When running --includeArchiveContent command to scan zipped source code files user is getting the error (9) Command Line unziping jars or zip error.
Action Plan
- If scanning Docker image using Docker CLI, check if Docker CLI supports scan of Docker images.
- Check if the archived file format is supported by --includeArchiveContent. --includeArchiveContent of the command line supports only .jar, .tar, .zip, .war files. Please also refer CAST HIGHLIGHT - Analyzer - Can Zip files be used for Analysis ?
- Check if the user account has adequate permission to write to the sourceDir. This is needed as --includeArchiveContent has to add the content of the zip files to the source directory.
-
If in the logs, a message which says encrypted ZIP entry not supported is found, check if there are any password-protected zip files in the scan. If so, try to manually remove them from the folder. Since they are password-protected zip files, excluding them with the the -ignoreFiles parameter won't work.
- Check the Highlight automation log for messages like invalid.tar found
Preparing analysis...
Unzipping archived file
abc.tar found
layer.tar found
layer.tar found
layer.tar found
invalid.tar found
Failed to create directory C:\temp\casthlsrc\archivedContent\invalid\foo
[ERR9] HighlightAutomation --sourceDir C:\temp\casthlsrc --workingDir C:\temp\cast --skipUpload --includeArchiveContent=3 failed with code 9
For eg: If in the Highlight automation log the message invalid.tar found is seen, then use the {levelOfDepth} option in the command to find at which level of depth the invalid file is found. For eg if adding the parameter 3 that is --includeArchiveContent 3 the error is seen, then it confirms, that there exists a file in layer 3 which is the reason for the scan to fail. Check the layer-3 level file to investigate further.
NB : The scan of password-encrypted archives or linux symbolic links are not supported.
Related Articles
Highlight Automated Code Scan (Command Line)
CAST HIGHLIGHT - Analyzer - Can Zip files be used for Analysis ?
CAST HIGHLIGHT - CLI - Error Codes
CAST HIGHLIGHT - CLI - Error code 2 - Command Line options parse error
CAST HIGHLIGHT - CLI - Error code 3 - Command Line techno discovery error
CAST HIGHLIGHT - CLI - Error code 4 - Command Line analysis error
CAST HIGHLIGHT - CLI - Error code 5 - Command Line result upload error
CAST HIGHLIGHT - CLI - Error code 6 - Command Line source dir or output dir validation error
CAST HIGHLIGHT - Results Upload - Partial Upload of CSV files when Manual Upload was attempted
CAST HIGHLIGHT - CLI - Docker - Results Upload - Upload failed with code 5 when using Docker
CAST HIGHLIGHT - CLI - ERROR: Failed to fetch company with id when using --basicAuth
Highlight Automated Code Scan (Command Line)
Ticket
44637, 45897
Comments