The following plugin provides functionality available through Pipeline-compatible steps. Read more about how to integrate steps into your Pipeline in the Steps section of the Pipeline Syntax page.

For a list of other such plugins, see the Pipeline Steps Reference page.

OWASP Dependency-Check Plugin

View this plugin on the Plugins site

dependencyCheckPublisher: Publish Dependency-Check results

  • failedNewCritical : int (optional)
  • failedNewHigh : int (optional)
  • failedNewLow : int (optional)
  • failedNewMedium : int (optional)
  • failedTotalCritical : int (optional)
  • failedTotalHigh : int (optional)
  • failedTotalLow : int (optional)
  • failedTotalMedium : int (optional)
  • newThresholdAnalysisExploitable : boolean (optional)
  • pattern : String (optional)
  • stopBuild : boolean (optional)
  • totalThresholdAnalysisExploitable : boolean (optional)
  • unstableNewCritical : int (optional)
  • unstableNewHigh : int (optional)
  • unstableNewLow : int (optional)
  • unstableNewMedium : int (optional)
  • unstableTotalCritical : int (optional)
  • unstableTotalHigh : int (optional)
  • unstableTotalLow : int (optional)
  • unstableTotalMedium : int (optional)

step([$class: 'DependencyCheckPublisher']): Publish Dependency-Check results

  • failedNewCritical : int (optional)
  • failedNewHigh : int (optional)
  • failedNewLow : int (optional)
  • failedNewMedium : int (optional)
  • failedTotalCritical : int (optional)
  • failedTotalHigh : int (optional)
  • failedTotalLow : int (optional)
  • failedTotalMedium : int (optional)
  • newThresholdAnalysisExploitable : boolean (optional)
  • pattern : String (optional)
    Specifies the Dependency-Check XML report to parse. If not specified, the value will default to **/dependency-check-report.xml.
  • stopBuild : boolean (optional)
    If enabled, it stops the build when one of failed threshold is violated. It does not on unstable threshold.
  • totalThresholdAnalysisExploitable : boolean (optional)
  • unstableNewCritical : int (optional)
  • unstableNewHigh : int (optional)
  • unstableNewLow : int (optional)
  • unstableNewMedium : int (optional)
  • unstableTotalCritical : int (optional)
  • unstableTotalHigh : int (optional)
  • unstableTotalLow : int (optional)
  • unstableTotalMedium : int (optional)

dependencyCheck: Invoke Dependency-Check

  • odcInstallation : String
  • additionalArguments : String (optional)
    Defines the arguments to pass to the command-line tool. By default, the following options will be passed if not specified:

    --project The name of the Jenkins job
    --scan The build workspace
    --format XML
  • skipOnScmChange : boolean (optional)
    If enabled, a Dependency-Check analysis will not be performed if the job was triggered by an SCM change.
  • skipOnUpstreamChange : boolean (optional)
    If enabled, a Dependency-Check analysis will not be performed if the job was triggered by an upstream change.
  • stopBuild : boolean (optional)
    If enabled, it stops the build when the Dependency-Check analysis exit with code different than 0.

Was this page helpful?

Please submit your feedback about this page through this quick form.

Alternatively, if you don't wish to complete the quick form, you can simply indicate if you found this page helpful?

    


See existing feedback here.