esapi-java-legacy icon indicating copy to clipboard operation
esapi-java-legacy copied to clipboard

Published 20 hours ago verified publisher icon ESAPI

Revert Dependency Check goal from 'purge' to 'check' once NVD API stops returning 503 'Service Unavailable' errors

Open kwwall opened this issue 1 year ago • 1 comments

For the branch 'develop', I intentionally left the pom.xml in a state where the default goal for the Dependency Check plugin is set to 'purge' rather than 'check'. That's just to prevent a lot of frustration for those who try running 'mvn site' or 'mvn install', etc. or anything else that triggers the Dependency Check plugin. For the last 3 or 4 days, it has been returning errors and failing (although usually only after hanging for 10 minutes or so) because eventually the NIST NVD API returns a 503 HTTP status code.

This is just a reminder to fix the pom once NIST NVD seems to have addressed this issue.

kwwall avatar Nov 24 '23 22:11 kwwall

Setting this priority to High because running Dependency Check is one of the things that we request of anyone contributing to ESAPI via the instructions in the file "CONTRIBUTING-TO-ESAPI.txt".

kwwall avatar Nov 25 '23 14:11 kwwall