-
Type:
Bug
-
Resolution: Not A Defect
-
Priority:
Major
-
Component/s: dependency-check-jenkins-plugin
-
None
-
Environment:Jenkins 1.609.3
OWASP Dependency-Check Plugin 1.3.1 (I built it, but the same issue occurred using the version 1.3.0)
I'm using the plugin in a Maven multi-module project, where I configured a post-build step to invoke it and a post-build action to publish the report.
Using the post-build step with the default configuration only two "random" vulnerabilities are found, while if I execute manually "mvn org.owasp:dependency-check-maven:check" from the base of the mult-module project a report is created for each module (with many more issues found).
Am I missing something?