在管道中,我运行两个基准命令,用于在回购中生成和发布报告。但问题是结果中有0次警告
詹金斯的命令:
dependencyCheckAnalyzer datadir: '', hintsFile: '', includeCsvReports: false, includeHtmlReports: false, includeJsonReports: false, includeVulnReports: false, isAutoupdateDisabled: false, outdir: '', scanpath: '', skipOnScmChange: false, skipOnUpstreamChange: false, suppressionFile: '', zipExtensions: ''
dependencyCheckPublisher canComputeNew: false, defaultEncoding: '', healthy: '', pattern: '**/dependency-check-report.xml', unHealthy: ''
它输出的内容:
[DependencyCheck] OWASP Dependency-Check Plugin v3.1.1
[DependencyCheck] Executing Dependency-Check with the following options:
[DependencyCheck] -name = myDependencycheckerjob
[DependencyCheck] -scanPath = /mypath
[DependencyCheck] -outputDirectory = /mypath
[DependencyCheck] -dataDirectory = /mypath/dependency-check-data
[DependencyCheck] -dataMirroringType = none
...
[DependencyCheck] -opensslAnalyzerEnabled = true
[DependencyCheck] -showEvidence = true
[DependencyCheck] -formats = XML
[DependencyCheck] -autoUpdate = true
[DependencyCheck] -updateOnly = false
[DependencyCheck] Data directory created
[DependencyCheck] Scanning: /mypath
[DependencyCheck] Analyzing Dependencies
[Pipeline] dependencyCheckPublisher
[DependencyCheck] Collecting Dependency-Check analysis files...
[DependencyCheck] Searching for all files in /mypath that match the pattern **/dependency-check-report.xml
[DependencyCheck] Parsing 1 file in /mypath
[DependencyCheck] Successfully parsed file /mypath/dependency-check-report.xml with 0 unique warnings and 0 duplicates.
[DependencyCheck] Computing warning deltas based on reference build #3
现在依赖检查数据中的文件非常大,大约200mb,生成了报告但是找到了0个问题(似乎是关于项目根文件夹中的问题)。
这里缺少的是预先生成的输出?
html报告表明只有一个依赖项,即gradle-wrapper.jar