Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Report cannot be generated when XML generated by OWASP scanner includes vulnerability #13

Closed
turing85 opened this issue Feb 25, 2023 · 2 comments · Fixed by #17 or #32
Closed

Report cannot be generated when XML generated by OWASP scanner includes vulnerability #13

turing85 opened this issue Feb 25, 2023 · 2 comments · Fixed by #17 or #32
Assignees
@turing85
Labels
bug Something isn't working

Comments

@turing85
Copy link
Owner

turing85 commented Feb 25, 2023
edited
Loading

Component: phoenix-actions/test-reporting@v10

The action fails to generate a report of an XML file, generated by the owasp dependecy check plugin for gradle, that contains a security vulnerability.

Logs of failed step (debug logging was enabled):

Run phoenix-actions/test-reporting@v10
  with:
    fail-on-error: true
    list-suites: all
    list-tests: all
    name: OWASP Report
    only-summary: false
    path: **/build/reports/owasp/*-junit.xml
    reporter: java-junit
    token: ***
    path-replace-backslashes: false
    max-annotations: 10
    output-to: checks
  env:
    JAVA_HOME: /opt/hostedtoolcache/Java_Temurin-Hotspot_jdk/17.0.6-10/x64
    JAVA_HOME_17_X64: /opt/hostedtoolcache/Java_Temurin-Hotspot_jdk/17.0.6-10/x64
Action was triggered by pull_request: using SHA from head of source branch
Check runs will be created with SHA=f4f66bc9b4c2f44316fe2af2a7b3caba29dcfb5f
::group::Listing all files tracked by git
Listing all files tracked by git
Found 116 files tracked by GitHub
Using test report parser 'java-junit'
::group::Creating test report OWASP Report
Creating test report OWASP Report
  Processing test results from build/reports/owasp/dependency-check-junit.xml
  Creating check run OWASP Report
  Creating report summary
  Generating check run summary
  ::endgroup::
Error: Cannot read properties of undefined (reading 'split')

The artifact containing the XML report that was processed is attached.

owasp-report.zip
@turing85 turing85 added the bug Something isn't working label Feb 25, 2023
@turing85 turing85 self-assigned this Feb 25, 2023
@turing85 turing85 mentioned this issue Feb 25, 2023
Closed
@turing85
Copy link
Owner Author

Raised phoenix-actions/test-reporting#31 to resolve the issue.

turing85 added a commit that referenced this issue Feb 28, 2023
@turing85
Testing fix for #13 (aka. phoenix-actions/test-reporting#31)
f3bdeaa
turing85 added a commit that referenced this issue Feb 28, 2023
@turing85
Testing fix for #13 (aka. phoenix-actions/test-reporting#31)
d69d25b 
Also fixed if-condition of "Update PR status comment on failure"
turing85 added a commit that referenced this issue Feb 28, 2023
@turing85
Testing fix for #13 (aka. phoenix-actions/test-reporting#31)
f23520f 
Also fixed if-condition of "Update PR status comment on failure"
turing85 added a commit that referenced this issue Feb 28, 2023
@turing85
Bug fixes
4217f2f 
- Temporary fix for #13 until phoenix-actions/test-reporting#31 is merged
- Fixed if-condition of "Update PR status comment on failure" (#14)
- Fixed variable name in Cancel Workflow (#15)
- Fixed default for comment-message-failure (#16)
@turing85 turing85 mentioned this issue Feb 28, 2023
Merged
turing85 added a commit that referenced this issue Feb 28, 2023
@turing85
Testing fix for #13 (aka. phoenix-actions/test-reporting#31)
d003374 
Also fixed if-condition of "Update PR status comment on failure"
turing85 added a commit that referenced this issue Feb 28, 2023
@turing85
Bug fixes
3692684 
- Temporary fix for #13 until phoenix-actions/test-reporting#31 is merged
- Fixed if-condition of "Update PR status comment on failure" (#14)
- Fixed variable name in Cancel Workflow (#15)
- Fixed default for comment-message-failure (#16)
@turing85
Copy link
Owner Author

turing85 commented Feb 28, 2023
edited
Loading

The issue is only partially fixed, we are running on a local copy of the report-plugin. It can be closed when:

@turing85 turing85 reopened this Feb 28, 2023
turing85 added a commit that referenced this issue Apr 4, 2023
@turing85
Resolves #13
3564eb3 
Update phoenix-actions/test-reporting from v10 to v11
@turing85 turing85 mentioned this issue Apr 4, 2023
Merged
turing85 added a commit that referenced this issue Apr 4, 2023
@turing85
Resolves #13
0cf6214 
Update phoenix-actions/test-reporting from v10 to v11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@turing85 turing85

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
1 participant
@turing85