Python scanning

[Ashish Mishra]

Hi,

      I was just wondering what is process of scanning python repo. I have a python repo where lots of python files are there. I have configured like /**/*.py, But I see reports like depependency-check-report.xml with 0 unique warnings and 0 duplicates. Then i scanned another test repo from github and got same result. Am i missing something here? There should some reports.

Regards,

Ashish

[Visser, Dale]

The online documentation looks a little out of sync with how the CLI application currently works. Have you tried “--enableExperimental”?

--
You received this message because you are subscribed to the Google Groups "Dependency Check" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dependency-che...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Ashish Mishra]

Dale. I am using pipeline syntax so could not use --enableExperimental, I think that is for cli version

[Ashish Mishra]

what do you think guys?

--
You received this message because you are subscribed to a topic in the Google Groups "Dependency Check" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/dependency-check/6fiJtdp50Xg/unsubscribe.
To unsubscribe from this group and all its topics, send an email to dependency-check+unsubscribe@googlegroups.com.

[Ashish Mishra]

I have ended up by downloading and running cli. something like below.

    wget http://dl.bintray.com/jeremy-long/owasp/dependency-check-3.0.2-release.zip

    unzip dependency-check-3.0.2-release.zip

    /home/ec2-user/dependency-check/bin/dependency-check.sh --project "Dev" --scan "/src/python" --format "XML" --disableNSP "true" --enableExperimental --disablePyDist "false" --disablePyPkg "false"

    dependencyCheckPublisher canComputeNew: false, defaultEncoding: '', healthy: '0', pattern: '', unHealthy: '1000'