Note:This goal should be used as a Maven report.
Full name:
org.owasp:dependency-check-maven:1.2.6:check
Description:
Attributes:
| Name | Type | Since | Description |
|---|---|---|---|
| autoUpdate | boolean | - | Sets whether auto-updating of the NVD CVE/CPE data is enabled. It
is not recommended that this be turned to false. Default is true. Default value is: true. User property is: autoupdate. |
| dataFileName | String | - | Sets whether or not the external report format should be used. Default value is: dependency-check.ser. User property is: metaFileName. |
| failBuildOnCVSS | float | - | Specifies if the build should be failed if a CVSS score above a
specified level is identified. The default is 11 which means since
the CVSS scores are 0-10, by default the build will never fail. Default value is: 11. User property is: failBuildOnCVSS. |
| format | String | - | The report format to be generated (HTML, XML, VULN, ALL). This
configuration option has no affect if using this within the Site
plugin unless the externalReport is set to true. Default is HTML. Default value is: HTML. User property is: format. |
| outputDirectory | File | - | The output directory. This generally maps to "target". Default value is: ${project.build.directory}. |
| reportOutputDirectory | File | - | Specifies the destination directory for the generated
Dependency-Check report. This generally maps to "target/site". Default value is: ${project.reporting.outputDirectory}. User property is: reportOutputDirectory. |
| Name | Type | Since | Description |
|---|---|---|---|
| aggregate | boolean | - | Generate aggregate reports in multi-module projects. Default value is: false. User property is: aggregate. |
| archiveAnalyzerEnabled | boolean | - | Whether or not the Archive Analyzer is enabled. Default value is: true. User property is: archiveAnalyzerEnabled. |
| assemblyAnalyzerEnabled | boolean | - | Whether or not the .NET Assembly Analyzer is enabled. Default value is: true. User property is: assemblyAnalyzerEnabled. |
| connectionString | String | - | The database connection string. User property is: connectionString. |
| connectionTimeout | String | - | The Connection Timeout. User property is: connectionTimeout. |
| cveUrl12Base | String | - | Base Data Mirror URL for CVE 1.2. User property is: cveUrl12Base. |
| cveUrl12Modified | String | - | Data Mirror URL for CVE 1.2. User property is: cveUrl12Modified. |
| cveUrl20Base | String | - | Data Mirror URL for CVE 2.0. User property is: cveUrl20Base. |
| cveUrl20Modified | String | - | Data Mirror URL for CVE 2.0. User property is: cveUrl20Modified. |
| dataDirectory | String | - | The data directory, hold DC SQL DB. User property is: dataDirectory. |
| databaseDriverName | String | - | The database driver name. An example would be org.h2.Driver. User property is: databaseDriverName. |
| databaseDriverPath | String | - | The path to the database driver if it is not on the class path. User property is: databaseDriverPath. |
| databasePassword | String | - | The password to use when connecting to the database. User property is: databasePassword. |
| databaseUser | String | - | The database user name. User property is: databaseUser. |
| externalReport | String | - | Deprecated. the internal report is no longer supported User property is: externalReport. |
| jarAnalyzerEnabled | boolean | - | Whether or not the Jar Analyzer is enabled. Default value is: true. User property is: jarAnalyzerEnabled. |
| logFile | String | - | The path to the verbose log. User property is: logfile. |
| mavenSettings | Settings | - | The maven settings. Default value is: ${settings}. User property is: mavenSettings. |
| mavenSettingsProxyId | String | - | The maven settings proxy id. User property is: mavenSettingsProxyId. |
| nexusAnalyzerEnabled | boolean | - | Whether or not the Nexus Analyzer is enabled. Default value is: true. User property is: nexusAnalyzerEnabled. |
| nexusUrl | String | - | Whether or not the Nexus Analyzer is enabled. User property is: nexusUrl. |
| nexusUsesProxy | boolean | - | Whether or not the configured proxy is used to connect to Nexus. Default value is: true. User property is: nexusUsesProxy. |
| nuspecAnalyzerEnabled | boolean | - | Whether or not the .NET Nuspec Analyzer is enabled. Default value is: true. User property is: nuspecAnalyzerEnabled. |
| pathToMono | String | - | The path to mono for .NET Assembly analysis on non-windows systems. User property is: pathToMono. |
| proxyUrl | String | - | Deprecated. Please use mavenSettings instead User property is: proxyUrl. |
| showSummary | boolean | - | Flag indicating whether or not to show a summary in the output. Default value is: true. User property is: showSummary. |
| skipProvidedScope | boolean | - | Skip Analysis for Provided Scope Dependencies. Default value is: false. User property is: skipProvidedScope. |
| skipRuntimeScope | boolean | - | Skip Analysis for Runtime Scope Dependencies. Default value is: false. User property is: skipRuntimeScope. |
| skipTestScope | boolean | - | Skip Analysis for Test Scope Dependencies. Default value is: true. User property is: skipTestScope. |
| suppressionFile | String | - | The path to the suppression file. User property is: suppressionFile. |
| zipExtensions | String | - | A comma-separated list of file extensions to add to analysis next
to jar, zip, .... User property is: zipExtensions. |
