You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Basically i have a project in which i am running o gitlab ci/cd in Docker and im encountering an error when it comes to analyze requirements.txt that owasp_dependency_check informs.
What have i done until now based on the error below whilst running this command:
Remove any analogous character : cat -A /app/requirements.txt
Identify encoding now at this moment is : requirements.txt: text/plain; charset=us-ascii, same as utf-8 baiscally
run different places and commands
Run a different requirements.txt from other sources
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
? Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished Archive Analyzer (0 seconds)
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Python Distribution Analyzer (0 seconds)
[INFO] Finished Python Package Analyzer (0 seconds)
[WARN] An unexpected error occurred during analysis of '/app/requirements.txt' (pip Analyzer): java.nio.charset.MalformedInputException: Input length = 1
[ERROR]
java.io.UncheckedIOException: java.nio.charset.MalformedInputException: Input length = 1
at java.base/java.nio.file.FileChannelLinesSpliterator.readLine(FileChannelLinesSpliterator.java:176)
at java.base/java.nio.file.FileChannelLinesSpliterator.forEachRemaining(FileChannelLinesSpliterator.java:116)
at java.base/java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:484)
at java.base/java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:474)
at java.base/java.util.stream.ReduceOps$ReduceOp.evaluateSequential(ReduceOps.java:913)
at java.base/java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234)
at java.base/java.util.stream.ReferencePipeline.collect(ReferencePipeline.java:578)
at org.owasp.dependencycheck.analyzer.PipAnalyzer.getFileContents(PipAnalyzer.java:188)
at org.owasp.dependencycheck.analyzer.PipAnalyzer.analyzeDependency(PipAnalyzer.java:140)
at org.owasp.dependencycheck.analyzer.AbstractAnalyzer.analyze(AbstractAnalyzer.java:131)
at org.owasp.dependencycheck.AnalysisTask.call(AnalysisTask.java:88)
at org.owasp.dependencycheck.AnalysisTask.call(AnalysisTask.java:37)
at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
at java.base/java.lang.Thread.run(Thread.java:829)
Caused by: java.nio.charset.MalformedInputException: Input length = 1
at java.base/java.nio.charset.CoderResult.throwException(CoderResult.java:274)
at java.base/sun.nio.cs.StreamDecoder.implRead(StreamDecoder.java:350)
at java.base/sun.nio.cs.StreamDecoder.read(StreamDecoder.java:179)
at java.base/java.io.BufferedReader.fill(BufferedReader.java:161)
at java.base/java.io.BufferedReader.readLine(BufferedReader.java:326)
at java.base/java.io.BufferedReader.readLine(BufferedReader.java:392)
at java.base/java.nio.file.FileChannelLinesSpliterator.readLine(FileChannelLinesSpliterator.java:174)
Thanks for the help in the mean time if possible, please.
The text was updated successfully, but these errors were encountered:
Based on your symptoms my gut feel would be that your docker container is configured with a multi-byte characterset as the platform default encoding.
The requirements.txt is read using the 'default charset' as established by the Java Charset class.
Issue analyzing requirements.txt
Basically i have a project in which i am running o gitlab ci/cd in Docker and im encountering an error when it comes to analyze requirements.txt that owasp_dependency_check informs.
What have i done until now based on the error below whilst running this command:
This is my requirements.txt :
Below is my gitlab CI/CD pipeline.
dependency_check:
image: xxxxxxxxxxx.dkr.ecr.us-east-1.amazonaws.com/appsec/python_analyzer:latest
stage: security
script:
- tr -d '$' < requirements.txt > requirements_cleaned.txt
- mv requirements_cleaned.txt requirements.txt
- dependency-check --disableAssembly --enableExperimental -s . -o build --format XML --project "xxxxxxxx" --exclude ".git/" --exclude ".venv/" --exclude "/pycache/" --exclude ".tox/**" --nvdApiKey "xxxxxxxxxxxxx"
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
? Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished Archive Analyzer (0 seconds)
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Python Distribution Analyzer (0 seconds)
[INFO] Finished Python Package Analyzer (0 seconds)
[WARN] An unexpected error occurred during analysis of '/app/requirements.txt' (pip Analyzer): java.nio.charset.MalformedInputException: Input length = 1
[ERROR]
java.io.UncheckedIOException: java.nio.charset.MalformedInputException: Input length = 1
at java.base/java.nio.file.FileChannelLinesSpliterator.readLine(FileChannelLinesSpliterator.java:176)
at java.base/java.nio.file.FileChannelLinesSpliterator.forEachRemaining(FileChannelLinesSpliterator.java:116)
at java.base/java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:484)
at java.base/java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:474)
at java.base/java.util.stream.ReduceOps$ReduceOp.evaluateSequential(ReduceOps.java:913)
at java.base/java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234)
at java.base/java.util.stream.ReferencePipeline.collect(ReferencePipeline.java:578)
at org.owasp.dependencycheck.analyzer.PipAnalyzer.getFileContents(PipAnalyzer.java:188)
at org.owasp.dependencycheck.analyzer.PipAnalyzer.analyzeDependency(PipAnalyzer.java:140)
at org.owasp.dependencycheck.analyzer.AbstractAnalyzer.analyze(AbstractAnalyzer.java:131)
at org.owasp.dependencycheck.AnalysisTask.call(AnalysisTask.java:88)
at org.owasp.dependencycheck.AnalysisTask.call(AnalysisTask.java:37)
at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
at java.base/java.lang.Thread.run(Thread.java:829)
Caused by: java.nio.charset.MalformedInputException: Input length = 1
at java.base/java.nio.charset.CoderResult.throwException(CoderResult.java:274)
at java.base/sun.nio.cs.StreamDecoder.implRead(StreamDecoder.java:350)
at java.base/sun.nio.cs.StreamDecoder.read(StreamDecoder.java:179)
at java.base/java.io.BufferedReader.fill(BufferedReader.java:161)
at java.base/java.io.BufferedReader.readLine(BufferedReader.java:326)
at java.base/java.io.BufferedReader.readLine(BufferedReader.java:392)
at java.base/java.nio.file.FileChannelLinesSpliterator.readLine(FileChannelLinesSpliterator.java:174)
Thanks for the help in the mean time if possible, please.
The text was updated successfully, but these errors were encountered: