If any errors occur in the Dependency-Check plugin (i.e. the CLI tool exits with a non-zero return code) then the Jenkins build result is set to failure, as per this code https://github.com/jenkinsci/dependency-check-plugin/blob/master/src/main/java/org/jenkinsci/plugins/DependencyCheck/DependencyCheckToolBuilder.java#L157
I have two concerns with this.
- When this happens, it is far from obvious that the reason for the build failure is the Dependency-Check plugin. The build may well continue and do many more stages, so parsing build output to determine the root cause is much more onerous than it needs to be.
- I believe it ought to be possible to configure (through plugin invocation parameters) the effect on the build of any errors running the plugin. For example, it may be more appropriate to make the build UNSTABLE, or even not to affect the result at all (depending on the exact use case and convention). Given that Jenkins doesn't allow you to "improve" the build status after it's already been set to a given level (in this case FAILURE) then no workaround is possible (except to reinvent the wheel by downloading and running the CLI in a customised manner).