New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Database schema does not match this version of dependency-check #804
Comments
In addition to the initialize script you also need to run: https://github.com/jeremylong/DependencyCheck/blob/master/dependency-check-core/src/main/resources/data/upgrade_mysql_2.9.sql Dependency-check does not actually validate the schema, rather it looks to make sure the version number in the properties table is correct. |
Thank you so much, it works fine. |
@jeremylong : Can you point me to the documentation for setting up a database which mirrors the NVE data? I found https://github.com/jeremylong/DependencyCheck/tree/master/core/src/main/resources/data which seems to be the successor of the aforementioned link. But I wonder how, after initiating a database, the data is getting updated? I am working with the Jenkins OWASP dependency check plugin and want to switch from local h2 file based DB to a central DB. |
After looking through the code I might be aware now: There is a "doUpdates" method in the main Engine class (here). This seems to be responsible for updates called with the Jenkins build step |
@krulls - I highly recommend not adding questions to a closed ticket as they can easily get missed. That being said yes that should be sufficient. Just make sure you run the update at least once every seven days. It is highly recommended that Jenkins users setup a centralized database. Note that the initial update of a centralized server can take a VERY long time - I haven't had time to work on performance improvements for this yet. However, this only impacts the initial upload. The published info on using a centralized database can be found on the gh-pages site: https://jeremylong.github.io/DependencyCheck/data/database.html |
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs. |
Hello,
I'm writting al de CVE details in a MySQL database. I need to add a colunm to "vulnerability" table to have a timestamp of when each vulnerability was inserted. When I add this colunm to the table, in the first execution of the job (update or analisys) i have the error: "Database schema does not match this version of dependency-check", but if I retry the build of the job, it is success. It is possible to the plugin to not to validate the BBDD schema?
I'm ussing the script "initialize_mysql.sql" to create de database.
Thanks & best regards
The text was updated successfully, but these errors were encountered: