Skip to main content
29 questions
Newest Active Bountied Unanswered
0 votes
0 answers
54 views

I want to generate artifacts of type HTML and JSON for Jenkins. I now only generate HTML reports. My end goal is to check the JSON report for any issues and make the build UNSTABLE if there are any ...
Europa's user avatar
  • 1,422
0 votes
1 answer
58 views

In Jenkins, I'm using the OWASP plugin, but I keep getting the error: ERROR: Couldn’t find any executable in 'null'. stage('Dependency-Check') { steps { dir("${...
AccorDi's user avatar
  • 1
0 votes
1 answer
200 views

We are setting up our CI/CD pipelines, and thinking about what we can do for the dependencies we use. I haven't used any of the software mentioned so I am a bit lost and would appreciate some help. ...
Skaros Ilias's user avatar
  • 1,082
2 votes
2 answers
4k views

I'm trying to use the dependency-check-maven plugin, but I always get stuck in the updateof the NVD database. This is my easy set up: <plugin> <groupId>org.owasp</groupId> <...
Luca Varini's user avatar
  • 41
0 votes
1 answer
289 views

If I run the tool from CLI to check a pom.xml file, how can I specify the location of settings.xml file (~/.m2/settings.xml)? I have two different private maven repositories specified in there to get ...
Adrian Ber's user avatar
  • 21.5k
1 vote
1 answer
625 views

After the CVSS v4.0 is added to NVD Jenkins dependency-check-plugin cannot parse xml output of OWASP dependency-check in version 10.0.1. Error: [Pipeline] dependencyCheckPublisher [DependencyCheck] ...
p3ngum4n's user avatar
  • 38
0 votes
0 answers
156 views

I keep getting this message while trying to run a maven dependency check in the Eclipse IDE.BUILD FAILURE "ERROR The goal you specified requires a project to execute but there is no POM in this ...
Jennifer Lozier's user avatar
  • 1
1 vote
1 answer
142 views

I am using https://github.com/dependency-check/dependency-check-gradle in my Android project. Where I want to exclude these dependencies ant-1.10.9.jar (pkg:maven/org.apache.ant/[email protected], cpe:2.3:a:...
Gita Android Learner's user avatar
  • 13
0 votes
1 answer
756 views

I am using OWASP dependency-check-gradle plugin version 8.4.0 https://plugins.gradle.org/plugin/org.owasp.dependencycheck sonar-scanner-gradle version 4.3.1.3277 sonar-scanner-gradle version = ? https:...
Murat K.'s user avatar
  • 979
1 vote
1 answer
1k views

I created a Jenkins pipeline that performs a daily vulnerability check (I'm using OWASP Dependency-Check) of my Java projects (Maven and Spring Boot). It often happens that vulnerabilities are ...
Lako12's user avatar
  • 376
1 vote
1 answer
1k views

I want to avoid running org.owasp dependency-check-maven when I run mvn clean install. On the other hand, I would like it to run on mvn clean site. In my pom file, I have this code: <plugin> ...
PatPanda's user avatar
  • 5,418
2 votes
0 answers
355 views

I'm currently using the OWASP dependency check tools in order to find vulnerabilities in my Angular application. When reading blog posts about this, I noticed that people usually exclude the ...
ssougnez's user avatar
  • 5,986
3 votes
0 answers
632 views

I am trying to use owasp dependency check in gitlab-ci job using latest owasp docker image. Dependency check works well, but when I tried to add suppress xml file, it doesn't work - it doesn't ...
Adam K's user avatar
  • 31
0 votes
1 answer
403 views

I am currently facing a challenge with running the Dependency-Check plugin in offline mode using "mvn -o." Although I have mirrored all external resources locally, I encounter an issue that ...
badr dahmane's user avatar
  • 1
0 votes
1 answer
833 views

We're using a combination of Jenkins and Sonar Plugin of OWASP DependencyCheck https://owasp.org/www-project-dependency-check/. The reports in HTML and JSON getting generated during pipeline build in ...
mansing shinde's user avatar
  • 465

15 30 50 per page
1
2