Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-58610

Running dependencyCheckPublisher doesn't aggregate reports correctly

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Minor Minor
    • dependency-check-jenkins-plugin
    • None
    • Jenkins ver. 2.176.1
      OWASP Dependency-Check Plugin 5.0.2
    • 5.2.0

      We run a job that clones multiple projects and run the dependency check maven plugin in each project to generate XML reports. When all reports are generated we run the dependencyCheckPublisher pipeline step in the parent folder containing all the projects. In version 4.0.2 of the dependency-check-jenkins-plugin this generated an aggregated view of all reports showing all unique CVEs. In version 5.0.2 the counter in the top border of the report for critical/high/medium/low CVEs is aggregated correctly but the list of CVEs are only the ones from the first report. It would be nice to be able to get an aggregated view of all CVEs across multiple projects in the Jenkins job view.

            nfalco Nikolas Falco
            akerbergen Marcus Ã…kerberg
            Votes:
            3 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: