Unable to delete the local copy of the NVD
ghostbuster91 opened this issue · comments
I setup my own mirror of the NVD using docker approach from https://github.com/stevespringett/nist-data-mirror. Now I would like to migrate this docker container into the cloud, but in order to check whether it works I need to clean my local cache of NVD. I tried running sbt dependencyCheckPurge but it gives following error:
[error] java.lang.IllegalStateException: Unable to purge the local NVD when using a non-default connection string
[error] at net.vonbuchholtz.sbt.dependencycheck.DependencyCheckPurgeTask$.purge(DependencyCheckPurgeTask.scala:11)
[error] at net.vonbuchholtz.sbt.dependencycheck.DependencyCheckPlugin$.$anonfun$purgeTask$3(DependencyCheckPlugin.scala:396)
[error] at net.vonbuchholtz.sbt.dependencycheck.DependencyCheckPlugin$.$anonfun$purgeTask$3$adapted(DependencyCheckPlugin.scala:395)
[error] at net.vonbuchholtz.sbt.dependencycheck.DependencyCheckPlugin$.withEngine(DependencyCheckPlugin.scala:490)
[error] at net.vonbuchholtz.sbt.dependencycheck.DependencyCheckPlugin$.$anonfun$purgeTask$1(DependencyCheckPlugin.scala:395)
[error] at net.vonbuchholtz.sbt.dependencycheck.DependencyCheckPlugin$.$anonfun$purgeTask$1$adapted(DependencyCheckPlugin.scala:392)
[error] at scala.Function1.$anonfun$compose$1(Function1.scala:44)
[error] at sbt.internal.util.$tilde$greater.$anonfun$$u2219$1(TypeFunctions.scala:40)
[error] at sbt.std.Transform$$anon$4.work(System.scala:67)
[error] at sbt.Execute.$anonfun$submit$2(Execute.scala:269)
[error] at sbt.internal.util.ErrorHandling$.wideConvert(ErrorHandling.scala:16)
[error] at sbt.Execute.work(Execute.scala:278)
[error] at sbt.Execute.$anonfun$submit$1(Execute.scala:269)
[error] at sbt.ConcurrentRestrictions$$anon$4.$anonfun$submitValid$1(ConcurrentRestrictions.scala:178)
[error] at sbt.CompletionService$$anon$2.call(CompletionService.scala:37)
[error] at java.util.concurrent.FutureTask.run(FutureTask.java:266)
[error] at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
[error] at java.util.concurrent.FutureTask.run(FutureTask.java:266)
[error] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
[error] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
[error] at java.lang.Thread.run(Thread.java:748)
[error] (dependencyCheckPurge) java.lang.IllegalStateException: Unable to purge the local NVD when using a non-default connection string
It gives that error even if I revert dependencyCheckCveUrl20Modified and dependencyCheckCveUrl20Base to default values.
I also tried to locate this local cache manually but without luck. I checked ~/.sbt directory and all directories inside project.
So the question is: how can I delete this local copy of NVD so I will be able to test my new mirror?
hi @ghostbuster91, sbt-dependency-check only supports automatic purging of databases if you use the default included H2 database with its default connection string. If you use a different database like MySQL or Postgresql you need to manually delete all tables created by sbt-dependency-check. If you just customized the connection string for the H2 database you should unset dependencyCheckConnectionString in your build.sbt befor running dependencyCheckPurge
Hi @albuch
The problem is that I didn't change dependencyCheckConnectionString. I only changed dependencyCheckCveUrl20Modified and dependencyCheckCveUrl20Base, but even if I revert those two to default values I am still unable to perform purge.
Which version of sbt-dependency-check are you using?
The newest - 0.2.10
I just pushed a fix that will be included in the next release to resolve the issue. Meanwhile as a workaround you can delete the database manually which is located at ~/.ivy2/cache/org.owasp/dependency-check-utils/jars/data.
Great, thanks! :)