dependency-track-plugin icon indicating copy to clipboard operation
dependency-track-plugin copied to clipboard

Published 20 hours ago verified publisher icon jenkinsci

Support uploading VEX files

Open aristotelos opened this issue 5 months ago • 0 comments

Is your feature request related to a problem? Please describe.

It would be helpful if this plugin would also support uploading VEX files along with the SBOM, so that vulnerability analysis can be stored in source control as well and cloning of previous projects is not necessary anymore (which the plugin does not support, see https://github.com/jenkinsci/dependency-track-plugin/issues/66).

Describe the solution you'd like

Allow to specify a VEX artifact in the Jenkins job configuration, just like the SBOM artifact is specified.

aristotelos avatar Aug 30 '24 07:08 aristotelos