dependency-check-gradle
dependency-check-gradle copied to clipboard
dependency-check
The dependency-check gradle plugin is a Software Composition Analysis (SCA) tool that allows projects to monitor dependent libraries for known, published vulnerabilities.
Version of dependency-check-gradle: 7.1.2 Hello! I try to configure dc-gradle in build.gradle file and specify some host with no proxy like: ` dependencyCheck{ proxy { nonProxyHosts=['my-host.com'] } } ` But...
When running `./gradlew dependencyCheckAnalyze --configuration-cache --stacktrace` it does succeed however: ``` 13 problems were found storing the configuration cache, 2 of which seem unique. - Task `:core-microservice:dependencyCheckAnalyze` of type `org.owasp.dependencycheck.gradle.tasks.Analyze`:...
Hi, since the upgrade from version 9.0.9 to 9.0.10 of the dependency-check plugin the [jib plugin](https://github.com/GoogleContainerTools/jib) can't create an image. Changing the jib plugin version does not fix the problem...
I need some pointers on how to set up the dependency check in my multi-module Android project reliably. I am using version 9.0.9. I have around 30 modules, and often...
I want to call parameters via OS command line. I tried different options, but none of them work. For example: ```bash gradlew dependencyCheckAggregate -Porg.owasp.dependencycheck.data.directory=/owasp gradlew dependencyCheckAggregate -PdependencyCheck.data.directory=/owasp gradlew dependencyCheckAggregate -Dorg.owasp.dependencycheck.data.directory=/owasp...
Hello, we would like to publish the HTML report with each release of our product. But the report includes some fields which contain internal information which we do not want...
See https://plugins.gradle.org/plugin/org.owasp.dependencycheck/9.0.9 Click `git@...` link.
### Summary Using a cached h2 database build without spring boot 3.2 in a project that uses spring boot 3.2 will causes an error due to incompatible database versions ###...
Gradle introduced version catalog as part of gradle 7. This plugin is capable of determining dependency vulnerabilities in projects that utilize a version catalog. What I propose is the ability...
DependencyCheck supports pnpm based frontend projects out of the box with the PnpmAuditAnalyzer. With the DependencyCheck gradle task this analyzer will not be activated because the default scanset does not...
Metadata
Owner
Metadata
The dependency-check gradle plugin is a Software Composition Analysis (SCA) tool that allows projects to monitor dependent libraries for known, published vulnerabilities.