Skip to content

java.lang.NullPointerException #5579

Closed
#5589
Closed
java.lang.NullPointerException#5579
#5589
Labels
bugduplicate
@mhienle

Description

@mhienle
mhienle
opened on Mar 22, 2023

Describe the bug
Similar to #5144, we observe a NullPointerException when scanning a dotnet project. However, in our project file, no Remove attribute is present.

Version of dependency-check used
The problem occurs using version 8.2.0 of the cli.
The problem does not occur using version 8.1.2 of the cli.

Log file
slightly redacted log output when using v8.2.0

[INFO] Analysis Started
[INFO] Finished File Name Analyzer (0 seconds)
[WARN] An error occurred while analyzing '/data/jenkins/workspace/redacted.csproj' (MSBuild Project Analyzer).
[INFO] Finished MSBuild Project Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[WARN] Unable to determine Package-URL identifiers for 1 dependencies
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing report to: /data/jenkins/workspace/redacted/depcheck/dependency-check-junit.xml
[INFO] Writing report to: /data/jenkins/workspace/redacted/depcheck/dependency-check-report.html
[INFO] Writing report to: /data/jenkins/workspace/redacted/depcheck/dependency-check-report.xml
[ERROR] java.lang.NullPointerException

csproj file

<Project Sdk="Microsoft.NET.Sdk">
  <PropertyGroup>
    <OutputType>Exe</OutputType>
    <TargetFramework>net7.0</TargetFramework>
    <ImplicitUsings>enable</ImplicitUsings>
    <Nullable>enable</Nullable>
  </PropertyGroup>

  <ItemGroup>
    <PackageReference Include="CommandLineParser" Version="2.9.1" />
    <PackageReference Include="FluentMigrator" Version="3.3.2" />
    <PackageReference Include="FluentMigrator.Runner" Version="3.3.2" />
    <PackageReference Include="FluentMigrator.Runner.Postgres" Version="3.3.2" />
    <PackageReference Include="Npgsql" Version="7.0.2" />
    <PackageReference Include="System.Drawing.Common" Version="7.0.0" />
  </ItemGroup>
</Project>

To Reproduce
n/a

Expected behavior
No exception is thrown.

Additional context
n/a

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugduplicate

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions