Rajat R.

Commented on How to Fix Invalid JSON Format Error When Uploadin...·Posted inHelp

we have to go personally into each link and update the severity. Rather than this it can take the severity from the file itself.

Commented on How to Fix Invalid JSON Format Error When Uploadin...·Posted inHelp

Rajat R.

Hello Valentijn S. , Thank you for the fix, I have a question regarding the fix. Currently when we upload all the vulnerabilities are set to info rather than picking the severity from the each vulnerability itself.

Commented on How to Fix Invalid JSON Format Error When Uploadin...·Posted inHelp

Rajat R.

I will create a github issue but I currently do not have any sample JSON file. Valentijn S.

Commented on How to Fix Invalid JSON Format Error When Uploadin...·Posted inHelp

Rajat R.

Valentijn S.

Commented on How to Fix Invalid JSON Format Error When Uploadin...·Posted inHelp

Rajat R.

I checked everywhere the govulncheck outputs Newline-Delimited JSON (NDJSON) — a stream of independent JSON objects, each on its own, separated by newlines. The objects come in this sequence:

{ "config": ... }          ← scanner metadata, one per run
{ "SBOM": ... }            ← all modules in go.mod with versions
{ "progress": ... }        ← status messages (can appear multiple times)
{ "osv": ... }             ← one per vulnerability CHECKED (entire vuln DB scan)
{ "osv": ... }             ← ...repeated for every CVE govulncheck evaluated
{ "osv": ... }
{ "progress": ... }
{ "finding": ... }         ← ONE per actual vulnerability found in YOUR code
{ "finding": ... }         ← (can have multiple findings per OSV if multiple call sites)

But the Defect Dojo requires a regular JSON which is why Defect Dojo fails to import govulncheck report.

Commented on How to Fix Invalid JSON Format Error When Uploadin...·Posted inHelp

Rajat R.

If I generate any govulncheck report is returns the same thing. Does anyone know how to fix this ?? Valentijn S.

Commented on How to Fix Invalid JSON Format Error When Uploadin...·Posted inHelp

Rajat R.

govulncheck -format json . > dependency-report.json

Commented on How to Fix Invalid JSON Format Error When Uploadin...·Posted inHelp

Rajat R.

Yeah, The JSON file is invalid, But this was generated by govulncheck, Any idea about it. ?

Commented on How to Fix Invalid JSON Format Error When Uploadin...·Posted inHelp

Rajat R.

[01/Apr/2026 10:02:35] WARNING [dojo.importers.base_importer:179] Invalid JSON format
[01/Apr/2026 10:02:35] ERROR [dojo.engagement.views:984] An exception error occurred during the report import
Traceback (most recent call last):
  File "/app/dojo/tools/govulncheck/parser.py", line 74, in get_findings
    data = json.load(scan_file)
  File "/usr/local/lib/python3.13/json/__init__.py", line 298, in load
    return loads(fp.read(),
        cls=cls, object_hook=object_hook,
        parse_float=parse_float, parse_int=parse_int,
        parse_constant=parse_constant, object_pairs_hook=object_pairs_hook, **kw)
  File "/usr/local/lib/python3.13/json/__init__.py", line 352, in loads
    return _default_decoder.decode(s)
           ~~~~~~~~~~~~~~~~~~~~~~~^^^
  File "/usr/local/lib/python3.13/json/decoder.py", line 348, in decode
    raise JSONDecodeError("Extra data", s, end)
json.decoder.JSONDecodeError: Extra data: line 13 column 1 (char 289)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/app/dojo/importers/base_importer.py", line 177, in parse_findings_static_test_type
    return parser.get_findings(scan, self.test)
           ~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^
  File "/app/dojo/tools/govulncheck/parser.py", line 77, in get_findings
    raise ValueError(msg)
ValueError: Invalid JSON format

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/app/dojo/engagement/views.py", line 975, in import_findings
    context["test"], _, finding_count, closed_finding_count, _, _, _ = importer_client.process_scan(
                                                                       ~~~~~~~~~~~~~~~~~~~~~~~~~~~~^
        context.pop("scan", None),
        ^^^^^^^^^^^^^^^^^^^^^^^^^^
    )
    ^
  File "/app/dojo/importers/default_importer.py", line 113, in process_scan
    parsed_findings = self.parse_findings(scan, parser) or []
                      ~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^
  File "/app/dojo/importers/base_importer.py", line 282, in parse_findings
    parsed_findings = self.parse_findings_static_test_type(scan, parser)
  File "/app/dojo/importers/default_importer.py", line 417, in parse_findings_static_test_type
    return super().parse_findings_static_test_type(scan, parser)
           ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^
  File "/app/dojo/importers/base_importer.py", line 180, in parse_findings_static_test_type
    raise ValidationError(e)
django.core.exceptions.ValidationError: ['Invalid JSON format']

Posted in Help·

Rajat R.

How to Fix Invalid JSON Format Error When Uploading Govulncheck Report in DefectDojo 2.55.6

Hello i am running defectdojo 2.55.6. I am trying to upload govulncheck report but returns invalid json format error . Here is the command used govulncheck -format json . > dependency-report.json

14Comments