Details
-
Bug
-
Resolution: Unresolved
-
Major
-
10.3.0.AM1
-
None
-
devex #127 February 2017
-
3
-
NEW
Description
0. download http://dl.bintray.com/jeremy-long/owasp/dependency-check-1.4.4-release.zip
1. download latest CI build update site zip, target platform zip, central zip, etc.
2. unpack update site zips
3. unpack dep-check zip
4. generate CVE report for each fetched zip:
./dependency-check.sh --disableAssembly -s /path/to/update-site/plugins/ --project devstudio_check -o WORKSPACE/path/to/report/folder/
Should use https://wiki.jenkins-ci.org/display/JENKINS/OWASP+Dependency-Check+Plugin for better reporting and maybe even enable this on every project job (once moved to CCI Jenkins).
Attachments
Issue Links
- is related to
-
-
- Closed
-
-
JBIDE-23317 Create and use Oxygen.0.M7 target platform
-
- Closed
-
- relates to
-
-
- Closed
-
-
-
- Closed
-
