Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Could not perform Node Audit analysis. Invalid payload submitted to Node Audit API #6669

Open
xl32 opened this issue May 15, 2024 · 0 comments
Open

Could not perform Node Audit analysis. Invalid payload submitted to Node Audit API #6669

xl32 opened this issue May 15, 2024 · 0 comments
Assignees
@nhumblot
Labels
bug

Comments

@xl32
Copy link

xl32 commented May 15, 2024
edited

Describe the bug

Receiving the error on the following package-json:
[ERROR] Could not perform Node Audit analysis. Invalid payload submitted to Node Audit API.

{
  "private": true,
  "scripts": {
    "dev": "node node_modules/cross-env/dist/bin/cross-env.js NODE_ENV=development node_modules/webpack/bin/webpack.js --progress --display-error-details --config=node_modules/laravel-mix/setup/webpack.config.js",
    "watch": "node node_modules/cross-env/dist/bin/cross-env.js NODE_ENV=development node_modules/webpack/bin/webpack.js --watch --progress --hide-modules --config=node_modules/laravel-mix/setup/webpack.config.js",
    "hot": "node node_modules/cross-env/dist/bin/cross-env.js NODE_ENV=development node_modules/webpack-dev-server/bin/webpack-dev-server.js --inline --hot --config=node_modules/laravel-mix/setup/webpack.config.js",
    "production": "node node_modules/cross-env/dist/bin/cross-env.js NODE_ENV=production node_modules/webpack/bin/webpack.js --progress --hide-modules --config=node_modules/laravel-mix/setup/webpack.config.js"
  },
  "devDependencies": {
    "axios": "^0.15.2",
    "bootstrap-sass": "3.4.1",
    "jquery": "^3.3.1",
    "laravel-mix": "^1.7.2",
    "loader-utils": "^1.1.0",
    "lodash": "^4.17.10",
    "sass": "^1.66.1",
    "sass-loader": "^6.0.7",
    "vue": "^2.5.16"
  },
  "dependencies": {
    "inputmask": "^4.0.6",
    "laravel-echo": "^1.4.0",
    "moment": "^2.22.2",
    "cross-env": "^5.1.3",
    "node-sass": "^4.7.2",
    "pusher-js": "^4.3.0",
    "signature_pad": "^1.5.1",
    "slick-carousel": "^1.8.1"
  }
}

NodeJS version: 8.9.3

Version of dependency-check used
v9.1.0 running as gitlab runner, docker image from docker hub

Log file

[INFO] Checking for updates
[INFO] NVD API has 249,954 records in this update
[INFO] Downloaded 10,000/249,954 (4%)
[INFO] Downloaded 20,000/249,954 (8%)
[INFO] Downloaded [30](https://gitlab/example/-/jobs/45243#L30),000/249,954 (12%)
[INFO] Downloaded 40,000/249,954 (16%)
[INFO] Downloaded 50,000/249,954 (20%)
[INFO] Downloaded 60,000/249,954 (24%)
[INFO] Downloaded 70,000/249,954 (28%)
[INFO] Downloaded 80,000/249,954 (32%)
[INFO] Downloaded 90,000/249,954 (36%)
[INFO] Downloaded 100,000/249,954 (40%)
[INFO] Downloaded 110,000/249,954 (44%)
[INFO] Downloaded 120,000/249,954 (48%)
[INFO] Downloaded 130,000/249,955 (52%)
[INFO] Downloaded 140,000/249,955 (56%)
[INFO] Downloaded 150,000/249,955 (60%)
[INFO] Downloaded 160,000/249,955 (64%)
[INFO] Downloaded 170,000/249,955 (68%)
[INFO] Downloaded 180,000/249,955 (72%)
[INFO] Downloaded 190,000/249,955 (76%)
[INFO] Downloaded 200,000/249,955 (80%)
[INFO] Downloaded 210,000/249,955 (84%)
[INFO] Downloaded 220,000/249,955 (88%)
[INFO] Downloaded 230,000/249,955 (92%)
[INFO] Downloaded 240,000/249,955 (96%)
[INFO] Downloaded 250,000/249,955 (100%)
[INFO] Downloaded 249,955/249,955 (100%)
[INFO] Completed processing batch 1/125 (1%) in 3,002ms
[INFO] Completed processing batch 2/125 (2%) in 3,366ms
[INFO] Completed processing batch 3/125 (2%) in 3,447ms
[INFO] Completed processing batch 4/125 (3%) in 4,541ms
[INFO] Completed processing batch 5/125 (4%) in 1,555ms
[INFO] Completed processing batch 6/125 (5%) in 2,249ms
[INFO] Completed processing batch 7/125 (6%) in 2,041ms
[INFO] Completed processing batch 8/125 (6%) in 1,664ms
[INFO] Completed processing batch 9/125 (7%) in 1,167ms
[INFO] Completed processing batch 10/125 (8%) in 980ms
[INFO] Completed processing batch 11/125 (9%) in 1,453ms
[INFO] Completed processing batch 12/125 (10%) in 1,359ms
[INFO] Completed processing batch 13/125 (10%) in 1,043ms
[INFO] Completed processing batch 14/125 (11%) in 1,191ms
[INFO] Completed processing batch 15/125 (12%) in 1,500ms
[INFO] Completed processing batch 16/125 (13%) in 1,014ms
[INFO] Completed processing batch 17/125 (14%) in 1,049ms
[INFO] Completed processing batch 18/125 (14%) in 1,983ms
[INFO] Completed processing batch 19/125 (15%) in 1,738ms
[INFO] Completed processing batch 20/125 (16%) in 1,267ms
[INFO] Completed processing batch 21/125 (17%) in 953ms
[INFO] Completed processing batch 22/125 (18%) in 1,248ms
[INFO] Completed processing batch 23/125 (18%) in 2,441ms
[INFO] Completed processing batch 24/125 (19%) in 2,013ms
[INFO] Completed processing batch 25/125 (20%) in 1,863ms
[INFO] Completed processing batch 26/125 (21%) in 1,675ms
[INFO] Completed processing batch 27/125 (22%) in 1,333ms
[INFO] Completed processing batch 28/125 (22%) in 953ms
[INFO] Completed processing batch 29/125 (23%) in 1,376ms
[INFO] Completed processing batch 30/125 (24%) in 1,768ms
[INFO] Completed processing batch [31](https://gitlab/example/-/jobs/45243#L31)/125 (25%) in 1,621ms
[INFO] Completed processing batch [32](https://gitlab/example/-/jobs/45243#L32)/125 (26%) in 959ms
[INFO] Completed processing batch [33](https://gitlab/example/-/jobs/45243#L33)/125 (26%) in 591ms
[INFO] Completed processing batch [34](https://gitlab/example/-/jobs/45243#L34)/125 (27%) in 1,051ms
[INFO] Completed processing batch [35](https://gitlab/example/-/jobs/45243#L35)/125 (28%) in 1,171ms
[INFO] Completed processing batch [36](https://gitlab/example/-/jobs/45243#L36)/125 (29%) in 1,303ms
[INFO] Completed processing batch [37](https://gitlab/example/-/jobs/45243#L37)/125 (30%) in 297ms
[INFO] Completed processing batch [38](https://gitlab/example/-/jobs/45243#L38)/125 (30%) in 719ms
[INFO] Completed processing batch [39](https://gitlab/example/-/jobs/45243#L39)/125 (31%) in 556ms
[INFO] Completed processing batch [40](https://gitlab/example/-/jobs/45243#L40)/125 (32%) in 677ms
[INFO] Completed processing batch [41](https://gitlab/example/-/jobs/45243#L41)/125 (33%) in 491ms
[INFO] Completed processing batch [42](https://gitlab/example/-/jobs/45243#L42)/125 (34%) in 1,288ms
[INFO] Completed processing batch [43](https://gitlab/example/-/jobs/45243#L43)/125 (34%) in 190ms
[INFO] Completed processing batch [44](https://gitlab/example/-/jobs/45243#L44)/125 (35%) in 536ms
[INFO] Completed processing batch [45](https://gitlab/example/-/jobs/45243#L45)/125 (36%) in 471ms
[INFO] Completed processing batch [46](https://gitlab/example/-/jobs/45243#L46)/125 (37%) in 821ms
[INFO] Completed processing batch [47](https://gitlab/example/-/jobs/45243#L47)/125 (38%) in 603ms
[INFO] Completed processing batch [48](https://gitlab/example/-/jobs/45243#L48)/125 (38%) in 670ms
[INFO] Completed processing batch [49](https://gitlab/example/-/jobs/45243#L49)/125 (39%) in 303ms
[INFO] Completed processing batch [50](https://gitlab/example/-/jobs/45243#L50)/125 (40%) in 469ms
[INFO] Completed processing batch [51](https://gitlab/example/-/jobs/45243#L51)/125 (41%) in 728ms
[INFO] Completed processing batch [52](https://gitlab/example/-/jobs/45243#L52)/125 (42%) in 425ms
[INFO] Completed processing batch [53](https://gitlab/example/-/jobs/45243#L53)/125 (42%) in 528ms
[INFO] Completed processing batch [54](https://gitlab/example/-/jobs/45243#L54)/125 (43%) in 558ms
[INFO] Completed processing batch [55](https://gitlab/example/-/jobs/45243#L55)/125 (44%) in 553ms
[INFO] Completed processing batch [56](https://gitlab/example/-/jobs/45243#L56)/125 (45%) in 636ms
[INFO] Completed processing batch [57](https://gitlab/example/-/jobs/45243#L57)/125 (46%) in 632ms
[INFO] Completed processing batch [58](https://gitlab/example/-/jobs/45243#L58)/125 (46%) in 425ms
[INFO] Completed processing batch [59](https://gitlab/example/-/jobs/45243#L59)/125 (47%) in 440ms
[INFO] Completed processing batch [60](https://gitlab/example/-/jobs/45243#L60)/125 (48%) in 636ms
[INFO] Completed processing batch [61](https://gitlab/example/-/jobs/45243#L61)/125 (49%) in 737ms
[INFO] Completed processing batch [62](https://gitlab/example/-/jobs/45243#L62)/125 (50%) in 538ms
[INFO] Completed processing batch [63](https://gitlab/example/-/jobs/45243#L63)/125 (50%) in 554ms
[INFO] Completed processing batch [64](https://gitlab/example/-/jobs/45243#L64)/125 (51%) in 672ms
[INFO] Completed processing batch [65](https://gitlab/example/-/jobs/45243#L65)/125 (52%) in 687ms
[INFO] Completed processing batch [66](https://gitlab/example/-/jobs/45243#L66)/125 (53%) in 491ms
[INFO] Completed processing batch [67](https://gitlab/example/-/jobs/45243#L67)/125 (54%) in 536ms
[INFO] Completed processing batch [68](https://gitlab/example/-/jobs/45243#L68)/125 (54%) in 569ms
[INFO] Completed processing batch 69/125 (55%) in 479ms
[INFO] Completed processing batch 70/125 (56%) in 513ms
[INFO] Completed processing batch 71/125 (57%) in 507ms
[INFO] Completed processing batch 72/125 (58%) in 495ms
[INFO] Completed processing batch 73/125 (58%) in 584ms
[INFO] Completed processing batch 74/125 (59%) in 567ms
[INFO] Completed processing batch 75/125 (60%) in 461ms
[INFO] Completed processing batch 76/125 (61%) in 620ms
[INFO] Completed processing batch 77/125 (62%) in 409ms
[INFO] Completed processing batch 78/125 (62%) in 494ms
[INFO] Completed processing batch 79/125 (63%) in 425ms
[INFO] Completed processing batch 80/125 (64%) in 555ms
[INFO] Completed processing batch 81/125 (65%) in 760ms
[INFO] Completed processing batch 82/125 (66%) in 712ms
[INFO] Completed processing batch 83/125 (66%) in 303ms
[INFO] Completed processing batch 84/125 (67%) in 519ms
[INFO] Completed processing batch 85/125 (68%) in 445ms
[INFO] Completed processing batch 86/125 ([69](https://gitlab/example/-/jobs/45243#L69)%) in 529ms
[INFO] Completed processing batch 87/125 (70%) in 610ms
[INFO] Completed processing batch 88/125 ([70](https://gitlab/example/-/jobs/45243#L70)%) in 492ms
[INFO] Completed processing batch 89/125 (71%) in 458ms
[INFO] Completed processing batch 90/125 (72%) in 421ms
[INFO] Completed processing batch 91/125 (73%) in 462ms
[INFO] Completed processing batch 92/125 (74%) in 435ms
[INFO] Completed processing batch 93/125 (74%) in 785ms
[INFO] Completed processing batch 94/125 (75%) in 765ms
[INFO] Completed processing batch 95/125 (76%) in 625ms
[INFO] Completed processing batch 96/125 (77%) in 349ms
[INFO] Completed processing batch 97/125 (78%) in 684ms
[INFO] Completed processing batch 98/125 (78%) in 707ms
[INFO] Completed processing batch 99/125 (79%) in 478ms
[INFO] Completed processing batch 100/125 (80%) in 456ms
[INFO] Completed processing batch 101/125 (81%) in 398ms
[INFO] Completed processing batch 102/125 (82%) in 368ms
[INFO] Completed processing batch 103/125 (82%) in 564ms
[INFO] Completed processing batch 104/125 (83%) in 539ms
[INFO] Completed processing batch 105/125 (84%) in 515ms
[INFO] Completed processing batch 106/125 (85%) in 665ms
[INFO] Completed processing batch 107/125 (86%) in 527ms
[INFO] Completed processing batch 108/125 (86%) in 414ms
[INFO] Completed processing batch 109/125 (87%) in 4[71](https://gitlab/example/-/jobs/45243#L71)ms
[INFO] Completed processing batch 110/125 (88%) in 731ms
[INFO] Completed processing batch 111/125 (89%) in 564ms
[INFO] Completed processing batch 112/125 (90%) in 613ms
[INFO] Completed processing batch 113/125 (90%) in 107ms
[INFO] Completed processing batch 114/125 (91%) in 541ms
[INFO] Completed processing batch 115/125 (92%) in 96ms
[INFO] Completed processing batch 116/125 (93%) in 516ms
[INFO] Completed processing batch 117/125 (94%) in 51ms
[INFO] Completed processing batch 118/125 (94%) in 52ms
[INFO] Completed processing batch 119/125 (95%) in 409ms
[INFO] Completed processing batch 120/125 (96%) in 450ms
[INFO] Completed processing batch 121/125 (97%) in 33ms
[INFO] Completed processing batch 122/125 (98%) in 514ms
[INFO] Completed processing batch 123/125 (98%) in 622ms
[INFO] Completed processing batch 124/125 (99%) in 449ms
[INFO] Completed processing batch 125/125 (100%) in 69ms
[INFO] Updating CISA Known Exploited Vulnerability list: https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
[INFO] Begin database defrag
[INFO] End database defrag (3071 ms)
[INFO] Check for updates complete (9943[86](https://gitlab/example/-/jobs/45243#L86) ms)
[INFO] 
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
   About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
   False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished Archive Analyzer (0 seconds)
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Assembly Analyzer (0 seconds)
[INFO] Finished Node.js Package Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (2 seconds)
[INFO] Finished CPE Analyzer (2 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[ERROR] NodeAuditAnalyzer failed on /src/package-lock.json
[WARN] An error occurred while analyzing '/src/package-lock.json' (Node Audit Analyzer).
[INFO] Finished Node Audit Analyzer (1 seconds)
[INFO] Finished Yarn Audit Analyzer (0 seconds)
[INFO] Finished RetireJS Analyzer (42 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (7 seconds)
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (56 seconds)
[INFO] Writing HTML report to: /report/dependency-check-report.html
[INFO] Writing JSON report to: /report/dependency-check-report.json
[ERROR] Could not perform Node Audit analysis. Invalid payload submitted to Node Audit API.

Expected behavior
Dependency Check successfully performs its vulnerability searches.
@xl32 xl32 added the bug label May 15, 2024
@nhumblot nhumblot self-assigned this May 16, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@nhumblot nhumblot

Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@xl32 @nhumblot