In a secure environment we are always happy when something is working, but if not it can always have numerous reasons.
So configuring a base url (not well documented which endpoint is referred to)
and then reducing the failed requests to just HTTP responses is not sufficient in helping other than saying it does not work!
There is hardly any info to find on getting this to work, and the log doesn't tell us why.
So please consider this feature request:
It would be very helpful to find the relevant information to analyse the connecting failure in the DEBUG log, or with some additional parameter to increase the connection log level.
In particular the debugging of headless systems inside a k8s cluster or an cloud instances in more secure and complex network environments (e.g. java-slaves) relies on logs only.
I understand that the central search is the better supported way to go,
But since the maven central stopped working reliably on 12. january 2023 for some higher frequented CICD systems,
using the internal nexus instance became mandatory and the unsatisfying log and documentation situation an issue.
https://jeremylong.github.io/DependencyCheck/dependency-check-cli/arguments.html
Example: http://domain.enterprise/nexus/service/local/ is not supported anymore in current nexus versions 3.3X
~/dependency-check/bin/dependency-check.sh -l ~/workspace/depCheck.log --disableCentral --enableNexus --nexus https://domain.enterprise/nexus/service/rest/ --nexusUser $USERNAME--nexusPass $PASSWORD
or
~/dependency-check/bin/dependency-check.sh -l ~/workspace/depCheck.log --disableCentral --enableNexus --nexus https://domain.enterprise/nexus/service/rest/v1/search/assets --nexusUser $USERNAME--nexusPass $PASSWORD
[WARN] Expected 200 result from Nexus, got 404
does not connect , whereas
curl -u $USERNAME:$PASSWORD https://domain.enterprise/nexus/service/rest/v1/search/assets
works
I am at a loss here. this seems like the same issue as
jeremylong/DependencyCheck#230 from 2015 ?!?
Dependency-Check Core version 7.4.4
In a secure environment we are always happy when something is working, but if not it can always have numerous reasons.
So configuring a base url (not well documented which endpoint is referred to)
and then reducing the failed requests to just HTTP responses is not sufficient in helping other than saying it does not work!
There is hardly any info to find on getting this to work, and the log doesn't tell us why.
So please consider this feature request:
It would be very helpful to find the relevant information to analyse the connecting failure in the DEBUG log, or with some additional parameter to increase the connection log level.
In particular the debugging of headless systems inside a k8s cluster or an cloud instances in more secure and complex network environments (e.g. java-slaves) relies on logs only.
I understand that the central search is the better supported way to go,
But since the maven central stopped working reliably on 12. january 2023 for some higher frequented CICD systems,
using the internal nexus instance became mandatory and the unsatisfying log and documentation situation an issue.
https://jeremylong.github.io/DependencyCheck/dependency-check-cli/arguments.html
Example: http://domain.enterprise/nexus/service/local/ is not supported anymore in current nexus versions 3.3X
~/dependency-check/bin/dependency-check.sh -l ~/workspace/depCheck.log --disableCentral --enableNexus --nexus https://domain.enterprise/nexus/service/rest/ --nexusUser $USERNAME--nexusPass $PASSWORDor
~/dependency-check/bin/dependency-check.sh -l ~/workspace/depCheck.log --disableCentral --enableNexus --nexus https://domain.enterprise/nexus/service/rest/v1/search/assets --nexusUser $USERNAME--nexusPass $PASSWORD[WARN] Expected 200 result from Nexus, got 404
does not connect , whereas
curl -u $USERNAME:$PASSWORD https://domain.enterprise/nexus/service/rest/v1/search/assetsworks
I am at a loss here. this seems like the same issue as
jeremylong/DependencyCheck#230 from 2015 ?!?
Dependency-Check Core version 7.4.4