在线时间:8:00-16:00
迪恩网络APP
随时随地掌握行业动态
扫描二维码
关注迪恩网络微信公众号
开源软件名称(OpenSource Name):dependency-check/dependency-check-gradle开源软件地址(OpenSource Url):https://github.com/dependency-check/dependency-check-gradle开源编程语言(OpenSource Language):Groovy 100.0%开源软件介绍(OpenSource Introduction):Dependency-Check-GradleThe dependency-check gradle plugin allows projects to monitor dependent libraries for known, published vulnerabilities. Current ReleaseUsageBelow are the quick start instructions. Please see the documentation site for more detailed information on configuration and usage. Step 1, Apply dependency check gradle pluginInstall from Maven central repo buildscript {
repositories {
mavenCentral()
}
dependencies {
classpath 'org.owasp:dependency-check-gradle:7.1.0'
}
}
apply plugin: 'org.owasp.dependencycheck' Step 2, Run gradle taskOnce gradle plugin applied, run following gradle task to check dependencies:
The reports will be generated automatically under If your project includes multiple sub-projects, the report will be generated for each sub-project in their own FAQ
What if my project includes multiple sub-project? How can I use this plugin for each of them including the root project?Try put 'apply plugin: "dependency-check"' inside the 'allprojects' or 'subprojects' if you'd like to check all sub-projects only, see below: (1) For all projects including root project: buildscript {
repositories {
mavenCentral()
}
dependencies {
classpath 'org.owasp:dependency-check-gradle:7.1.0'
}
}
allprojects {
apply plugin: 'org.owasp.dependencycheck'
} (2) For all sub-projects: buildscript {
repositories {
mavenCentral()
}
dependencies {
classpath 'org.owasp:dependency-check-gradle:7.1.0'
}
}
subprojects {
apply plugin: 'org.owasp.dependencycheck'
} In this way, the dependency check will be executed for all projects (including root project) or just sub projects. How to customize the report directory?By default, all reports will be placed under subprojects {
apply plugin: 'org.owasp.dependencycheck'
dependencyCheck {
outputDirectory = "$buildDir/security-report"
}
} How do I use the plugin with Gradle Kotlin DSL?plugins {
id("org.owasp.dependencycheck") version "7.1.0" apply false
}
allprojects {
apply(plugin = "org.owasp.dependencycheck")
}
configure<org.owasp.dependencycheck.gradle.extension.DependencyCheckExtension> {
format = org.owasp.dependencycheck.reporting.ReportGenerator.Format.ALL
} |
2023-10-27
2022-08-15
2022-08-17
2022-09-23
2022-08-13
请发表评论