************************************** 14:50:07 [WARNING] [echo] **** DEBUG MODE ON ***** 14:50:07 [WARNING] [echo] **************************************** 14:50:07 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:50:07 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/queue/src] 14:50:07 [INFO] [javac] Compiling 15 source files to /var/lib/jenkins/workspace/GovWay/build/queue/compile-jar-openspcoop2 14:50:08 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-lib-queue_RELEASE.jar 14:50:08 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/queue/compile-jar-openspcoop2 14:50:17 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayConsole 14:50:17 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayConsole/compile-jar-openspcoop2 14:50:17 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:50:17 [WARNING] [echo] **************************************** 14:50:17 [WARNING] [echo] **** DEBUG MODE ON ***** 14:50:17 [WARNING] [echo] **************************************** 14:50:17 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:50:17 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/control_station/src] 14:50:17 [INFO] [javac] Compiling 763 source files to /var/lib/jenkins/workspace/GovWay/build/govwayConsole/compile-jar-openspcoop2 14:50:33 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-govwayConsole_RELEASE.jar 14:50:33 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayConsole/compile-jar-openspcoop2 14:50:41 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_core/META-INF/faces-config.xml 14:50:45 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor 14:50:45 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 14:50:45 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:50:45 [WARNING] [echo] **************************************** 14:50:45 [WARNING] [echo] **** DEBUG MODE ON ***** 14:50:45 [WARNING] [echo] **************************************** 14:50:45 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/govwayMonitor-core 14:50:45 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:50:45 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_core/] 14:50:45 [INFO] [javac] Compiling 144 source files to /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 14:50:47 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/govwayMonitor-core/openspcoop2_web-govwayMonitor-core_RELEASE.jar 14:50:47 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 14:50:50 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 14:50:50 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:50:50 [WARNING] [echo] **************************************** 14:50:50 [WARNING] [echo] **** DEBUG MODE ON ***** 14:50:50 [WARNING] [echo] **************************************** 14:50:50 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:50:50 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_core/META-INF/resources] 14:50:50 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/govwayMonitor-core/openspcoop2_web-govwayMonitor-core-resources_RELEASE.jar 14:50:50 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 14:50:53 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:50:53 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:50:53 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 14:50:53 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-govwayMonitor-core_RELEASE.jar 14:51:00 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_transazioni/META-INF/faces-config.xml 14:51:04 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 14:51:04 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:51:04 [WARNING] [echo] **************************************** 14:51:04 [WARNING] [echo] **** DEBUG MODE ON ***** 14:51:04 [WARNING] [echo] **************************************** 14:51:04 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:51:04 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_transazioni/] 14:51:04 [INFO] [javac] Compiling 81 source files to /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 14:51:06 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-govwayMonitor-transazioni_RELEASE.jar 14:51:06 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 14:51:12 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_stat/META-INF/faces-config.xml 14:51:14 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 14:51:14 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:51:14 [WARNING] [echo] **************************************** 14:51:14 [WARNING] [echo] **** DEBUG MODE ON ***** 14:51:14 [WARNING] [echo] **************************************** 14:51:14 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:51:14 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_stat/] 14:51:15 [INFO] [javac] Compiling 54 source files to /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 14:51:17 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-govwayMonitor-statistiche_RELEASE.jar 14:51:17 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 14:51:22 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_eventi/META-INF/faces-config.xml 14:51:25 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 14:51:25 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:51:25 [WARNING] [echo] **************************************** 14:51:25 [WARNING] [echo] **** DEBUG MODE ON ***** 14:51:25 [WARNING] [echo] **************************************** 14:51:25 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:51:25 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_eventi/] 14:51:25 [INFO] [javac] Compiling 6 source files to /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 14:51:26 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-govwayMonitor-eventi_RELEASE.jar 14:51:26 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 14:51:32 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_allarmi/META-INF/faces-config.xml 14:51:32 [ERROR] [concat] /var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_allarmi/META-INF/faces-config.xml.application does not exist. 14:51:35 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 14:51:35 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:51:35 [WARNING] [echo] **************************************** 14:51:35 [WARNING] [echo] **** DEBUG MODE ON ***** 14:51:35 [WARNING] [echo] **************************************** 14:51:35 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:51:35 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_allarmi/] 14:51:35 [INFO] [javac] Compiling 12 source files to /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 14:51:37 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-govwayMonitor-allarmi_RELEASE.jar 14:51:37 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 14:51:45 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/loaderConsole 14:51:45 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/loaderConsole/compile-jar-openspcoop2 14:51:45 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:51:45 [WARNING] [echo] **************************************** 14:51:45 [WARNING] [echo] **** DEBUG MODE ON ***** 14:51:45 [WARNING] [echo] **************************************** 14:51:45 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:51:45 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/loader/src] 14:51:45 [INFO] [javac] Compiling 21 source files to /var/lib/jenkins/workspace/GovWay/build/loaderConsole/compile-jar-openspcoop2 14:51:46 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-loaderConsole_RELEASE.jar 14:51:46 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/loaderConsole/compile-jar-openspcoop2 14:51:55 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayConfig 14:51:55 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayConfig/compile-jar-openspcoop2 14:51:55 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:51:55 [WARNING] [echo] **************************************** 14:51:55 [WARNING] [echo] **** DEBUG MODE ON ***** 14:51:55 [WARNING] [echo] **************************************** 14:51:55 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:51:56 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/rs/config/server/src/] 14:51:56 [INFO] [javac] Compiling 450 source files to /var/lib/jenkins/workspace/GovWay/build/govwayConfig/compile-jar-openspcoop2 14:52:03 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_rs-config-server_RELEASE.jar 14:52:03 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayConfig/compile-jar-openspcoop2 14:52:11 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 14:52:11 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:52:11 [WARNING] [echo] **************************************** 14:52:11 [WARNING] [echo] **** DEBUG MODE ON ***** 14:52:11 [WARNING] [echo] **************************************** 14:52:11 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:52:12 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/rs/monitor/server/src/] 14:52:12 [INFO] [javac] Compiling 116 source files to /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 14:52:13 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_rs-monitor-server_RELEASE.jar 14:52:13 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 14:52:21 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:52:21 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:52:21 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:52:21 [WARNING] [echo] **************************************** 14:52:21 [WARNING] [echo] **** DEBUG MODE ON ***** 14:52:21 [WARNING] [echo] **************************************** 14:52:21 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:52:21 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/batch/statistiche/src/] 14:52:21 [INFO] [javac] Compiling 2 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:52:22 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_batch-statistiche_RELEASE.jar 14:52:22 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:52:31 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:52:31 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:52:31 [WARNING] [echo] **************************************** 14:52:31 [WARNING] [echo] **** DEBUG MODE ON ***** 14:52:31 [WARNING] [echo] **************************************** 14:52:31 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:52:31 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/batch/runtime-repository/src/] 14:52:31 [INFO] [javac] Compiling 7 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:52:32 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_batch-runtime-repository_RELEASE.jar 14:52:32 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:52:41 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:52:41 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:52:41 [WARNING] [echo] **************************************** 14:52:41 [WARNING] [echo] **** DEBUG MODE ON ***** 14:52:41 [WARNING] [echo] **************************************** 14:52:41 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:52:41 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/command_line_interfaces/config_loader/src] 14:52:41 [INFO] [javac] Compiling 5 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:52:42 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_cli-configLoader_RELEASE.jar 14:52:42 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:52:51 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:52:51 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 14:52:51 [WARNING] [echo] **************************************** 14:52:51 [WARNING] [echo] **** DEBUG MODE ON ***** 14:52:51 [WARNING] [echo] **************************************** 14:52:51 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 14:52:51 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/command_line_interfaces/govway_vault/src] 14:52:51 [INFO] [javac] Compiling 8 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:52:52 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_cli-vault_RELEASE.jar 14:52:52 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 14:52:55 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build 14:52:55 [INFO] [move] Moving 35 files to /var/lib/jenkins/workspace/GovWay/dist.backup 14:52:55 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist 14:52:55 [INFO] [move] Moving 35 files to /var/lib/jenkins/workspace/GovWay/dist 14:52:55 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/dist.backup 14:52:55 [INFO] Executed tasks 14:52:55 [INFO] 14:52:55 [INFO] --------------< org.openspcoop2:org.openspcoop2.package >--------------- 14:52:55 [INFO] Building package 1.0 [61/69] 14:52:55 [INFO] --------------------------------[ pom ]--------------------------------- 14:52:55 [INFO] 14:52:55 [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.utils >----------- 14:52:55 [INFO] Building testsuite.utils 1.0 [62/69] 14:52:55 [INFO] --------------------------------[ pom ]--------------------------------- 14:52:55 [INFO] 14:52:55 [INFO] --------< org.openspcoop2:org.openspcoop2.testsuite.utils.sql >--------- 14:52:55 [INFO] Building testsuite.utils.sql 1.0 [63/69] 14:52:55 [INFO] --------------------------------[ pom ]--------------------------------- 14:52:55 [INFO] 14:52:55 [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core >--------- 14:52:55 [INFO] Building testsuite.pdd.core 1.0 [64/69] 14:52:55 [INFO] --------------------------------[ pom ]--------------------------------- 14:52:55 [INFO] 14:52:55 [INFO] -------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core.sql >------- 14:52:55 [INFO] Building testsuite.pdd.core.sql 1.0 [65/69] 14:52:55 [INFO] --------------------------------[ pom ]--------------------------------- 14:52:55 [INFO] 14:52:55 [INFO] ------< org.openspcoop2:org.openspcoop2.static_analysis.spotbugs >------ 14:52:55 [INFO] Building static_analysis.spotbugs 1.0 [66/69] 14:52:55 [INFO] --------------------------------[ pom ]--------------------------------- 14:52:55 [INFO] 14:52:55 [INFO] -----< org.openspcoop2:org.openspcoop2.static_analysis.sonarqube >------ 14:52:55 [INFO] Building static_analysis.sonarqube 1.0 [67/69] 14:52:55 [INFO] --------------------------------[ pom ]--------------------------------- 14:52:55 [INFO] 14:52:55 [INFO] --------< org.openspcoop2:org.openspcoop2.dynamic_analysis.zap >-------- 14:52:55 [INFO] Building dynamic_analysis.zap 1.0 [68/69] 14:52:55 [INFO] --------------------------------[ pom ]--------------------------------- 14:52:55 [INFO] 14:52:55 [INFO] ----------< org.openspcoop2:org.openspcoop2.coverage.jacoco >----------- 14:52:55 [INFO] Building coverage.jacoco 1.0 [69/69] 14:52:55 [INFO] --------------------------------[ pom ]--------------------------------- 14:52:55 [INFO] ------------------------------------------------------------------------ 14:52:55 [INFO] Reactor Summary for govway 1.0: 14:52:55 [INFO] 14:52:55 [INFO] govway ............................................. SUCCESS [ 0.004 s] 14:52:55 [INFO] dependencies ....................................... SUCCESS [ 0.001 s] 14:52:55 [INFO] dependencies.ant ................................... SUCCESS [ 1.102 s] 14:52:55 [INFO] dependencies.antinstaller .......................... SUCCESS [ 0.029 s] 14:52:55 [INFO] dependencies.axiom ................................. SUCCESS [ 0.358 s] 14:52:55 [INFO] dependencies.bean-validation ....................... SUCCESS [ 0.056 s] 14:52:55 [INFO] dependencies.cxf ................................... SUCCESS [ 0.354 s] 14:52:55 [INFO] dependencies.commons ............................... SUCCESS [ 0.111 s] 14:52:55 [INFO] dependencies.faces ................................. SUCCESS [ 0.051 s] 14:52:55 [INFO] dependencies.git ................................... SUCCESS [ 0.018 s] 14:52:55 [INFO] dependencies.httpcore .............................. SUCCESS [ 0.094 s] 14:52:55 [INFO] dependencies.jackson ............................... SUCCESS [ 0.048 s] 14:52:55 [INFO] dependencies.javax ................................. SUCCESS [ 0.040 s] 14:52:55 [INFO] dependencies.jax ................................... SUCCESS [ 0.153 s] 14:52:55 [INFO] dependencies.jetty ................................. SUCCESS [ 0.033 s] 14:52:55 [INFO] dependencies.jminix ................................ SUCCESS [ 0.053 s] 14:52:55 [INFO] dependencies.json .................................. SUCCESS [ 0.081 s] 14:52:55 [INFO] dependencies.log ................................... SUCCESS [ 0.108 s] 14:52:55 [INFO] dependencies.lucene ................................ SUCCESS [ 0.025 s] 14:52:55 [INFO] dependencies.openapi4j ............................. SUCCESS [ 0.082 s] 14:52:55 [INFO] dependencies.opensaml .............................. SUCCESS [ 0.100 s] 14:52:55 [INFO] dependencies.pdf ................................... SUCCESS [ 0.071 s] 14:52:55 [INFO] dependencies.redis ................................. SUCCESS [ 0.044 s] 14:52:55 [INFO] dependencies.reports ............................... SUCCESS [ 0.032 s] 14:52:55 [INFO] dependencies.saaj .................................. SUCCESS [ 0.054 s] 14:52:55 [INFO] dependencies.security .............................. SUCCESS [ 0.098 s] 14:52:55 [INFO] dependencies.shared ................................ SUCCESS [ 0.178 s] 14:52:55 [INFO] dependencies.spring ................................ SUCCESS [ 0.085 s] 14:52:55 [INFO] dependencies.spring-ldap ........................... SUCCESS [ 0.010 s] 14:52:55 [INFO] dependencies.spring-security ....................... SUCCESS [ 0.013 s] 14:52:55 [INFO] dependencies.swagger ............................... SUCCESS [ 0.077 s] 14:52:55 [INFO] dependencies.wadl .................................. SUCCESS [ 0.010 s] 14:52:55 [INFO] dependencies.wss4j ................................. SUCCESS [ 0.055 s] 14:52:55 [INFO] dependencies.testsuite ............................. SUCCESS [ 0.000 s] 14:52:55 [INFO] dependencies.testsuite.axis14 ...................... SUCCESS [ 0.051 s] 14:52:55 [INFO] dependencies.testsuite.as .......................... SUCCESS [ 0.000 s] 14:52:55 [INFO] dependencies.testsuite.as.wildfly9 ................. SUCCESS [ 0.025 s] 14:52:55 [INFO] dependencies.testsuite.as.wildfly10 ................ SUCCESS [ 0.038 s] 14:52:55 [INFO] dependencies.testsuite.as.wildfly11 ................ SUCCESS [ 0.039 s] 14:52:55 [INFO] dependencies.testsuite.as.wildfly12 ................ SUCCESS [ 0.019 s] 14:52:55 [INFO] dependencies.testsuite.as.wildfly13 ................ SUCCESS [ 0.039 s] 14:52:55 [INFO] dependencies.testsuite.as.wildfly14 ................ SUCCESS [ 0.023 s] 14:52:55 [INFO] dependencies.testsuite.as.wildfly15 ................ SUCCESS [ 0.040 s] 14:52:55 [INFO] dependencies.testsuite.as.wildfly16 ................ SUCCESS [ 0.022 s] 14:52:55 [INFO] dependencies.testsuite.as.wildfly17 ................ SUCCESS [ 0.027 s] 14:52:55 [INFO] dependencies.testsuite.as.wildfly18 ................ SUCCESS [ 0.024 s] 14:52:55 [INFO] dependencies.testsuite.as.wildfly19 ................ SUCCESS [ 0.022 s] 14:52:55 [INFO] dependencies.testsuite.as.wildfly20 ................ SUCCESS [ 0.020 s] 14:52:55 [INFO] dependencies.testsuite.as.wildfly21 ................ SUCCESS [ 0.024 s] 14:52:55 [INFO] dependencies.testsuite.as.wildfly22 ................ SUCCESS [ 0.024 s] 14:52:55 [INFO] dependencies.testsuite.as.wildfly23 ................ SUCCESS [ 0.023 s] 14:52:55 [INFO] dependencies.testsuite.as.wildfly24 ................ SUCCESS [ 0.020 s] 14:52:55 [INFO] dependencies.testsuite.as.wildfly25 ................ SUCCESS [ 0.130 s] 14:52:55 [INFO] dependencies.testsuite.as.wildfly26 ................ SUCCESS [ 0.084 s] 14:52:55 [INFO] dependencies.testsuite.as.tomcat9 .................. SUCCESS [ 0.007 s] 14:52:55 [INFO] dependencies.testsuite.test ........................ SUCCESS [ 0.127 s] 14:52:55 [INFO] dependencies.testsuite.staticAnalysis .............. SUCCESS [ 0.012 s] 14:52:55 [INFO] dependencies.testsuite.dynamicAnalysis ............. SUCCESS [ 0.007 s] 14:52:55 [INFO] dependencies.testsuite.coverage .................... SUCCESS [ 0.027 s] 14:52:55 [INFO] compile ............................................ SUCCESS [15:28 min] 14:52:55 [INFO] package ............................................ SUCCESS [ 0.000 s] 14:52:55 [INFO] testsuite.utils .................................... SUCCESS [ 0.001 s] 14:52:55 [INFO] testsuite.utils.sql ................................ SUCCESS [ 0.000 s] 14:52:55 [INFO] testsuite.pdd.core ................................. SUCCESS [ 0.001 s] 14:52:55 [INFO] testsuite.pdd.core.sql ............................. SUCCESS [ 0.000 s] 14:52:55 [INFO] static_analysis.spotbugs ........................... SUCCESS [ 0.001 s] 14:52:55 [INFO] static_analysis.sonarqube .......................... SUCCESS [ 0.000 s] 14:52:55 [INFO] dynamic_analysis.zap ............................... SUCCESS [ 0.000 s] 14:52:55 [INFO] coverage.jacoco .................................... SUCCESS [ 0.001 s] 14:52:55 [INFO] ------------------------------------------------------------------------ 14:52:55 [INFO] BUILD SUCCESS 14:52:55 [INFO] ------------------------------------------------------------------------ 14:52:55 [INFO] Total time: 15:33 min 14:52:55 [INFO] Finished at: 2025-01-08T14:52:55+01:00 14:52:55 [INFO] ------------------------------------------------------------------------ 14:52:56 [GovWay] $ /opt/apache-maven-3.6.3/bin/mvn -Dpackage.git_info.generate=false -Dpackage=package -Dcompile=none -Dowasp=none -Dtestsuite=none package 14:52:58 [INFO] Scanning for projects... 14:52:58 [INFO] ------------------------------------------------------------------------ 14:52:58 [INFO] Reactor Build Order: 14:52:58 [INFO] 14:52:58 [INFO] govway [pom] 14:52:58 [INFO] dependencies [pom] 14:52:58 [INFO] dependencies.ant [pom] 14:52:58 [INFO] dependencies.antinstaller [pom] 14:52:58 [INFO] dependencies.axiom [pom] 14:52:58 [INFO] dependencies.bean-validation [pom] 14:52:58 [INFO] dependencies.cxf [pom] 14:52:58 [INFO] dependencies.commons [pom] 14:52:58 [INFO] dependencies.faces [pom] 14:52:58 [INFO] dependencies.git [pom] 14:52:58 [INFO] dependencies.httpcore [pom] 14:52:58 [INFO] dependencies.jackson [pom] 14:52:58 [INFO] dependencies.javax [pom] 14:52:58 [INFO] dependencies.jax [pom] 14:52:58 [INFO] dependencies.jetty [pom] 14:52:58 [INFO] dependencies.jminix [pom] 14:52:58 [INFO] dependencies.json [pom] 14:52:58 [INFO] dependencies.log [pom] 14:52:58 [INFO] dependencies.lucene [pom] 14:52:58 [INFO] dependencies.openapi4j [pom] 14:52:58 [INFO] dependencies.opensaml [pom] 14:52:58 [INFO] dependencies.pdf [pom] 14:52:58 [INFO] dependencies.redis [pom] 14:52:58 [INFO] dependencies.reports [pom] 14:52:58 [INFO] dependencies.saaj [pom] 14:52:58 [INFO] dependencies.security [pom] 14:52:58 [INFO] dependencies.shared [pom] 14:52:58 [INFO] dependencies.spring [pom] 14:52:58 [INFO] dependencies.spring-ldap [pom] 14:52:58 [INFO] dependencies.spring-security [pom] 14:52:58 [INFO] dependencies.swagger [pom] 14:52:58 [INFO] dependencies.wadl [pom] 14:52:58 [INFO] dependencies.wss4j [pom] 14:52:58 [INFO] dependencies.testsuite [pom] 14:52:58 [INFO] dependencies.testsuite.axis14 [pom] 14:52:58 [INFO] dependencies.testsuite.as [pom] 14:52:58 [INFO] dependencies.testsuite.as.wildfly9 [pom] 14:52:58 [INFO] dependencies.testsuite.as.wildfly10 [pom] 14:52:58 [INFO] dependencies.testsuite.as.wildfly11 [pom] 14:52:58 [INFO] dependencies.testsuite.as.wildfly12 [pom] 14:52:58 [INFO] dependencies.testsuite.as.wildfly13 [pom] 14:52:58 [INFO] dependencies.testsuite.as.wildfly14 [pom] 14:52:58 [INFO] dependencies.testsuite.as.wildfly15 [pom] 14:52:58 [INFO] dependencies.testsuite.as.wildfly16 [pom] 14:52:58 [INFO] dependencies.testsuite.as.wildfly17 [pom] 14:52:58 [INFO] dependencies.testsuite.as.wildfly18 [pom] 14:52:58 [INFO] dependencies.testsuite.as.wildfly19 [pom] 14:52:58 [INFO] dependencies.testsuite.as.wildfly20 [pom] 14:52:58 [INFO] dependencies.testsuite.as.wildfly21 [pom] 14:52:58 [INFO] dependencies.testsuite.as.wildfly22 [pom] 14:52:58 [INFO] dependencies.testsuite.as.wildfly23 [pom] 14:52:58 [INFO] dependencies.testsuite.as.wildfly24 [pom] 14:52:58 [INFO] dependencies.testsuite.as.wildfly25 [pom] 14:52:58 [INFO] dependencies.testsuite.as.wildfly26 [pom] 14:52:58 [INFO] dependencies.testsuite.as.tomcat9 [pom] 14:52:58 [INFO] dependencies.testsuite.test [pom] 14:52:58 [INFO] dependencies.testsuite.staticAnalysis [pom] 14:52:58 [INFO] dependencies.testsuite.dynamicAnalysis [pom] 14:52:58 [INFO] dependencies.testsuite.coverage [pom] 14:52:58 [INFO] compile [pom] 14:52:58 [INFO] package [pom] 14:52:58 [INFO] testsuite.utils [pom] 14:52:58 [INFO] testsuite.utils.sql [pom] 14:52:58 [INFO] testsuite.pdd.core [pom] 14:52:58 [INFO] testsuite.pdd.core.sql [pom] 14:52:58 [INFO] static_analysis.spotbugs [pom] 14:52:58 [INFO] static_analysis.sonarqube [pom] 14:52:58 [INFO] dynamic_analysis.zap [pom] 14:52:58 [INFO] coverage.jacoco [pom] 14:52:58 [INFO] 14:52:58 [INFO] ------------------< org.openspcoop2:org.openspcoop2 >------------------- 14:52:58 [INFO] Building govway 1.0 [1/69] 14:52:58 [INFO] --------------------------------[ pom ]--------------------------------- 14:52:58 [INFO] 14:52:58 [INFO] ------------< org.openspcoop2:org.openspcoop2.dependencies >------------ 14:52:58 [INFO] Building dependencies 1.0 [2/69] 14:52:58 [INFO] --------------------------------[ pom ]--------------------------------- 14:52:58 [INFO] 14:52:58 [INFO] ----------------< org.openspcoop2:org.openspcoop2.ant >----------------- 14:52:58 [INFO] Building dependencies.ant 1.0 [3/69] 14:52:58 [INFO] --------------------------------[ pom ]--------------------------------- 14:52:58 [INFO] 14:52:58 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.ant --- 14:52:58 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/ant (includes = [*.jar], excludes = []) 14:52:58 [INFO] 14:52:58 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.ant --- 14:52:59 [INFO] 14:52:59 [INFO] ------------< org.openspcoop2:org.openspcoop2.antinstaller >------------ 14:52:59 [INFO] Building dependencies.antinstaller 1.0 [4/69] 14:52:59 [INFO] --------------------------------[ pom ]--------------------------------- 14:52:59 [INFO] 14:52:59 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.antinstaller --- 14:52:59 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/antinstaller (includes = [*.jar], excludes = []) 14:52:59 [INFO] 14:52:59 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.antinstaller --- 14:52:59 [INFO] 14:52:59 [INFO] ---------------< org.openspcoop2:org.openspcoop2.axiom >---------------- 14:52:59 [INFO] Building dependencies.axiom 1.0 [5/69] 14:52:59 [INFO] --------------------------------[ pom ]--------------------------------- 14:52:59 [INFO] 14:52:59 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.axiom --- 14:52:59 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axiom (includes = [*.jar], excludes = []) 14:52:59 [INFO] 14:52:59 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.axiom --- 14:52:59 [INFO] 14:52:59 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.axiom --- 14:53:00 [INFO] Executing tasks 14:53:00 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-api-1.2.13.jar 14:53:00 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-dom-1.2.13.jar 14:53:00 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-impl-1.2.13.jar 14:53:00 [INFO] Executed tasks 14:53:00 [INFO] 14:53:00 [INFO] ----------< org.openspcoop2:org.openspcoop2.bean-validation >----------- 14:53:00 [INFO] Building dependencies.bean-validation 1.0 [6/69] 14:53:00 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:00 [INFO] 14:53:00 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.bean-validation --- 14:53:00 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/bean-validation (includes = [*.jar], excludes = []) 14:53:00 [INFO] 14:53:00 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.bean-validation --- 14:53:00 [INFO] 14:53:00 [INFO] ----------------< org.openspcoop2:org.openspcoop2.cxf >----------------- 14:53:00 [INFO] Building dependencies.cxf 1.0 [7/69] 14:53:00 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:00 [INFO] 14:53:00 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.cxf --- 14:53:00 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/cxf (includes = [*.jar], excludes = []) 14:53:00 [INFO] 14:53:00 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.cxf --- 14:53:00 [INFO] 14:53:00 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.cxf --- 14:53:00 [INFO] Executing tasks 14:53:00 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-core-3.6.4.jar 14:53:00 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-security-jose-3.6.4.jar 14:53:00 [INFO] Executed tasks 14:53:00 [INFO] 14:53:00 [INFO] --------------< org.openspcoop2:org.openspcoop2.commons >--------------- 14:53:00 [INFO] Building dependencies.commons 1.0 [8/69] 14:53:00 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:00 [INFO] 14:53:00 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.commons --- 14:53:00 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/commons (includes = [*.jar], excludes = []) 14:53:00 [INFO] 14:53:00 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.commons --- 14:53:00 [INFO] 14:53:00 [INFO] ---------------< org.openspcoop2:org.openspcoop2.faces >---------------- 14:53:00 [INFO] Building dependencies.faces 1.0 [9/69] 14:53:00 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:00 [INFO] 14:53:00 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.faces --- 14:53:00 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/faces (includes = [*.jar], excludes = []) 14:53:00 [INFO] 14:53:00 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.faces --- 14:53:00 [INFO] 14:53:00 [INFO] ----------------< org.openspcoop2:org.openspcoop2.git >----------------- 14:53:00 [INFO] Building dependencies.git 1.0 [10/69] 14:53:00 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:00 [INFO] 14:53:00 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.git --- 14:53:00 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/git (includes = [*.jar], excludes = []) 14:53:00 [INFO] 14:53:00 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.git --- 14:53:00 [INFO] 14:53:00 [INFO] --------------< org.openspcoop2:org.openspcoop2.httpcore >-------------- 14:53:00 [INFO] Building dependencies.httpcore 1.0 [11/69] 14:53:00 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:01 [INFO] 14:53:01 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.httpcore --- 14:53:01 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/httpcore (includes = [*.jar], excludes = []) 14:53:01 [INFO] 14:53:01 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.httpcore --- 14:53:01 [INFO] 14:53:01 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.httpcore --- 14:53:01 [INFO] Executing tasks 14:53:01 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpcore-ab-4.4.15.jar 14:53:01 [INFO] Executed tasks 14:53:01 [INFO] 14:53:01 [INFO] --------------< org.openspcoop2:org.openspcoop2.jackson >--------------- 14:53:01 [INFO] Building dependencies.jackson 1.0 [12/69] 14:53:01 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:01 [INFO] 14:53:01 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jackson --- 14:53:01 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jackson (includes = [*.jar], excludes = []) 14:53:01 [INFO] 14:53:01 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jackson --- 14:53:01 [INFO] 14:53:01 [INFO] ---------------< org.openspcoop2:org.openspcoop2.javax >---------------- 14:53:01 [INFO] Building dependencies.javax 1.0 [13/69] 14:53:01 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:01 [INFO] 14:53:01 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.javax --- 14:53:01 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/javax (includes = [*.jar], excludes = []) 14:53:01 [INFO] 14:53:01 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.javax --- 14:53:01 [INFO] 14:53:01 [INFO] ----------------< org.openspcoop2:org.openspcoop2.jax >----------------- 14:53:01 [INFO] Building dependencies.jax 1.0 [14/69] 14:53:01 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:01 [INFO] 14:53:01 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jax --- 14:53:01 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jax (includes = [*.jar], excludes = []) 14:53:01 [INFO] 14:53:01 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jax --- 14:53:01 [INFO] 14:53:01 [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.jax --- 14:53:01 [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/jax/jsr181-api-1.0-MR1.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxws-jsr181-api-2.3.1.jar 14:53:01 [INFO] 14:53:01 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jax --- 14:53:01 [INFO] Executing tasks 14:53:01 [INFO] Executed tasks 14:53:01 [INFO] 14:53:01 [INFO] ---------------< org.openspcoop2:org.openspcoop2.jetty >---------------- 14:53:01 [INFO] Building dependencies.jetty 1.0 [15/69] 14:53:01 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:01 [INFO] 14:53:01 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jetty --- 14:53:01 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jetty (includes = [*.jar], excludes = []) 14:53:01 [INFO] 14:53:01 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jetty --- 14:53:01 [INFO] 14:53:01 [INFO] ---------------< org.openspcoop2:org.openspcoop2.jminix >--------------- 14:53:01 [INFO] Building dependencies.jminix 1.0 [16/69] 14:53:01 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:01 [INFO] 14:53:01 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jminix --- 14:53:01 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jminix (includes = [*.jar], excludes = []) 14:53:01 [INFO] 14:53:01 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jminix --- 14:53:01 [INFO] 14:53:01 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jminix --- 14:53:01 [INFO] Executing tasks 14:53:01 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/jminix/jminix-1.2.0.jar 14:53:01 [INFO] Executed tasks 14:53:01 [INFO] 14:53:01 [INFO] ----------------< org.openspcoop2:org.openspcoop2.json >---------------- 14:53:01 [INFO] Building dependencies.json 1.0 [17/69] 14:53:01 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:01 [INFO] 14:53:01 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.json --- 14:53:01 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/json (includes = [*.jar], excludes = []) 14:53:01 [INFO] 14:53:01 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.json --- 14:53:01 [INFO] 14:53:01 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.json --- 14:53:01 [INFO] Executing tasks 14:53:01 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/json/json-path-2.9.0.jar 14:53:01 [INFO] Executed tasks 14:53:01 [INFO] 14:53:01 [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.json --- 14:53:01 [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/json/json-schema-validator-1.0.73.jar to /var/lib/jenkins/workspace/GovWay/lib/json/networknt_json-schema-validator-1.0.73.jar 14:53:01 [INFO] 14:53:01 [INFO] ----------------< org.openspcoop2:org.openspcoop2.log >----------------- 14:53:01 [INFO] Building dependencies.log 1.0 [18/69] 14:53:01 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:01 [INFO] 14:53:01 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.log --- 14:53:01 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/log (includes = [*.jar], excludes = []) 14:53:01 [INFO] 14:53:01 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.log --- 14:53:01 [INFO] 14:53:01 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.log --- 14:53:01 [INFO] Executing tasks 14:53:01 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/log/slf4j-api-2.0.16.jar 14:53:01 [INFO] Executed tasks 14:53:01 [INFO] 14:53:01 [INFO] ---------------< org.openspcoop2:org.openspcoop2.lucene >--------------- 14:53:01 [INFO] Building dependencies.lucene 1.0 [19/69] 14:53:01 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:01 [INFO] 14:53:01 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.lucene --- 14:53:01 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/lucene (includes = [*.jar], excludes = []) 14:53:01 [INFO] 14:53:01 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.lucene --- 14:53:01 [INFO] 14:53:01 [INFO] -------------< org.openspcoop2:org.openspcoop2.openapi4j >-------------- 14:53:01 [INFO] Building dependencies.openapi4j 1.0 [20/69] 14:53:01 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:01 [INFO] 14:53:01 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.openapi4j --- 14:53:01 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/openapi4j (includes = [*.jar], excludes = []) 14:53:01 [INFO] 14:53:01 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.openapi4j --- 14:53:01 [INFO] 14:53:01 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.openapi4j --- 14:53:01 [INFO] Executing tasks 14:53:01 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-core-1.0.7.jar 14:53:01 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-parser-1.0.7.jar 14:53:01 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-schema-validator-1.0.7.jar 14:53:01 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-operation-validator-1.0.7.jar 14:53:01 [INFO] Executed tasks 14:53:01 [INFO] 14:53:01 [INFO] --------------< org.openspcoop2:org.openspcoop2.opensaml >-------------- 14:53:01 [INFO] Building dependencies.opensaml 1.0 [21/69] 14:53:01 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:01 [INFO] 14:53:01 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.opensaml --- 14:53:01 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/opensaml (includes = [*.jar], excludes = []) 14:53:01 [INFO] 14:53:01 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.opensaml --- 14:53:01 [INFO] 14:53:01 [INFO] ----------------< org.openspcoop2:org.openspcoop2.pdf >----------------- 14:53:01 [INFO] Building dependencies.pdf 1.0 [22/69] 14:53:01 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:01 [INFO] 14:53:01 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.pdf --- 14:53:01 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/pdf (includes = [*.jar], excludes = []) 14:53:01 [INFO] 14:53:01 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.pdf --- 14:53:01 [INFO] 14:53:01 [INFO] ---------------< org.openspcoop2:org.openspcoop2.redis >---------------- 14:53:01 [INFO] Building dependencies.redis 1.0 [23/69] 14:53:01 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.redis --- 14:53:02 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/redis (includes = [*.jar], excludes = []) 14:53:02 [INFO] 14:53:02 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.redis --- 14:53:02 [INFO] 14:53:02 [INFO] --------------< org.openspcoop2:org.openspcoop2.reports >--------------- 14:53:02 [INFO] Building dependencies.reports 1.0 [24/69] 14:53:02 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.reports --- 14:53:02 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/reports (includes = [*.jar], excludes = []) 14:53:02 [INFO] 14:53:02 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.reports --- 14:53:02 [INFO] 14:53:02 [INFO] ----------------< org.openspcoop2:org.openspcoop2.saaj >---------------- 14:53:02 [INFO] Building dependencies.saaj 1.0 [25/69] 14:53:02 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.saaj --- 14:53:02 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/saaj (includes = [*.jar], excludes = []) 14:53:02 [INFO] 14:53:02 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.saaj --- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.saaj --- 14:53:02 [INFO] Executing tasks 14:53:02 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/saaj/saaj-impl-1.5.3.jar 14:53:02 [INFO] Executed tasks 14:53:02 [INFO] 14:53:02 [INFO] --------------< org.openspcoop2:org.openspcoop2.security >-------------- 14:53:02 [INFO] Building dependencies.security 1.0 [26/69] 14:53:02 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.security --- 14:53:02 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/security (includes = [*.jar], excludes = []) 14:53:02 [INFO] 14:53:02 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.security --- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.security --- 14:53:02 [INFO] Executing tasks 14:53:02 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/security/xmlsec-2.3.4.jar 14:53:02 [INFO] Executed tasks 14:53:02 [INFO] 14:53:02 [INFO] ---------------< org.openspcoop2:org.openspcoop2.shared >--------------- 14:53:02 [INFO] Building dependencies.shared 1.0 [27/69] 14:53:02 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.shared --- 14:53:02 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/shared (includes = [*.jar], excludes = []) 14:53:02 [INFO] 14:53:02 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.shared --- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.shared --- 14:53:02 [INFO] Executing tasks 14:53:02 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/commons-jcs3-core-3.1.jar 14:53:02 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/Saxon-HE-11.4.jar 14:53:02 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/snakeyaml-1.33.jar 14:53:02 [INFO] Executed tasks 14:53:02 [INFO] 14:53:02 [INFO] ---------------< org.openspcoop2:org.openspcoop2.spring >--------------- 14:53:02 [INFO] Building dependencies.spring 1.0 [28/69] 14:53:02 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring --- 14:53:02 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring (includes = [*.jar], excludes = []) 14:53:02 [INFO] 14:53:02 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring --- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.spring --- 14:53:02 [INFO] Executing tasks 14:53:02 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-beans-5.3.39.jar 14:53:02 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-5.3.39.jar 14:53:02 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-support-5.3.39.jar 14:53:02 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-core-5.3.39.jar 14:53:02 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-expression-5.3.39.jar 14:53:02 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-web-5.3.39.jar 14:53:02 [INFO] Executed tasks 14:53:02 [INFO] 14:53:02 [INFO] ------------< org.openspcoop2:org.openspcoop2.spring-ldap >------------- 14:53:02 [INFO] Building dependencies.spring-ldap 1.0 [29/69] 14:53:02 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-ldap --- 14:53:02 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-ldap (includes = [*.jar], excludes = []) 14:53:02 [INFO] 14:53:02 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-ldap --- 14:53:02 [INFO] 14:53:02 [INFO] ----------< org.openspcoop2:org.openspcoop2.spring-security >----------- 14:53:02 [INFO] Building dependencies.spring-security 1.0 [30/69] 14:53:02 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-security --- 14:53:02 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-security (includes = [*.jar], excludes = []) 14:53:02 [INFO] 14:53:02 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-security --- 14:53:02 [INFO] 14:53:02 [INFO] --------------< org.openspcoop2:org.openspcoop2.swagger >--------------- 14:53:02 [INFO] Building dependencies.swagger 1.0 [31/69] 14:53:02 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.swagger --- 14:53:02 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/swagger (includes = [*.jar], excludes = []) 14:53:02 [INFO] 14:53:02 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.swagger --- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.swagger --- 14:53:02 [INFO] Executing tasks 14:53:02 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-parser-v3-2.1.6.jar 14:53:02 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-request-validator-core-2.30.0.jar 14:53:02 [INFO] Executed tasks 14:53:02 [INFO] 14:53:02 [INFO] ----------------< org.openspcoop2:org.openspcoop2.wadl >---------------- 14:53:02 [INFO] Building dependencies.wadl 1.0 [32/69] 14:53:02 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wadl --- 14:53:02 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wadl (includes = [*.jar], excludes = []) 14:53:02 [INFO] 14:53:02 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wadl --- 14:53:02 [INFO] 14:53:02 [INFO] ---------------< org.openspcoop2:org.openspcoop2.wss4j >---------------- 14:53:02 [INFO] Building dependencies.wss4j 1.0 [33/69] 14:53:02 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wss4j --- 14:53:02 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wss4j (includes = [*.jar], excludes = []) 14:53:02 [INFO] 14:53:02 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wss4j --- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.wss4j --- 14:53:02 [INFO] Executing tasks 14:53:02 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-common-2.4.1.jar 14:53:02 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-dom-2.4.1.jar 14:53:02 [INFO] Executed tasks 14:53:02 [INFO] 14:53:02 [INFO] -------------< org.openspcoop2:org.openspcoop2.testsuite >-------------- 14:53:02 [INFO] Building dependencies.testsuite 1.0 [34/69] 14:53:02 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:02 [INFO] 14:53:02 [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.axis14 >---------- 14:53:02 [INFO] Building dependencies.testsuite.axis14 1.0 [35/69] 14:53:02 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.axis14 --- 14:53:02 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axis14 (includes = [*.jar], excludes = []) 14:53:02 [INFO] 14:53:02 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.axis14 --- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.axis14 --- 14:53:02 [INFO] Executing tasks 14:53:02 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-1.4.jar 14:53:02 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-jaxrpc-1.4.jar 14:53:02 [INFO] Executed tasks 14:53:02 [INFO] 14:53:02 [INFO] ----< org.openspcoop2:org.openspcoop2.testsuite.applicationServer >----- 14:53:02 [INFO] Building dependencies.testsuite.as 1.0 [36/69] 14:53:02 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:02 [INFO] 14:53:02 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly9 >-- 14:53:02 [INFO] Building dependencies.testsuite.as.wildfly9 1.0 [37/69] 14:53:02 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 14:53:02 [INFO] org.wildfly:wildfly-client-all:jar:9.0.0.Final already exists in destination. 14:53:02 [INFO] 14:53:02 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly10 >-- 14:53:02 [INFO] Building dependencies.testsuite.as.wildfly10 1.0 [38/69] 14:53:02 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 14:53:02 [INFO] org.wildfly:wildfly-client-all:jar:10.0.0.Final already exists in destination. 14:53:02 [INFO] 14:53:02 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly11 >-- 14:53:02 [INFO] Building dependencies.testsuite.as.wildfly11 1.0 [39/69] 14:53:02 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 14:53:02 [INFO] org.wildfly:wildfly-client-all:jar:11.0.0.Final already exists in destination. 14:53:02 [INFO] 14:53:02 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly12 >-- 14:53:02 [INFO] Building dependencies.testsuite.as.wildfly12 1.0 [40/69] 14:53:02 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 14:53:02 [INFO] org.wildfly:wildfly-client-all:jar:12.0.0.Final already exists in destination. 14:53:02 [INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination. 14:53:02 [INFO] 14:53:02 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly13 >-- 14:53:02 [INFO] Building dependencies.testsuite.as.wildfly13 1.0 [41/69] 14:53:02 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 14:53:02 [INFO] org.wildfly:wildfly-client-all:jar:13.0.0.Final already exists in destination. 14:53:02 [INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination. 14:53:02 [INFO] 14:53:02 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly14 >-- 14:53:02 [INFO] Building dependencies.testsuite.as.wildfly14 1.0 [42/69] 14:53:02 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 14:53:02 [INFO] org.wildfly:wildfly-client-all:jar:14.0.0.Final already exists in destination. 14:53:02 [INFO] 14:53:02 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly15 >-- 14:53:02 [INFO] Building dependencies.testsuite.as.wildfly15 1.0 [43/69] 14:53:02 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 14:53:02 [INFO] org.wildfly:wildfly-client-all:jar:15.0.0.Final already exists in destination. 14:53:02 [INFO] 14:53:02 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly16 >-- 14:53:02 [INFO] Building dependencies.testsuite.as.wildfly16 1.0 [44/69] 14:53:02 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 14:53:02 [INFO] org.wildfly:wildfly-client-all:jar:16.0.0.Final already exists in destination. 14:53:02 [INFO] 14:53:02 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly17 >-- 14:53:02 [INFO] Building dependencies.testsuite.as.wildfly17 1.0 [45/69] 14:53:02 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 14:53:02 [INFO] org.wildfly:wildfly-client-all:jar:17.0.0.Final already exists in destination. 14:53:02 [INFO] 14:53:02 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly18 >-- 14:53:02 [INFO] Building dependencies.testsuite.as.wildfly18 1.0 [46/69] 14:53:02 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 14:53:02 [INFO] 14:53:02 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 14:53:02 [INFO] org.wildfly:wildfly-client-all:jar:18.0.0.Final already exists in destination. 14:53:02 [INFO] 14:53:02 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly19 >-- 14:53:02 [INFO] Building dependencies.testsuite.as.wildfly19 1.0 [47/69] 14:53:02 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:03 [INFO] 14:53:03 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 14:53:03 [INFO] 14:53:03 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 14:53:03 [INFO] org.wildfly:wildfly-client-all:jar:19.0.0.Final already exists in destination. 14:53:03 [INFO] 14:53:03 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly20 >-- 14:53:03 [INFO] Building dependencies.testsuite.as.wildfly20 1.0 [48/69] 14:53:03 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:03 [INFO] 14:53:03 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 14:53:03 [INFO] 14:53:03 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 14:53:03 [INFO] org.wildfly:wildfly-client-all:jar:20.0.0.Final already exists in destination. 14:53:03 [INFO] 14:53:03 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly21 >-- 14:53:03 [INFO] Building dependencies.testsuite.as.wildfly21 1.0 [49/69] 14:53:03 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:03 [INFO] 14:53:03 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 14:53:03 [INFO] 14:53:03 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 14:53:03 [INFO] org.wildfly:wildfly-client-all:jar:21.0.0.Final already exists in destination. 14:53:03 [INFO] 14:53:03 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly22 >-- 14:53:03 [INFO] Building dependencies.testsuite.as.wildfly22 1.0 [50/69] 14:53:03 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:03 [INFO] 14:53:03 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 14:53:03 [INFO] 14:53:03 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 14:53:03 [INFO] org.wildfly:wildfly-client-all:jar:22.0.0.Final already exists in destination. 14:53:03 [INFO] 14:53:03 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly23 >-- 14:53:03 [INFO] Building dependencies.testsuite.as.wildfly23 1.0 [51/69] 14:53:03 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:03 [INFO] 14:53:03 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 14:53:03 [INFO] 14:53:03 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 14:53:03 [INFO] org.wildfly:wildfly-client-all:jar:23.0.0.Final already exists in destination. 14:53:03 [INFO] 14:53:03 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly24 >-- 14:53:03 [INFO] Building dependencies.testsuite.as.wildfly24 1.0 [52/69] 14:53:03 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:03 [INFO] 14:53:03 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 14:53:03 [INFO] 14:53:03 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 14:53:03 [INFO] org.wildfly:wildfly-client-all:jar:24.0.0.Final already exists in destination. 14:53:03 [INFO] 14:53:03 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly25 >-- 14:53:03 [INFO] Building dependencies.testsuite.as.wildfly25 1.0 [53/69] 14:53:03 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:03 [INFO] 14:53:03 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 14:53:03 [INFO] 14:53:03 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 14:53:03 [INFO] org.wildfly:wildfly-client-all:jar:25.0.0.Final already exists in destination. 14:53:03 [INFO] 14:53:03 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly26 >-- 14:53:03 [INFO] Building dependencies.testsuite.as.wildfly26 1.0 [54/69] 14:53:03 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:03 [INFO] 14:53:03 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 14:53:03 [INFO] 14:53:03 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 14:53:03 [INFO] org.wildfly:wildfly-client-all:jar:26.0.0.Final already exists in destination. 14:53:03 [INFO] 14:53:03 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.tomcat9 >-- 14:53:03 [INFO] Building dependencies.testsuite.as.tomcat9 1.0 [55/69] 14:53:03 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:03 [INFO] 14:53:03 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 14:53:03 [INFO] 14:53:03 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 14:53:03 [INFO] org.apache.tomcat:tomcat-catalina:jar:9.0.98 already exists in destination. 14:53:03 [INFO] org.apache.tomcat:tomcat-juli:jar:9.0.98 already exists in destination. 14:53:03 [INFO] 14:53:03 [INFO] -----------< org.openspcoop2:org.openspcoop2.testsuite.test >----------- 14:53:03 [INFO] Building dependencies.testsuite.test 1.0 [56/69] 14:53:03 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:03 [INFO] 14:53:03 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.test --- 14:53:03 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/testsuite (includes = [*.jar], excludes = []) 14:53:03 [INFO] 14:53:03 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.test --- 14:53:03 [INFO] 14:53:03 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.test --- 14:53:03 [INFO] Executing tasks 14:53:03 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/testsuite/apacheds-all-2.0.0.AM27.jar 14:53:03 [INFO] Executed tasks 14:53:03 [INFO] 14:53:03 [INFO] ------< org.openspcoop2:org.openspcoop2.testsuite.staticAnalysis >------ 14:53:03 [INFO] Building dependencies.testsuite.staticAnalysis 1.0 [57/69] 14:53:03 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:03 [INFO] 14:53:03 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.staticAnalysis --- 14:53:03 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/staticAnalysis (includes = [*.jar], excludes = []) 14:53:03 [INFO] 14:53:03 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.staticAnalysis --- 14:53:03 [INFO] 14:53:03 [INFO] -----< org.openspcoop2:org.openspcoop2.testsuite.dynamicAnalysis >------ 14:53:03 [INFO] Building dependencies.testsuite.dynamicAnalysis 1.0 [58/69] 14:53:03 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:03 [INFO] 14:53:03 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.dynamicAnalysis --- 14:53:03 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/dynamicAnalysis (includes = [*.jar], excludes = []) 14:53:03 [INFO] 14:53:03 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.dynamicAnalysis --- 14:53:03 [INFO] 14:53:03 [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.coverage >--------- 14:53:03 [INFO] Building dependencies.testsuite.coverage 1.0 [59/69] 14:53:03 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:03 [INFO] 14:53:03 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.coverage --- 14:53:03 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/coverage (includes = [*.jar], excludes = []) 14:53:03 [INFO] 14:53:03 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.coverage --- 14:53:03 [INFO] 14:53:03 [INFO] --------------< org.openspcoop2:org.openspcoop2.compile >--------------- 14:53:03 [INFO] Building compile 1.0 [60/69] 14:53:03 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:03 [INFO] 14:53:03 [INFO] --------------< org.openspcoop2:org.openspcoop2.package >--------------- 14:53:03 [INFO] Building package 1.0 [61/69] 14:53:03 [INFO] --------------------------------[ pom ]--------------------------------- 14:53:03 [INFO] 14:53:03 [INFO] --- maven-antrun-plugin:3.1.0:run (default) @ org.openspcoop2.package --- 14:53:03 [INFO] Executing tasks 14:53:03 [INFO] [exec] INFO <2025/01/08 14:53:03>: --------------------------------------- 14:53:03 [INFO] [exec] INFO <2025/01/08 14:53:03>: WORK_DIR: /var/lib/jenkins/workspace/GovWay/dist 14:53:03 [INFO] [exec] INFO <2025/01/08 14:53:03>: LOG_DIR: /var/lib/jenkins/workspace/GovWay/log 14:53:03 [INFO] [exec] INFO <2025/01/08 14:53:03>: TIPO: branches 14:53:03 [INFO] [exec] INFO <2025/01/08 14:53:03>: BUILD-SETUP: true 14:53:03 [INFO] [exec] INFO <2025/01/08 14:53:03>: BUILD-DOC: false 14:53:03 [INFO] [exec] INFO <2025/01/08 14:53:03>: BUILD-LIB: false 14:53:03 [INFO] [exec] INFO <2025/01/08 14:53:03>: READ_GIT_INFO: false 14:53:03 [INFO] [exec] INFO <2025/01/08 14:53:03>: VERSION: 3.3.15.p2.build-master 14:53:03 [INFO] [exec] INFO <2025/01/08 14:53:03>: --------------------------------------- 14:53:03 [INFO] [exec] WARN <2025/01/08 14:53:03>: Generazione distribuzione sorgente non eseguita su richiesta utente. 14:53:03 [INFO] [exec] ANT_OPTS: -Xmx512m -XX:MaxMetaspaceSize=700m -XX:+UseG1GC 14:53:03 [INFO] [exec] INFO <2025/01/08 14:53:03>: Comincio produzione distribuzione binaria 14:53:03 [INFO] [exec] INFO <2025/01/08 14:53:03>: Generazione dei pacchetti software in corso (!!NOTA: questa operazione richiede parecchi minuti) ... 15:37:23 [INFO] [exec] INFO <2025/01/08 15:37:23>: Generazione dei pacchetti software terminata correttamente 15:37:23 [INFO] [exec] INFO <2025/01/08 15:37:23>: Generazione della documentazione (Questa operazione richiede qualche minuto) ... 15:37:24 [INFO] [exec] INFO <2025/01/08 15:37:24>: Generazione della documentazione terminata correttamente 15:37:24 [INFO] [exec] INFO <2025/01/08 15:37:24>: Generazione pacchetto installer ... 15:37:46 [INFO] [exec] /bin/rm -rf /var/lib/jenkins/workspace/GovWay/dist/govway-installer-3.3.15.p2.build-master 15:37:46 [INFO] [exec] INFO <2025/01/08 15:37:46>: Generazione pacchetto installer terminata correttamente. 15:37:46 [INFO] [exec] INFO <2025/01/08 15:37:46>: Generazione distribuzione binaria terminata correttamente. Archivio generato: /var/lib/jenkins/workspace/GovWay/dist/govway-installer-3.3.15.p2.build-master.tgz 15:37:46 [INFO] Executed tasks 15:37:46 [INFO] 15:37:46 [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.utils >----------- 15:37:46 [INFO] Building testsuite.utils 1.0 [62/69] 15:37:46 [INFO] --------------------------------[ pom ]--------------------------------- 15:37:46 [INFO] 15:37:46 [INFO] --------< org.openspcoop2:org.openspcoop2.testsuite.utils.sql >--------- 15:37:46 [INFO] Building testsuite.utils.sql 1.0 [63/69] 15:37:46 [INFO] --------------------------------[ pom ]--------------------------------- 15:37:46 [INFO] 15:37:46 [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core >--------- 15:37:46 [INFO] Building testsuite.pdd.core 1.0 [64/69] 15:37:46 [INFO] --------------------------------[ pom ]--------------------------------- 15:37:46 [INFO] 15:37:46 [INFO] -------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core.sql >------- 15:37:46 [INFO] Building testsuite.pdd.core.sql 1.0 [65/69] 15:37:46 [INFO] --------------------------------[ pom ]--------------------------------- 15:37:46 [INFO] 15:37:46 [INFO] ------< org.openspcoop2:org.openspcoop2.static_analysis.spotbugs >------ 15:37:46 [INFO] Building static_analysis.spotbugs 1.0 [66/69] 15:37:46 [INFO] --------------------------------[ pom ]--------------------------------- 15:37:46 [INFO] 15:37:46 [INFO] -----< org.openspcoop2:org.openspcoop2.static_analysis.sonarqube >------ 15:37:46 [INFO] Building static_analysis.sonarqube 1.0 [67/69] 15:37:46 [INFO] --------------------------------[ pom ]--------------------------------- 15:37:46 [INFO] 15:37:46 [INFO] --------< org.openspcoop2:org.openspcoop2.dynamic_analysis.zap >-------- 15:37:46 [INFO] Building dynamic_analysis.zap 1.0 [68/69] 15:37:46 [INFO] --------------------------------[ pom ]--------------------------------- 15:37:46 [INFO] 15:37:46 [INFO] ----------< org.openspcoop2:org.openspcoop2.coverage.jacoco >----------- 15:37:46 [INFO] Building coverage.jacoco 1.0 [69/69] 15:37:46 [INFO] --------------------------------[ pom ]--------------------------------- 15:37:46 [INFO] ------------------------------------------------------------------------ 15:37:46 [INFO] Reactor Summary for govway 1.0: 15:37:46 [INFO] 15:37:46 [INFO] govway ............................................. SUCCESS [ 0.004 s] 15:37:46 [INFO] dependencies ....................................... SUCCESS [ 0.001 s] 15:37:46 [INFO] dependencies.ant ................................... SUCCESS [ 1.046 s] 15:37:46 [INFO] dependencies.antinstaller .......................... SUCCESS [ 0.030 s] 15:37:46 [INFO] dependencies.axiom ................................. SUCCESS [ 0.466 s] 15:37:46 [INFO] dependencies.bean-validation ....................... SUCCESS [ 0.119 s] 15:37:46 [INFO] dependencies.cxf ................................... SUCCESS [ 0.354 s] 15:37:46 [INFO] dependencies.commons ............................... SUCCESS [ 0.139 s] 15:37:46 [INFO] dependencies.faces ................................. SUCCESS [ 0.069 s] 15:37:46 [INFO] dependencies.git ................................... SUCCESS [ 0.020 s] 15:37:46 [INFO] dependencies.httpcore .............................. SUCCESS [ 0.217 s] 15:37:46 [INFO] dependencies.jackson ............................... SUCCESS [ 0.062 s] 15:37:46 [INFO] dependencies.javax ................................. SUCCESS [ 0.047 s] 15:37:46 [INFO] dependencies.jax ................................... SUCCESS [ 0.181 s] 15:37:46 [INFO] dependencies.jetty ................................. SUCCESS [ 0.058 s] 15:37:46 [INFO] dependencies.jminix ................................ SUCCESS [ 0.075 s] 15:37:46 [INFO] dependencies.json .................................. SUCCESS [ 0.087 s] 15:37:46 [INFO] dependencies.log ................................... SUCCESS [ 0.099 s] 15:37:46 [INFO] dependencies.lucene ................................ SUCCESS [ 0.020 s] 15:37:46 [INFO] dependencies.openapi4j ............................. SUCCESS [ 0.072 s] 15:37:46 [INFO] dependencies.opensaml .............................. SUCCESS [ 0.062 s] 15:37:46 [INFO] dependencies.pdf ................................... SUCCESS [ 0.024 s] 15:37:46 [INFO] dependencies.redis ................................. SUCCESS [ 0.059 s] 15:37:46 [INFO] dependencies.reports ............................... SUCCESS [ 0.076 s] 15:37:46 [INFO] dependencies.saaj .................................. SUCCESS [ 0.061 s] 15:37:46 [INFO] dependencies.security .............................. SUCCESS [ 0.079 s] 15:37:46 [INFO] dependencies.shared ................................ SUCCESS [ 0.203 s] 15:37:46 [INFO] dependencies.spring ................................ SUCCESS [ 0.078 s] 15:37:46 [INFO] dependencies.spring-ldap ........................... SUCCESS [ 0.009 s] 15:37:46 [INFO] dependencies.spring-security ....................... SUCCESS [ 0.012 s] 15:37:46 [INFO] dependencies.swagger ............................... SUCCESS [ 0.084 s] 15:37:46 [INFO] dependencies.wadl .................................. SUCCESS [ 0.016 s] 15:37:46 [INFO] dependencies.wss4j ................................. SUCCESS [ 0.065 s] 15:37:46 [INFO] dependencies.testsuite ............................. SUCCESS [ 0.001 s] 15:37:46 [INFO] dependencies.testsuite.axis14 ...................... SUCCESS [ 0.052 s] 15:37:46 [INFO] dependencies.testsuite.as .......................... SUCCESS [ 0.001 s] 15:37:46 [INFO] dependencies.testsuite.as.wildfly9 ................. SUCCESS [ 0.018 s] 15:37:46 [INFO] dependencies.testsuite.as.wildfly10 ................ SUCCESS [ 0.020 s] 15:37:46 [INFO] dependencies.testsuite.as.wildfly11 ................ SUCCESS [ 0.023 s] 15:37:46 [INFO] dependencies.testsuite.as.wildfly12 ................ SUCCESS [ 0.017 s] 15:37:46 [INFO] dependencies.testsuite.as.wildfly13 ................ SUCCESS [ 0.026 s] 15:37:46 [INFO] dependencies.testsuite.as.wildfly14 ................ SUCCESS [ 0.020 s] 15:37:46 [INFO] dependencies.testsuite.as.wildfly15 ................ SUCCESS [ 0.016 s] 15:37:46 [INFO] dependencies.testsuite.as.wildfly16 ................ SUCCESS [ 0.021 s] 15:37:46 [INFO] dependencies.testsuite.as.wildfly17 ................ SUCCESS [ 0.025 s] 15:37:46 [INFO] dependencies.testsuite.as.wildfly18 ................ SUCCESS [ 0.026 s] 15:37:46 [INFO] dependencies.testsuite.as.wildfly19 ................ SUCCESS [ 0.027 s] 15:37:46 [INFO] dependencies.testsuite.as.wildfly20 ................ SUCCESS [ 0.020 s] 15:37:46 [INFO] dependencies.testsuite.as.wildfly21 ................ SUCCESS [ 0.021 s] 15:37:46 [INFO] dependencies.testsuite.as.wildfly22 ................ SUCCESS [ 0.018 s] 15:37:46 [INFO] dependencies.testsuite.as.wildfly23 ................ SUCCESS [ 0.021 s] 15:37:46 [INFO] dependencies.testsuite.as.wildfly24 ................ SUCCESS [ 0.022 s] 15:37:46 [INFO] dependencies.testsuite.as.wildfly25 ................ SUCCESS [ 0.022 s] 15:37:46 [INFO] dependencies.testsuite.as.wildfly26 ................ SUCCESS [ 0.021 s] 15:37:46 [INFO] dependencies.testsuite.as.tomcat9 .................. SUCCESS [ 0.007 s] 15:37:46 [INFO] dependencies.testsuite.test ........................ SUCCESS [ 0.176 s] 15:37:46 [INFO] dependencies.testsuite.staticAnalysis .............. SUCCESS [ 0.015 s] 15:37:46 [INFO] dependencies.testsuite.dynamicAnalysis ............. SUCCESS [ 0.006 s] 15:37:46 [INFO] dependencies.testsuite.coverage .................... SUCCESS [ 0.020 s] 15:37:46 [INFO] compile ............................................ SUCCESS [ 0.001 s] 15:37:46 [INFO] package ............................................ SUCCESS [44:43 min] 15:37:46 [INFO] testsuite.utils .................................... SUCCESS [ 0.001 s] 15:37:46 [INFO] testsuite.utils.sql ................................ SUCCESS [ 0.000 s] 15:37:46 [INFO] testsuite.pdd.core ................................. SUCCESS [ 0.001 s] 15:37:46 [INFO] testsuite.pdd.core.sql ............................. SUCCESS [ 0.001 s] 15:37:46 [INFO] static_analysis.spotbugs ........................... SUCCESS [ 0.000 s] 15:37:46 [INFO] static_analysis.sonarqube .......................... SUCCESS [ 0.001 s] 15:37:46 [INFO] dynamic_analysis.zap ............................... SUCCESS [ 0.000 s] 15:37:46 [INFO] coverage.jacoco .................................... SUCCESS [ 0.001 s] 15:37:46 [INFO] ------------------------------------------------------------------------ 15:37:46 [INFO] BUILD SUCCESS 15:37:46 [INFO] ------------------------------------------------------------------------ 15:37:46 [INFO] Total time: 44:48 min 15:37:46 [INFO] Finished at: 2025-01-08T15:37:46+01:00 15:37:46 [INFO] ------------------------------------------------------------------------ 15:37:46 [GovWay] $ /bin/bash /tmp/jenkins13048524450373002934.sh 15:37:46 Sistemo dependency-check-result/dependency-check-report.xml ... 15:37:46 Sistemo dependency-check-result/dependency-check-report.xml ok 15:37:46 [GovWay] $ /bin/bash /tmp/jenkins16882745978638232365.sh 15:37:47 Archive Name [govway-installer-3.3.15.p2.build-master.tgz] 15:37:50 Pubblicazione last distrib ... 15:37:50 Pubblicazione last distrib effettuata 15:37:50 Pubblicazione installer su risultati testsuite ... 15:37:51 Pubblicazione installer su risultati testsuite effettuata: scaricabile alla url 'https://jenkins.link.it/govway/govway-testsuite/installer/govway-installer-3.3.15.p2.build-master.tgz' 15:37:51 Archive DIR [govway-installer-3.3.15.p2.build-master] 15:37:51 Esecuzione installer, creazione del database, deploy del software e riavvio dell'Application Server ... 15:37:56 15:37:56 PLAY [instance_govway] ********************************************************* 15:37:56 15:37:56 TASK [Gathering Facts] ********************************************************* 15:37:57 ok: [127.0.0.1] 15:37:57 15:37:57 TASK [include_vars] ************************************************************ 15:37:57 ok: [127.0.0.1] 15:37:57 15:37:57 TASK [link.govway : Remove Old Jenkins Installer] ****************************** 15:37:58 [WARNING]: Consider using file module with state=absent rather than running rm 15:37:58 changed: [127.0.0.1] 15:37:58 15:37:58 TASK [link.govway : Load Jenkins Installer] ************************************ 15:38:13 changed: [127.0.0.1] 15:38:13 15:38:13 TASK [link.govway : Install the setup template] ******************************** 15:38:14 changed: [127.0.0.1] 15:38:14 15:38:14 TASK [link.govway : Fix the Govway installer to run non interactively] ********* 15:38:14 changed: [127.0.0.1] 15:38:14 15:38:14 TASK [link.govway : Fix the installer script to run non interactively] ********* 15:38:15 ok: [127.0.0.1] 15:38:15 15:38:15 TASK [link.govway : Fix the installer script template position] **************** 15:38:15 ok: [127.0.0.1] 15:38:15 15:38:15 TASK [link.govway : Verify JAVA_HOME and Run the Goway Setup] ****************** 15:38:27 changed: [127.0.0.1] 15:38:27 15:38:27 TASK [link.govway : Stop Tomcat 8] ********************************************* 15:38:43 [WARNING]: Consider using service module rather than running service 15:38:43 changed: [127.0.0.1] 15:38:43 15:38:43 TASK [link.govway : Drop Govway DB and Create new one] ************************* 15:38:59 changed: [127.0.0.1] 15:38:59 15:38:59 TASK [link.govway : Load GovWay.sql] ******************************************* 15:38:59 fatal: [127.0.0.1]: FAILED! => {"changed": true, "cmd": "PGPASSWORD=govway psql -h localhost govway govway < /tmp/govway-installer-3.3.15.p2.build-master/dist/sql/GovWay.sql", "delta": "0:00:00.005423", "end": "2025-01-08 15:38:59.299264", "failed": true, "msg": "non-zero return code", "rc": 1, "start": "2025-01-08 15:38:59.293841", "stderr": "/bin/sh: /tmp/govway-installer-3.3.15.p2.build-master/dist/sql/GovWay.sql: No such file or directory", "stderr_lines": ["/bin/sh: /tmp/govway-installer-3.3.15.p2.build-master/dist/sql/GovWay.sql: No such file or directory"], "stdout": "", "stdout_lines": []} 15:38:59 to retry, use: --limit @/opt/govway/tools/govway_ansible/govway.retry 15:38:59 15:38:59 PLAY RECAP ********************************************************************* 15:38:59 127.0.0.1 : ok=11 changed=7 unreachable=0 failed=1 15:38:59 15:38:59 Esecuzione installer, creazione del database, deploy del software e riavvio dell'Application Server terminato 15:38:59 15:38:59 Attendo che GovWay sia completamente riavviato (timeout 120sec) 15:38:59 . 15:39:00 . 15:39:01 . 15:39:02 . 15:39:03 . 15:39:04 . 15:39:05 . 15:39:06 . 15:39:07 . 15:39:08 . 15:39:09 . 15:39:10 . 15:39:11 . 15:39:12 . 15:39:13 . 15:39:14 . 15:39:15 . 15:39:16 . 15:39:17 . 15:39:18 . 15:39:19 . 15:39:20 . 15:39:21 . 15:39:22 . 15:39:23 . 15:39:24 . 15:39:25 . 15:39:26 . 15:39:27 . 15:39:28 . 15:39:29 . 15:39:30 . 15:39:31 . 15:39:32 . 15:39:33 . 15:39:34 . 15:39:35 . 15:39:36 . 15:39:37 . 15:39:38 . 15:39:39 . 15:39:40 . 15:39:41 . 15:39:42 . 15:39:43 . 15:39:44 . 15:39:45 . 15:39:46 . 15:39:47 . 15:39:49 . 15:39:50 . 15:39:51 . 15:39:52 . 15:39:53 . 15:39:54 . 15:39:55 . 15:39:56 . 15:39:57 . 15:39:58 . 15:39:59 . 15:40:00 . 15:40:01 . 15:40:02 . 15:40:03 . 15:40:04 . 15:40:05 . 15:40:06 . 15:40:07 . 15:40:08 . 15:40:09 . 15:40:10 . 15:40:11 . 15:40:12 . 15:40:13 . 15:40:14 . 15:40:15 . 15:40:16 . 15:40:17 . 15:40:18 . 15:40:19 . 15:40:20 . 15:40:21 . 15:40:22 . 15:40:23 . 15:40:24 . 15:40:25 . 15:40:26 . 15:40:27 . 15:40:28 . 15:40:29 . 15:40:30 . 15:40:31 . 15:40:32 . 15:40:33 . 15:40:34 . 15:40:35 . 15:40:36 . 15:40:37 . 15:40:38 . 15:40:39 . 15:40:40 . 15:40:41 . 15:40:42 . 15:40:43 . 15:40:44 . 15:40:45 . 15:40:46 . 15:40:47 . 15:40:48 . 15:40:49 . 15:40:50 . 15:40:51 . 15:40:52 . 15:40:53 . 15:40:54 . 15:40:55 . 15:40:56 . 15:40:57 . 15:40:58 . 15:40:59 . 15:41:00 . 15:41:00 Timeout. 15:41:00 Build step 'Execute shell' marked build as failure 15:41:00 INFO: Processing JUnit 15:41:00 INFO: [JUnit] - 2 test report file(s) were found with the pattern 'tools/rs/*/server/testsuite/risultati-testsuite/TEST-*.xml' relative to '/var/lib/jenkins/workspace/GovWay' for the testing framework 'JUnit'. 15:41:00 ERROR: Step ‘Publish xUnit test result report’ failed: Test reports were found but not all of them are new. Did all the tests run? 15:41:00 * /var/lib/jenkins/workspace/GovWay/tools/rs/config/server/testsuite/risultati-testsuite/TEST-org.openspcoop2.core.config.rs.testsuite.ApiConfigTestSuite.xml is 4 days 10 hr old 15:41:00 * /var/lib/jenkins/workspace/GovWay/tools/rs/monitor/server/testsuite/risultati-testsuite/TEST-org.openspcoop2.core.monitor.rs.testsuite.ApiMonitorTestSuite.xml is 4 days 10 hr old 15:41:00 15:41:00 TestNG Reports Processing: START 15:41:00 Looking for TestNG results report in workspace using pattern: **/testng-results.xml 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 testng-results.xml was last modified before this build started. Ignoring it. 15:41:01 Saving reports... 15:41:01 Found matching files but did not find any TestNG results. 15:41:01 Collecting Dependency-Check artifact 15:41:01 Parsing file /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-report.xml 15:41:02 [SpotBugsZed Attack Proxy (ZAP)] Skipping execution of recorder since overall result is 'FAILURE' 15:41:02 Started calculate disk usage of build 15:41:02 Finished Calculation of disk usage of build in 0 seconds 15:41:02 Started calculate disk usage of workspace 15:41:02 Finished Calculation of disk usage of workspace in 0 seconds 15:41:02 Finished: FAILURE