Console Output

Started by upstream project "buildall-stage_2-merge-master" build number 422
originally caused by:
 Started by user garciadeblas
 > git rev-parse --is-inside-work-tree # timeout=10
Setting origin to https://osm.etsi.org/gerrit/osm/MON.git
 > git config remote.origin.url https://osm.etsi.org/gerrit/osm/MON.git # timeout=10
Fetching origin...
Fetching upstream changes from origin
 > git --version # timeout=10
 > git config --get remote.origin.url # timeout=10
 > git fetch --tags --progress origin +refs/heads/*:refs/remotes/origin/*
Seen branch in repository origin/bug1511
Seen branch in repository origin/feature5837
Seen branch in repository origin/feature7106
Seen branch in repository origin/feature7928
Seen branch in repository origin/master
Seen branch in repository origin/netslice
Seen branch in repository origin/ng-ro-refactor
Seen branch in repository origin/paas
Seen branch in repository origin/rift300
Seen branch in repository origin/sol006
Seen branch in repository origin/sol006v331
Seen branch in repository origin/v10.0
Seen branch in repository origin/v11.0
Seen branch in repository origin/v12.0
Seen branch in repository origin/v13.0
Seen branch in repository origin/v14.0
Seen branch in repository origin/v15.0
Seen branch in repository origin/v3.1
Seen branch in repository origin/v4.0
Seen branch in repository origin/v5.0
Seen branch in repository origin/v6.0
Seen branch in repository origin/v7.0
Seen branch in repository origin/v8.0
Seen branch in repository origin/v9.0
Seen 24 remote branches
Obtained Jenkinsfile from 1e6e756218d1f398d4545c0d51ed78a35ac370f7
Running in Durability level: MAX_SURVIVABILITY
[Pipeline] properties
[Pipeline] node
Running on osm-cicd-3 in /home/jenkins/workspace/MON-stage_2-merge_master
[Pipeline] {
[Pipeline] checkout
No credentials specified
 > git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
 > git config remote.origin.url https://osm.etsi.org/gerrit/osm/MON.git # timeout=10
Fetching without tags
Fetching upstream changes from https://osm.etsi.org/gerrit/osm/MON.git
 > git --version # timeout=10
 > git fetch --no-tags --force --progress https://osm.etsi.org/gerrit/osm/MON.git +refs/heads/*:refs/remotes/origin/*
Checking out Revision 1e6e756218d1f398d4545c0d51ed78a35ac370f7 (master)
 > git config core.sparsecheckout # timeout=10
 > git checkout -f 1e6e756218d1f398d4545c0d51ed78a35ac370f7
Commit message: "Fix improper restriction of XMl External Entity Reference, by using lxml"
 > git rev-list --no-walk 1e6e756218d1f398d4545c0d51ed78a35ac370f7 # timeout=10
[Pipeline] dir
Running in /home/jenkins/workspace/MON-stage_2-merge_master/devops
[Pipeline] {
[Pipeline] git
No credentials specified
 > git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
 > git config remote.origin.url https://osm.etsi.org/gerrit/osm/devops # timeout=10
Fetching upstream changes from https://osm.etsi.org/gerrit/osm/devops
 > git --version # timeout=10
 > git fetch --tags --force --progress https://osm.etsi.org/gerrit/osm/devops +refs/heads/*:refs/remotes/origin/*
 > git rev-parse refs/remotes/origin/master^{commit} # timeout=10
 > git rev-parse refs/remotes/origin/origin/master^{commit} # timeout=10
Checking out Revision 7abbfd5aed5bd744d5f49ee834f89822136ca6cc (refs/remotes/origin/master)
 > git config core.sparsecheckout # timeout=10
 > git checkout -f 7abbfd5aed5bd744d5f49ee834f89822136ca6cc
 > git branch -a -v --no-abbrev # timeout=10
 > git branch -D master # timeout=10
 > git checkout -b master 7abbfd5aed5bd744d5f49ee834f89822136ca6cc
Commit message: "Move lcm certificate to lcm folder in OSM helm chart"
 > git rev-list --no-walk 7abbfd5aed5bd744d5f49ee834f89822136ca6cc # timeout=10
[Pipeline] }
[Pipeline] // dir
[Pipeline] load
[Pipeline] { (devops/jenkins/ci-pipelines/ci_stage_2.groovy)
[Pipeline] }
[Pipeline] // load
[Pipeline] echo
do_stage_3= false
[Pipeline] load
[Pipeline] { (devops/jenkins/ci-pipelines/ci_helper.groovy)
[Pipeline] }
[Pipeline] // load
[Pipeline] stage
[Pipeline] { (Prepare)
[Pipeline] sh
[MON-stage_2-merge_master] Running shell script
+ env
JENKINS_HOME=/var/lib/jenkins
SSH_CLIENT=212.234.161.1 32791 22
USER=jenkins
RUN_CHANGES_DISPLAY_URL=https://osm.etsi.org/jenkins/job/MON-stage_2-merge/job/master/741/display/redirect?page=changes
GERRIT_PROJECT=osm/MON
XDG_SESSION_TYPE=tty
SHLVL=0
NODE_LABELS=osm-cicd-3 osm3 stage_2
HUDSON_URL=https://osm.etsi.org/jenkins/
MOTD_SHOWN=pam
OLDPWD=/home/jenkins
HOME=/home/jenkins
BUILD_URL=https://osm.etsi.org/jenkins/job/MON-stage_2-merge/job/master/741/
HUDSON_COOKIE=c6b9da69-dd71-4090-b08e-b0709bfdb282
JENKINS_SERVER_COOKIE=durable-b9008e46b94dcdf0b27b851dabdd0c8e
DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1001/bus
GERRIT_PATCHSET_REVISION=1e6e756218d1f398d4545c0d51ed78a35ac370f7
WORKSPACE=/home/jenkins/workspace/MON-stage_2-merge_master
LOGNAME=jenkins
NODE_NAME=osm-cicd-3
GERRIT_BRANCH=master
_=/usr/bin/java
RUN_ARTIFACTS_DISPLAY_URL=https://osm.etsi.org/jenkins/job/MON-stage_2-merge/job/master/741/display/redirect?page=artifacts
XDG_SESSION_CLASS=user
EXECUTOR_NUMBER=0
XDG_SESSION_ID=2057
RUN_TESTS_DISPLAY_URL=https://osm.etsi.org/jenkins/job/MON-stage_2-merge/job/master/741/display/redirect?page=tests
BUILD_DISPLAY_NAME=#741
PROJECT_URL_PREFIX=https://osm.etsi.org/gerrit
HUDSON_HOME=/var/lib/jenkins
JOB_BASE_NAME=master
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin
BUILD_ID=741
XDG_RUNTIME_DIR=/run/user/1001
BUILD_TAG=jenkins-MON-stage_2-merge-master-741
JENKINS_URL=https://osm.etsi.org/jenkins/
LANG=C.UTF-8
JOB_URL=https://osm.etsi.org/jenkins/job/MON-stage_2-merge/job/master/
BUILD_NUMBER=741
SHELL=/bin/bash
RUN_DISPLAY_URL=https://osm.etsi.org/jenkins/job/MON-stage_2-merge/job/master/741/display/redirect
ARTIFACTORY_SERVER=artifactory-osm
GERRIT_REFSPEC=refs/changes/16/14316/1
HUDSON_SERVER_COOKIE=6d3295a483c3e6d5
JOB_DISPLAY_URL=https://osm.etsi.org/jenkins/job/MON-stage_2-merge/job/master/display/redirect
JOB_NAME=MON-stage_2-merge/master
TEST_INSTALL=false
PWD=/home/jenkins/workspace/MON-stage_2-merge_master
SSH_CONNECTION=212.234.161.1 32791 172.21.249.3 22
BRANCH_NAME=master
[Pipeline] }
[Pipeline] // stage
[Pipeline] stage
[Pipeline] { (Checkout)
[Pipeline] sh
[MON-stage_2-merge_master] Running shell script
+ git fetch --tags
[Pipeline] sh
[MON-stage_2-merge_master] Running shell script
+ git fetch origin refs/changes/16/14316/1
From https://osm.etsi.org/gerrit/osm/MON
 * branch            refs/changes/16/14316/1 -> FETCH_HEAD
[Pipeline] sh
[MON-stage_2-merge_master] Running shell script
+ git checkout -f 1e6e756218d1f398d4545c0d51ed78a35ac370f7
HEAD is now at 1e6e756 Fix improper restriction of XMl External Entity Reference, by using lxml
[MON-stage_2-merge_master] Running shell script
[Pipeline] sh
+ sudo git clean -dfx
Removing .cache/
Removing .coverage
Removing .local/
Removing .safety/
Removing build.env
Removing changelog/
Removing cover/
Removing coverage.xml
Removing deb_dist/
Removing dist/
Removing nosetests.xml
Removing osm_mon-11.0.0.post35+g1e6e756.tar.gz
Removing osm_mon.egg-info/
Removing pool/
Removing vcd_pysdk.log
[Pipeline] }
[Pipeline] // stage
[Pipeline] stage
[Pipeline] { (License Scan)
[Pipeline] echo
skip the scan for merge
[Pipeline] }
[Pipeline] // stage
[Pipeline] stage
[Pipeline] { (Release Note Check)
[Pipeline] fileExists
No releasenote check present
[Pipeline] echo
[Pipeline] }
[Pipeline] // stage
[Pipeline] stage
[Pipeline] { (Docker-Build)
[Pipeline] sh
[MON-stage_2-merge_master] Running shell script
+ docker build --build-arg APT_PROXY=http://172.21.1.1:3142 -t osm/mon-master .
Sending build context to Docker daemon  155.9MB

Step 1/6 : FROM ubuntu:22.04
 ---> 52882761a72a
Step 2/6 : ARG APT_PROXY
 ---> Using cache
 ---> 959626367239
Step 3/6 : RUN if [ ! -z $APT_PROXY ] ; then     echo "Acquire::http::Proxy \"$APT_PROXY\";" > /etc/apt/apt.conf.d/proxy.conf ;    echo "Acquire::https::Proxy \"$APT_PROXY\";" >> /etc/apt/apt.conf.d/proxy.conf ;    fi
 ---> Using cache
 ---> 71ebb39dbfb1
Step 4/6 : RUN DEBIAN_FRONTEND=noninteractive apt-get update &&     DEBIAN_FRONTEND=noninteractive apt-get -y install         debhelper         dh-python         git         python3         python3-all         python3-dev         python3-setuptools         python3-pip         tox
 ---> Using cache
 ---> 5c1b402c741f
Step 5/6 : ENV LC_ALL C.UTF-8
 ---> Using cache
 ---> f0638f1cca05
Step 6/6 : ENV LANG C.UTF-8
 ---> Using cache
 ---> 9dc4aa90decf
Successfully built 9dc4aa90decf
Successfully tagged osm/mon-master:latest
[Pipeline] }
[Pipeline] // stage
[Pipeline] sh
[MON-stage_2-merge_master] Running shell script
+ id -u
[Pipeline] sh
[MON-stage_2-merge_master] Running shell script
+ id -g
[Pipeline] withDockerContainer
osm-cicd-3 does not seem to be running inside a container
$ docker run -t -d -u 1001:1001 -u root -w /home/jenkins/workspace/MON-stage_2-merge_master -v /home/jenkins/workspace/MON-stage_2-merge_master:/home/jenkins/workspace/MON-stage_2-merge_master:rw,z -v /home/jenkins/workspace/MON-stage_2-merge_master@tmp:/home/jenkins/workspace/MON-stage_2-merge_master@tmp:rw,z -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** --entrypoint cat osm/mon-master
[Pipeline] {
[Pipeline] stage
[Pipeline] { (Test)
[Pipeline] sh
[MON-stage_2-merge_master] Running shell script
+ groupadd -o -g 1001 -r jenkins
[Pipeline] sh
[MON-stage_2-merge_master] Running shell script
+ pwd
+ useradd -o -u 1001 -d /home/jenkins/workspace/MON-stage_2-merge_master -r -g jenkins jenkins
[Pipeline] sh
[MON-stage_2-merge_master] Running shell script
+ echo #! /bin/sh
[Pipeline] sh
[MON-stage_2-merge_master] Running shell script
+ chmod 755 /usr/bin/mesg
[Pipeline] sh
[MON-stage_2-merge_master] Running shell script
+ runuser jenkins -c devops-stages/stage-test.sh
Launching tox
✔ OK flake8 in 9.994 seconds
flake8 create: /tmp/.tox/flake8
flake8 installdeps: flake8
flake8 develop-inst: /home/jenkins/workspace/MON-stage_2-merge_master
flake8 installed: flake8==7.0.0,mccabe==0.7.0,-e git+https://osm.etsi.org/gerrit/osm/MON.git@1e6e756218d1f398d4545c0d51ed78a35ac370f7#egg=osm_mon,pycodestyle==2.11.1,pyflakes==3.2.0
flake8 run-test-pre: PYTHONHASHSEED='2145327295'
flake8 run-test: commands[0] | flake8 osm_mon/ setup.py

✔ OK black in 22.484 seconds
black create: /tmp/.tox/black
black installdeps: black==23.12.1
black installed: black==23.12.1,click==8.1.7,mypy-extensions==1.0.0,packaging==24.0,pathspec==0.12.1,platformdirs==4.2.1,tomli==2.0.1,typing_extensions==4.11.0
black run-test-pre: PYTHONHASHSEED='1284471361'
black run-test: commands[0] | black --check --diff osm_mon/
All done! ✨ 🍰 ✨
82 files would be left unchanged.
black run-test: commands[1] | black --check --diff setup.py
All done! ✨ 🍰 ✨
1 file would be left unchanged.

ERROR: invocation failed (exit code 1), logfile: /tmp/.tox/cover/log/cover-0.log
================================== log start ===================================
cover create: /tmp/.tox/cover
cover installdeps: -r/home/jenkins/workspace/MON-stage_2-merge_master/requirements.txt, -r/home/jenkins/workspace/MON-stage_2-merge_master/requirements-dev.txt, -r/home/jenkins/workspace/MON-stage_2-merge_master/requirements-test.txt
ERROR: invocation failed (exit code 1), logfile: /tmp/.tox/cover/log/cover-2.log
================================== log start ===================================
Obtaining n2vc from git+https://osm.etsi.org/gerrit/osm/N2VC.git@master#egg=n2vc (from -r /home/jenkins/workspace/MON-stage_2-merge_master/requirements-dev.txt (line 17))
  Cloning https://osm.etsi.org/gerrit/osm/N2VC.git (to revision master) to /tmp/.tox/cover/src/n2vc
  Running command git clone --filter=blob:none --quiet https://osm.etsi.org/gerrit/osm/N2VC.git /tmp/.tox/cover/src/n2vc
  fatal: unable to access 'https://osm.etsi.org/gerrit/osm/N2VC.git/': The requested URL returned error: 502
  error: subprocess-exited-with-error
  
  × git clone --filter=blob:none --quiet https://osm.etsi.org/gerrit/osm/N2VC.git /tmp/.tox/cover/src/n2vc did not run successfully.
  │ exit code: 128
  ╰─> See above for output.
  
  note: This error originates from a subprocess, and is likely not a problem with pip.
error: subprocess-exited-with-error

× git clone --filter=blob:none --quiet https://osm.etsi.org/gerrit/osm/N2VC.git /tmp/.tox/cover/src/n2vc did not run successfully.
│ exit code: 128
╰─> See above for output.

note: This error originates from a subprocess, and is likely not a problem with pip.

=================================== log end ====================================
ERROR: could not install deps [-r/home/jenkins/workspace/MON-stage_2-merge_master/requirements.txt, -r/home/jenkins/workspace/MON-stage_2-merge_master/requirements-dev.txt, -r/home/jenkins/workspace/MON-stage_2-merge_master/requirements-test.txt]; v = InvocationError('/tmp/.tox/cover/bin/python -m pip install -r/home/jenkins/workspace/MON-stage_2-merge_master/requirements.txt -r/home/jenkins/workspace/MON-stage_2-merge_master/requirements-dev.txt -r/home/jenkins/workspace/MON-stage_2-merge_master/requirements-test.txt', 1)

=================================== log end ====================================
✖ FAIL cover in 33.35 seconds
✔ OK safety in 1 minute, 6.746 seconds
safety create: /tmp/.tox/safety
safety installdeps: -r/home/jenkins/workspace/MON-stage_2-merge_master/requirements.txt, safety
safety develop-inst: /home/jenkins/workspace/MON-stage_2-merge_master
safety installed: aiokafka==0.8.1,annotated-types==0.6.0,appdirs==1.4.4,async-timeout==4.0.3,attrs==23.1.0,Authlib==1.3.0,autopage==0.5.1,certifi==2023.7.22,cffi==1.16.0,charset-normalizer==3.2.0,click==8.1.7,cliff==4.3.0,cmd2==2.4.3,contourpy==1.1.1,cryptography==41.0.4,cycler==0.12.0,dateparser==1.1.8,debtcollector==2.5.0,decorator==5.1.1,dogpile.cache==1.2.2,dparse==0.6.4b0,fonttools==4.42.1,futurist==2.4.1,gnocchiclient==7.0.8,httmock==1.4.0,humanfriendly==10.0,idna==3.4,importlib-metadata==6.8.0,iso8601==2.0.0,Jinja2==3.1.4,jmespath==1.0.1,jsonpatch==1.33,jsonpointer==2.4,kafka-python==2.0.2,keystoneauth1==5.3.0,kiwisolver==1.4.5,lxml==4.9.3,markdown-it-py==3.0.0,MarkupSafe==2.1.5,marshmallow==3.21.2,matplotlib==3.8.0,mdurl==0.1.2,msgpack==1.0.7,netaddr==0.9.0,netifaces==0.11.0,numpy==1.26.0,openstacksdk==1.5.0,os-client-config==2.1.0,os-service-types==1.7.0,osc-lib==2.8.1,oslo.config==9.2.0,oslo.context==5.2.0,oslo.i18n==6.1.0,oslo.log==5.3.0,oslo.serialization==5.2.0,oslo.utils==6.2.1,-e git+https://osm.etsi.org/gerrit/osm/MON.git@1e6e756218d1f398d4545c0d51ed78a35ac370f7#egg=osm_mon,packaging==23.1,pandas==2.1.1,pbr==5.11.1,Pillow==10.0.1,prettytable==0.7.2,prometheus-api-client==0.5.4,prometheus-client==0.17.1,pycparser==2.21,pydantic==2.7.1,pydantic_core==2.18.2,Pygments==2.16.1,pyinotify==0.9.6,pyparsing==3.1.1,pyperclip==1.8.2,python-ceilometerclient==2.9.0,python-cinderclient==8.3.0,python-dateutil==2.8.2,python-keystoneclient==5.2.0,python-neutronclient==11.0.0,python-novaclient==18.4.0,pytz==2023.3.post1,pyvcloud==23.0.4,PyYAML==6.0.1,regex==2023.8.8,requests==2.31.0,requestsexceptions==1.4.0,rfc3986==2.0.0,rich==13.7.1,ruamel.yaml==0.18.6,ruamel.yaml.clib==0.2.8,safety==3.2.0,safety-schemas==0.0.2,shellingham==1.5.4,simplejson==3.19.1,six==1.16.0,stevedore==5.1.0,tomli==2.0.1,typer==0.12.3,typing_extensions==4.8.0,tzdata==2023.3,tzlocal==5.0.1,ujson==5.8.0,unittest-xml-reporting==3.2.0,urllib3==2.0.5,vcd-api-schemas-type==10.3.0.dev72,wcwidth==0.2.7,wrapt==1.15.0,zipp==3.17.0
safety run-test-pre: PYTHONHASHSEED='2746653539'
safety run-test: commands[0] | - safety check --full-report
+==============================================================================+

                               /$$$$$$            /$$
                              /$$__  $$          | $$
           /$$$$$$$  /$$$$$$ | $$  \__//$$$$$$  /$$$$$$   /$$   /$$
          /$$_____/ |____  $$| $$$$   /$$__  $$|_  $$_/  | $$  | $$
         |  $$$$$$   /$$$$$$$| $$_/  | $$$$$$$$  | $$    | $$  | $$
          \____  $$ /$$__  $$| $$    | $$_____/  | $$ /$$| $$  | $$
          /$$$$$$$/|  $$$$$$$| $$    |  $$$$$$$  |  $$$$/|  $$$$$$$
         |_______/  \_______/|__/     \_______/   \___/   \____  $$
                                                          /$$  | $$
                                                         |  $$$$$$/
  by safetycli.com                                        \______/

+==============================================================================+

 REPORT 

  Safety is using PyUp's free open-source vulnerability database. This
data is 30 days old and limited. 
  For real-time enhanced vulnerability data, fix recommendations, severity
reporting, cybersecurity support, team and project policy management and more
sign up at https://pyup.io or email sales@pyup.io

  Safety v3.2.0 is scanning for Vulnerabilities...
  Scanning dependencies in your environment:

  -> /usr/lib/python310.zip
  -> /usr/lib/python3.10/lib-dynload
  -> /tmp/.tox/safety/bin
  -> /usr/lib/python3.10
  -> /tmp/.tox/safety/lib/python3.10/site-packages
  -> /home/jenkins/workspace/MON-stage_2-merge_master

  Using open-source vulnerability database
  Found and scanned 108 packages
  Timestamp 2024-05-08 16:14:12
  14 vulnerabilities reported
  0 vulnerabilities ignored

+==============================================================================+
 VULNERABILITIES REPORTED 
+==============================================================================+

-> Vulnerability found in wheel version 0.37.1
   Vulnerability ID: 51499
   Affected spec: <0.38.1
   ADVISORY: Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue
   discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier
   allows remote attackers to cause a denial of service via attacker
   controlled input to wheel cli.https://pyup.io/posts/pyup-discovers-redos-
   vulnerabilities-in-top-python-packages
   CVE-2022-40898
   For more information about this vulnerability, visit
   https://data.safetycli.com/v/51499/97c
   To ignore this vulnerability, use PyUp vulnerability id 51499 in safety’s
   ignore command-line argument or add the ignore to your safety policy file.


-> Vulnerability found in urllib3 version 2.0.5
   Vulnerability ID: 61893
   Affected spec: >=2.0.0a1,<2.0.7
   ADVISORY: Urllib3 1.26.18 and 2.0.7 include a fix for
   CVE-2023-45803: Request body not stripped after redirect from 303 status
   changes request method to GET.https://github.com/urllib3/urllib3/security/
   advisories/GHSA-g4mx-q9vg-27p4
   CVE-2023-45803
   For more information about this vulnerability, visit
   https://data.safetycli.com/v/61893/97c
   To ignore this vulnerability, use PyUp vulnerability id 61893 in safety’s
   ignore command-line argument or add the ignore to your safety policy file.


-> Vulnerability found in pip version 22.0.2
   Vulnerability ID: 62044
   Affected spec: <23.3
   ADVISORY: Affected versions of Pip are vulnerable to Command
   Injection. When installing a package from a Mercurial VCS URL (ie "pip
   install hg+...") with pip prior to v23.3, the specified Mercurial revision
   could be used to inject arbitrary configuration options to the "hg clone"
   call (ie "--config"). Controlling the Mercurial configuration can modify
   how and which repository is installed. This vulnerability does not affect
   users who aren't installing from Mercurial.
   CVE-2023-5752
   For more information about this vulnerability, visit
   https://data.safetycli.com/v/62044/97c
   To ignore this vulnerability, use PyUp vulnerability id 62044 in safety’s
   ignore command-line argument or add the ignore to your safety policy file.


-> Vulnerability found in fonttools version 4.42.1
   Vulnerability ID: 65095
   Affected spec: >=0,<4.43.0
   ADVISORY: fontTools is a library for manipulating fonts, written
   in Python. The subsetting module has a XML External Entity Injection (XXE)
   vulnerability which allows an attacker to resolve arbitrary entities when
   a candidate font (OT-SVG fonts), which contains a SVG table, is parsed.
   This allows attackers to include arbitrary files from the filesystem
   fontTools is running on or make web requests from the host system. This
   vulnerability has been patched in version 4.43.0.
   CVE-2023-45139
   For more information about this vulnerability, visit
   https://data.safetycli.com/v/65095/97c
   To ignore this vulnerability, use PyUp vulnerability id 65095 in safety’s
   ignore command-line argument or add the ignore to your safety policy file.


-> Vulnerability found in fonttools version 4.42.1
   Vulnerability ID: 61503
   Affected spec: >=4.28.2,<4.43.0
   ADVISORY: Fonttools is affected by a XML External Entity Injection
   (XXE) Vulnerability. As of fonttools>=4.28.2 the subsetting module has a
   XML External Entity Injection (XXE) vulnerability which allows an attacker
   to resolve arbitrary entities when a candidate font (OT-SVG fonts), which
   contains a SVG table, is parsed. This allows attackers to include
   arbitrary files from the filesystem fontTools is running on or make web
   requests from the host system.
   CVE-2023-45139
   For more information about this vulnerability, visit
   https://data.safetycli.com/v/61503/97c
   To ignore this vulnerability, use PyUp vulnerability id 61503 in safety’s
   ignore command-line argument or add the ignore to your safety policy file.


-> Vulnerability found in cryptography version 41.0.4
   Vulnerability ID: 65647
   Affected spec: <42.0.5
   ADVISORY: Cryptography version 42.0.5 introduces a limit on the
   number of name constraint checks during X.509 path validation to prevent
   denial of service attacks.https://github.com/pyca/cryptography/commit/4be5
   3bf20cc90cbac01f5f94c5d1aecc5289ba1f
   PVE-2024-65647
   For more information about this vulnerability, visit
   https://data.safetycli.com/v/65647/97c
   To ignore this vulnerability, use PyUp vulnerability id 65647 in safety’s
   ignore command-line argument or add the ignore to your safety policy file.


-> Vulnerability found in cryptography version 41.0.4
   Vulnerability ID: 62556
   Affected spec: >=3.1,<41.0.6
   ADVISORY: Cryptography 41.0.6 includes a fix for CVE-2023-49083:
   NULL-dereference when loading PKCS7
   certificates.https://github.com/advisories/GHSA-jfhm-5ghh-2f97
   CVE-2023-49083
   For more information about this vulnerability, visit
   https://data.safetycli.com/v/62556/97c
   To ignore this vulnerability, use PyUp vulnerability id 62556 in safety’s
   ignore command-line argument or add the ignore to your safety policy file.


-> Vulnerability found in cryptography version 41.0.4
   Vulnerability ID: 65212
   Affected spec: >=35.0.0,<42.0.2
   ADVISORY: Versions of Cryptograph starting from 35.0.0 are
   susceptible to a security flaw in the POLY1305 MAC algorithm on PowerPC
   CPUs, which allows an attacker to disrupt the application's state. This
   disruption might result in false calculations or cause a denial of
   service. The vulnerability's exploitation hinges on the attacker's ability
   to alter the algorithm's application and the dependency of the software on
   non-volatile XMM registers.https://github.com/pyca/cryptography/commit/89d
   0d56fb104ac4e0e6db63d78fc22b8c53d27e9
   CVE-2023-6129
   For more information about this vulnerability, visit
   https://data.safetycli.com/v/65212/97c
   To ignore this vulnerability, use PyUp vulnerability id 65212 in safety’s
   ignore command-line argument or add the ignore to your safety policy file.


-> Vulnerability found in cryptography version 41.0.4
   Vulnerability ID: 66777
   Affected spec: >=35.0.0,<42.0.2
   ADVISORY: CVE-2023-6237 addresses a vulnerability in RSA public
   key verification where checking a large, incorrect RSA key with
   EVP_PKEY_public_check() could take an excessive amount of time. This is
   due to no size limit on the RSA public key and an unnecessarily high
   number of Miller-Rabin rounds for modulus non-primality checks. The fix
   sets a maximum key size of 16384 bits and reduces Miller-Rabin rounds to
   5, enhancing security and performance by preventing the
   RSA_R_MODULUS_TOO_LARGE error.
   CVE-2023-6237
   For more information about this vulnerability, visit
   https://data.safetycli.com/v/66777/97c
   To ignore this vulnerability, use PyUp vulnerability id 66777 in safety’s
   ignore command-line argument or add the ignore to your safety policy file.


-> Vulnerability found in cryptography version 41.0.4
   Vulnerability ID: 66704
   Affected spec: >=38.0.0,<42.0.4
   ADVISORY: cryptography is a package designed to expose
   cryptographic primitives and recipes to Python developers. Starting in
   version 38.0.0 and before version 42.0.4, if
   `pkcs12.serialize_key_and_certificates` is called with both a certificate
   whose public key did not match the provided private key and an
   `encryption_algorithm` with `hmac_hash` set (via
   `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL
   pointer dereference would occur, crashing the Python process. This has
   been resolved in version 42.0.4, the first version in which a `ValueError`
   is properly raised.
   CVE-2024-26130
   For more information about this vulnerability, visit
   https://data.safetycli.com/v/66704/97c
   To ignore this vulnerability, use PyUp vulnerability id 66704 in safety’s
   ignore command-line argument or add the ignore to your safety policy file.


-> Vulnerability found in cryptography version 41.0.4
   Vulnerability ID: 65278
   Affected spec: <42.0.0
   ADVISORY: A flaw was found in the python-cryptography package.
   This issue may allow a remote attacker to decrypt captured messages in TLS
   servers that use RSA key exchanges, which may lead to exposure of
   confidential or sensitive data. See CVE-2023-50782.
   CVE-2023-50782
   For more information about this vulnerability, visit
   https://data.safetycli.com/v/65278/97c
   To ignore this vulnerability, use PyUp vulnerability id 65278 in safety’s
   ignore command-line argument or add the ignore to your safety policy file.


-> Vulnerability found in pillow version 10.0.1
   Vulnerability ID: 64437
   Affected spec: <10.2.0
   ADVISORY: Pillow is potentially vulnerable to DoS attacks through
   PIL.ImageFont.ImageFont.getmask(). A decompression bomb check has also
   been added to the affected
   function.https://pillow.readthedocs.io/en/stable/releasenotes/10.2.0.html
   PVE-2024-64437
   For more information about this vulnerability, visit
   https://data.safetycli.com/v/64437/97c
   To ignore this vulnerability, use PyUp vulnerability id 64437 in safety’s
   ignore command-line argument or add the ignore to your safety policy file.


-> Vulnerability found in pillow version 10.0.1
   Vulnerability ID: 64436
   Affected spec: <10.2.0
   ADVISORY: Pillow is affected by an arbitrary code execution
   vulnerability. If an attacker has control over the keys passed to the
   environment argument of PIL.ImageMath.eval(), they may be able to execute
   arbitrary
   code.https://pillow.readthedocs.io/en/stable/releasenotes/10.2.0.html
   CVE-2023-50447
   For more information about this vulnerability, visit
   https://data.safetycli.com/v/64436/97c
   To ignore this vulnerability, use PyUp vulnerability id 64436 in safety’s
   ignore command-line argument or add the ignore to your safety policy file.


-> Vulnerability found in pillow version 10.0.1
   Vulnerability ID: 67136
   Affected spec: <10.3.0
   ADVISORY: Pillow 10.3.0 introduces a security update addressing
   CVE-2024-28219 by replacing certain functions with strncpy to prevent
   buffer overflow issues.
   CVE-2024-28219
   For more information about this vulnerability, visit
   https://data.safetycli.com/v/67136/97c
   To ignore this vulnerability, use PyUp vulnerability id 67136 in safety’s
   ignore command-line argument or add the ignore to your safety policy file.


+==============================================================================+
   REMEDIATIONS

  14 vulnerabilities were reported in 6 packages. For detailed remediation & 
  fix recommendations, upgrade to a commercial license. 

+==============================================================================+

 Scan was completed. 14 vulnerabilities were reported. 

+==============================================================================+

  Safety is using PyUp's free open-source vulnerability database. This
data is 30 days old and limited. 
  For real-time enhanced vulnerability data, fix recommendations, severity
reporting, cybersecurity support, team and project policy management and more
sign up at https://pyup.io or email sales@pyup.io

+==============================================================================+

ERROR: invocation failed (exit code 1), logfile: /tmp/.tox/pylint/log/pylint-0.log
================================== log start ===================================
pylint create: /tmp/.tox/pylint
pylint installdeps: -r/home/jenkins/workspace/MON-stage_2-merge_master/requirements.txt, -r/home/jenkins/workspace/MON-stage_2-merge_master/requirements-dev.txt, -r/home/jenkins/workspace/MON-stage_2-merge_master/requirements-test.txt, pylint
ERROR: invocation failed (exit code 1), logfile: /tmp/.tox/pylint/log/pylint-2.log
================================== log start ===================================
Obtaining n2vc from git+https://osm.etsi.org/gerrit/osm/N2VC.git@master#egg=n2vc (from -r /home/jenkins/workspace/MON-stage_2-merge_master/requirements-dev.txt (line 17))
  Cloning https://osm.etsi.org/gerrit/osm/N2VC.git (to revision master) to /tmp/.tox/pylint/src/n2vc
  Running command git clone --filter=blob:none --quiet https://osm.etsi.org/gerrit/osm/N2VC.git /tmp/.tox/pylint/src/n2vc
  warning: filtering not recognized by server, ignoring
  error: RPC failed; HTTP 502 curl 22 The requested URL returned error: 502
  fatal: the remote end hung up unexpectedly
  error: subprocess-exited-with-error
  
  × git clone --filter=blob:none --quiet https://osm.etsi.org/gerrit/osm/N2VC.git /tmp/.tox/pylint/src/n2vc did not run successfully.
  │ exit code: 128
  ╰─> See above for output.
  
  note: This error originates from a subprocess, and is likely not a problem with pip.
error: subprocess-exited-with-error

× git clone --filter=blob:none --quiet https://osm.etsi.org/gerrit/osm/N2VC.git /tmp/.tox/pylint/src/n2vc did not run successfully.
│ exit code: 128
╰─> See above for output.

note: This error originates from a subprocess, and is likely not a problem with pip.

=================================== log end ====================================
ERROR: could not install deps [-r/home/jenkins/workspace/MON-stage_2-merge_master/requirements.txt, -r/home/jenkins/workspace/MON-stage_2-merge_master/requirements-dev.txt, -r/home/jenkins/workspace/MON-stage_2-merge_master/requirements-test.txt, pylint]; v = InvocationError('/tmp/.tox/pylint/bin/python -m pip install -r/home/jenkins/workspace/MON-stage_2-merge_master/requirements.txt -r/home/jenkins/workspace/MON-stage_2-merge_master/requirements-dev.txt -r/home/jenkins/workspace/MON-stage_2-merge_master/requirements-test.txt pylint', 1)

=================================== log end ====================================
✖ FAIL pylint in 6 minutes, 24.326 seconds
___________________________________ summary ____________________________________
  black: commands succeeded
ERROR:   cover: parallel child exit code 1
  flake8: commands succeeded
ERROR:   pylint: parallel child exit code 1
  safety: commands succeeded
[Pipeline] }
[Pipeline] // stage
[Pipeline] }
$ docker stop --time=1 fb1bb0e36cb8fc6cd1d7366a60424023ccaca5c5dd7b70cec1cc7bb69a681047
$ docker rm -f fb1bb0e36cb8fc6cd1d7366a60424023ccaca5c5dd7b70cec1cc7bb69a681047
[Pipeline] // withDockerContainer
[Pipeline] }
[Pipeline] // node
[Pipeline] End of Pipeline
ERROR: script returned exit code 1
Finished: FAILURE