Details
-
Improvement
-
Status: Open
-
Major
-
Resolution: Unresolved
-
None
-
None
-
None
Description
when running mvn org.owasp:dependency-check-maven:aggregate , the following error occurred:
IO Exception connecting to https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-2019.json.gz: HEAD request returned a non-200 status code: https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-2019.json.gz
......
That's because org.owasp:dependency-check-maven:5.0.0-M2 in flink-parent/pom.xml is outdated and the data is unavailable. we may need to bump dependency-check-maven to newer version, like 7.0.1.
I rerun mvn org.owasp:dependency-check-maven:aggregate with org.owasp:dependency-check-maven:7.0.1, it works well.