The following plugin provides functionality available through Pipeline-compatible steps. Read more about how to integrate steps into your Pipeline in the Steps section of the Pipeline Syntax page.
For a list of other such plugins, see the Pipeline Steps Reference page.
dependencyCheckPublisher
: Publish Dependency-Check resultsfailedNewCritical : int
(optional)
failedNewHigh : int
(optional)
failedNewLow : int
(optional)
failedNewMedium : int
(optional)
failedTotalCritical : int
(optional)
failedTotalHigh : int
(optional)
failedTotalLow : int
(optional)
failedTotalMedium : int
(optional)
newThresholdAnalysisExploitable : boolean
(optional)
pattern : String
(optional)
skipNoReportFiles : boolean
(optional)
stopBuild : boolean
(optional)
totalThresholdAnalysisExploitable : boolean
(optional)
unstableNewCritical : int
(optional)
unstableNewHigh : int
(optional)
unstableNewLow : int
(optional)
unstableNewMedium : int
(optional)
unstableTotalCritical : int
(optional)
unstableTotalHigh : int
(optional)
unstableTotalLow : int
(optional)
unstableTotalMedium : int
(optional)
step([$class: 'DependencyCheckPublisher'])
: Publish Dependency-Check resultsfailedNewCritical : int
(optional)
failedNewHigh : int
(optional)
failedNewLow : int
(optional)
failedNewMedium : int
(optional)
failedTotalCritical : int
(optional)
failedTotalHigh : int
(optional)
failedTotalLow : int
(optional)
failedTotalMedium : int
(optional)
newThresholdAnalysisExploitable : boolean
(optional)
pattern : String
(optional)
skipNoReportFiles : boolean
(optional)
stopBuild : boolean
(optional)
totalThresholdAnalysisExploitable : boolean
(optional)
unstableNewCritical : int
(optional)
unstableNewHigh : int
(optional)
unstableNewLow : int
(optional)
unstableNewMedium : int
(optional)
unstableTotalCritical : int
(optional)
unstableTotalHigh : int
(optional)
unstableTotalLow : int
(optional)
unstableTotalMedium : int
(optional)
dependencyCheck
: Invoke Dependency-CheckodcInstallation : String
additionalArguments : String
(optional)
--project | The name of the Jenkins job |
--scan | The build workspace |
--format | XML |
nvdCredentialsId : String
(optional)
With 9.0.0 dependency-check has moved from using the NVD data-feed to the NVD API.
Users of dependency-check are highly encouraged to obtain an NVD API Key; see https://nvd.nist.gov/developers/request-an-api-key
Without an NVD API Key dependency-check's updates will be extremely slow.
The NVD API Key, CI, and Rate Limiting
The NVD API has enforced rate limits. If you are using a single API KEY and multiple builds occur you could hit the rate limit and receive 403 errors.
In a CI environment one must use a caching strategy or use a set API KEY to use for different jobs.
skipOnScmChange : boolean
(optional)
skipOnUpstreamChange : boolean
(optional)
stopBuild : boolean
(optional)
Please submit your feedback about this page through this quick form.
Alternatively, if you don't wish to complete the quick form, you can simply indicate if you found this page helpful?
See existing feedback here.