Mar 25, 2024 · Add the ability to scan your dependencies and get an insight on the vulnerabilities, compliance, maintainability, popularity and more.
Feb 25, 2024 · Dependency-Check is a utility that identifies project dependencies and checks if there are any known, publicly disclosed, vulnerabilities.
Feb 23, 2024 · This library provides a Java API to read, aggregate, filter, and query static analysis reports. It is used by my Jenkins' warnings plug-in ...
Go to Settings » Security » Code security and analysis » Code scanning » Check Failure and select the behavior you want. Missing access to Code Scanning API.
This plugin provides a deep integration between Jenkins and Maven. It adds support for automatic triggers between projects depending on SNAPSHOTs as well as ...
The Maven project object model ("POM") defines a parent project object model that provides default settings. An update of the parent POM will allow this ...
Spotbugs checks are included in the Apache Maven verify step. Run the spotbugs analysis checks as part of the Apache Maven verify step with the command: mvn ...
Mar 2, 2020 · Findsecbugs for Developers ... Spotbugs is a utility used in Jenkins and many other Java projects to detect common Java coding mistakes and bugs.
Sep 7, 2021 · Maven plugin bundles commons-httpclient library vulnerable to man-in-the-middle attacks · Sensitive values in module build logs not masked.
Apr 12, 2023 · This plug-in publishes Software Bill-of-Materials (SBOM) to Dependency-Track for continuous analysis. This plugin supports CycloneDX and ...