I use the following dependency to check the code for CVE.
<groupId>org.owasp</groupId>
<artifactId>dependency-check-maven</artifactId>
<version>1.4.0</version>
On my jenkins I randomly get the following exception and my build fails.
Caused by: org.owasp.dependencycheck.data.nvdcve.DatabaseException: Unable to connect to the database
at org.owasp.dependencycheck.data.nvdcve.ConnectionFactory.initialize (ConnectionFactory.java:161)
at org.owasp.dependencycheck.Engine.initializeEngine (Engine.java:106)
at org.owasp.dependencycheck.Engine.<init> (Engine.java:86)
at org.owasp.dependencycheck.maven.Engine.<init> (Engine.java:66)
at org.owasp.dependencycheck.maven.BaseDependencyCheckMojo.initializeEngine (BaseDependencyCheckMojo.java:659)
at org.owasp.dependencycheck.maven.CheckMojo.runCheck (CheckMojo.java:72)
at org.owasp.dependencycheck.maven.BaseDependencyCheckMojo.execute (BaseDependencyCheckMojo.java:410)
at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo (DefaultBuildPluginManager.java:137)
...
This seems to occur only on a special executor (I use one maven repo per executor). What can this be?
Somehow the internal h2 database of the dependency-check-maven plugin got corrupted. It resides in your local maven repositorium under org/owasp/dependency-check-data/3.0/dc.h2.db.
Just deleting it did the trick for me. The next execution will take a while, but after that it's working again.