DependencyCheck In my project i have custom and missing dependencies, that means i am unable to build the project. Can i somehow run maven dependency check plugin and obtain info only about the working dependencies

In my project i have custom and missing dependencies, that means i am unable to build the project. Can i somehow run maven dependency check plugin and obtain info only about the working dependencies

Open manoelacmn opened this issue 6 months ago • 2 comments

For example let's say this is a fragment of my pom file:

(...)
<dependency>
            <groupId>com.google.code.gson</groupId>
            <artifactId>gson</artifactId>
            <version>2.8.9</version> <!-- check latest version for GSON -->
        </dependency>
           <dependency>
            <groupId>com.googffele.code.gson</groupId>
            <artifactId>gson</artifactId>
            <version>2.8.9</version> 
        </dependency>
  (...)

As it's possible to see the last dependency is invalid and it can not be checked, the example above is just a example of a missing depedency.

If i run "mvn org.owasp:dependency-check-maven:check -DskipTests=true", it resuts in error and don't get the scan.

My goal is to get the result only for valid ones

Aug 18 '24 20:08 manoelacmn

DependencyCheck DependencyCheck copied to clipboard

In my project i have custom and missing dependencies, that means i am unable to build the project. Can i somehow run maven dependency check plugin and obtain info only about the working dependencies

DependencyCheck
DependencyCheck copied to clipboard