[JIRA] (JENKINS-58610) Running dependencyCheckPublisher doesn't aggregate reports correctly

2 views
Skip to first unread message

m.akerberg@live.se (JIRA)

unread,
Jul 23, 2019, 2:43:02 AM7/23/19
to jenkinsc...@googlegroups.com
Marcus Åkerberg created an issue
 
Jenkins / Bug JENKINS-58610
Running dependencyCheckPublisher doesn't aggregate reports correctly
Issue Type: Bug Bug
Assignee: Unassigned
Components: dependency-check-jenkins-plugin
Created: 2019-07-23 06:42
Environment: Jenkins ver. 2.176.1
OWASP Dependency-Check Plugin 5.0.2
Priority: Minor Minor
Reporter: Marcus Åkerberg

We run a job that clones multiple projects and run the dependency check maven plugin in each project to generate XML reports. When all reports are generated we run the dependencyCheckPublisher pipeline step in the parent folder containing all the projects. In version 4.0.2 of the dependency-check-jenkins-plugin this generated an aggregated view of all reports showing all unique CVEs. In version 5.0.2 the counter in the top border of the report for critical/high/medium/low CVEs is aggregated correctly but the list of CVEs are only the ones from the first report. It would be nice to be able to get an aggregated view of all CVEs across multiple projects in the Jenkins job view.
Add Comment Add Comment
 
This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d)
Reply all
Reply to author
Forward
0 new messages