dependency-check-plugin
dependency-check-plugin copied to clipboard
jenkinsci
Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).
See [JENKINS-59869](https://issues.jenkins.io/browse/JENKINS-59869): the environment used by the `dependency-check.sh` process, when using the `dependencyCheck` step in a Pipeline, is the initial environment of the build. It does not include the variables...
This fix will resolve multiple issues reported for the dependency check publisher. The aggregation of multiple files had a serious mistake in the way it processed multiple files. It created...
This commit adds two new tables to the "Dependency-Check Results" page for each build: 1. all findings that are new in this build. 2. findings that appear to have been...
Bumps [workflow-cps](https://github.com/jenkinsci/workflow-cps-plugin) from 1.4 to 2.65. Changelog Sourced from workflow-cps's changelog. 2.65 Release date: 2019-03-25 Fix security issue 2.64 Release date: 2019-03-06 Fix security issue 2.63 Release date: 2019-02-01 Enhancement:...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Add the files that are downloaded as part of the build process to the `.gitignore` file so they don't need to be excluded manually from commits.
it seems that echarts gives the highest priority to the series defined last. So if we want critical vulnerabilities to be seen, even if there are lower ranking vulnerabilities with...
To improve accessibility to the latest dependency check report add a new action on the main job page as for the "Last Test Result" that leads to the last dependency-check....
Create a dedicate pipeline step that does impact previous builds where we have access to pipeline API to mark stages as failed/unstable. Furthermore add a "stop build" option to stop...
Previously, trying to use this plugin when referencing the global tool inside of a Jenkinsfile failed miserably. I've made a few updates to get it working. Example: pipeline { agent...
Because the call "build.setResult()" does only affect the overall build status and not the build step status, the status on the build step was previously not displayed correctly. By throwing...
