Bug in Maven Central Analyzer
See original GitHub issueI’m not positive yet if this is an issue on my end or if it’s a legitimate problem, the Maven Central analyzer has been throwing errors, it’s getting a 400 back from Maven Central. I piped the results through Fiddler to take a look at what’s going on, if I put the URL into Chrome it works, so I realized that the difference is that Chrome is URL encoding the quotation marks.
https://search.maven.org/solrsearch/select?q=1:"<sha1>"&wt=xml
is what Dependency Check is trying to use.
https://search.maven.org/solrsearch/select?q=1:%22<sha1>%22&wt=xml
works.
Issue Analytics
- State:
- Created 6 years ago
- Reactions:10
- Comments:58 (10 by maintainers)
Top Results From Across the Web
Developers - Bug in Maven Central Analyzer - - Bountysource
Bug in Maven Central Analyzer. ... a legitimate problem, the Maven Central analyzer has been throwing errors, it's getting a 400 back from...
Read more >How to identify vulnerable dependencies in a Maven project
In this tutorial we discussed how to use the dependency-check-maven plugin to scan maven projects for security vulnerabilities. We also ...
Read more >Introduction to FindBugs - Baeldung
The article introduces FindBugs the static analysis tools, used as maven, Eclipse or Intellij plugin.
Read more >Introduction - SpotBugs Maven Plugin
SpotBugs uses static analysis to inspect Java bytecode for occurrences of bug patterns. We have found that SpotBugs finds real errors in ...
Read more >spt-development-audit-spring-boot : 2.0.8 - Maven Central ...
audit-spring-boot - Library for integrating spt-development/spt-development-audit-spring into a Spring Boot application.
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
3.0.2 has been mostly released - gradle, maven, ant, and CLI have been published - it just takes time to cycle through Central.
Jenkins
andbrew
will be released hopefully later today… Sorry for the inconvenience - but this project isn’t corporate sponsored and I do not believe any of the core contributors work on dependency-check as part of their day job.I’m still getting the [ERROR] Could not connect to Central search. Analysis failed. intermittently. I’m using version 3.1.2 (latest version as of the moment) and sometimes it works, sometimes not. I’m not changing anything in my config and still getting the error randomly.
Has anyone experienced this? Is disabling centralAnalyzer the only option I have? Thanks.