Property Detail

• java.util.List<java.lang.String> analyzedTypes

  The artifact types that will be analyzed in the gradle build.

• AnalyzerExtension analyzers

  Configuration for the analyzers.

• java.lang.Boolean autoUpdate

  Sets whether auto-updating of the NVD CVE/CPE data is enabled.

• CacheExtension cache

  The configuration extension for cache settings.

• CveExtension cve

  The configuration extension that defines the location of the NVD CVE data.

• java.lang.Integer cveValidForHours

  The number of hours to wait before checking for additional updates from the NVD.

• DataExtension data

  The configuration extension for data related configuration options.

• java.lang.Float failBuildOnCVSS

  Specifies if the build should be failed if a CVSS score above a specified level is identified. The default is 11 which means since the CVSS scores are 0-10, by default the build will never fail.

• java.lang.Boolean failOnError

  Whether the plugin should fail when errors occur.

• Format format

  The report format to be generated (HTML, XML, CSV, JUNIT, SARIF, ALL). This configuration option has no affect if using this within the Site plugin unless the externalReport is set to true. The default is HTML.

• java.util.List<Format> formats

  The list of formats to generate to report (HTML, XML, CSV, JUNIT, SARIF, ALL).

• java.lang.String hintsFile

  The path to the hints file.

• java.lang.Float junitFailOnCVSS

  Specifies the CVSS score that should be considered a failure when generating a JUNIT formatted report. The default is 0.0 which means all identified vulnerabilities would be considered a failure.

• java.lang.String outputDirectory

  The directory where the reports will be written. Defaults to 'build/reports'.

• org.gradle.api.Project project

• ProxyExtension proxy

  The configuration extension for proxy settings.

• java.lang.Boolean quickQueryTimestamp

  Set to false if the proxy does not support HEAD requests. The default is true.

• java.util.List<java.lang.String> scanConfigurations

  Names of the configurations to scan. This is mutually exclusive with the skipConfigurations property.

• java.util.List<java.lang.String> scanProjects

  Paths of the projects to scan. This is mutually exclusive with the skipProjects property.

• java.util.List<java.io.File> scanSet

  A set of files or folders to scan.

• java.lang.Boolean showSummary

  Displays a summary of the findings. Defaults to true.

• java.lang.Boolean skip

  Whether or not to skip the execution of dependency-check.

• java.util.List<java.lang.String> skipConfigurations

  Names of the configurations to skip when scanning. This is mutually exclusive with the scanConfigurations property.

• java.util.List<java.lang.String> skipGroups

  Group prefixes of the modules to skip when scanning. The 'project' prefix can be used to skip all internal dependencies from multi-project build.

• java.util.List<java.lang.String> skipProjects

  Paths of the projects to skip when scanning. This is mutually exclusive with the scanProjects property.

• java.lang.Boolean skipTestGroups

  When set to true configurations that are considered a test configuration will not be included in the analysis. A configuration is considered a test configuration if and only if any of the following conditions holds:

  • the name of the configuration or any of its parent configurations equals 'testCompile'
  • the name of the configuration or any of its parent configurations equals 'androidTestCompile'
  • the configuration name starts with 'test'
  • the configuration name starts with 'androidTest'
  The default value is true.

• SlackExtension slack

  The configuration extension for proxy settings.

• java.lang.String suppressionFile

  The path to the suppression file.

• java.util.List<java.lang.String> suppressionFiles

  The list of paths to suppression files.

Constructor Detail

• DependencyCheckExtension(org.gradle.api.Project project)

Method Detail

• java.lang.Object analyzers(groovy.lang.Closure configClosure)

  Allows programmatic configuration of the analyzer extension

  Parameters:

  configClosure - the closure to configure the analyzers extension

  Returns:

  the analyzers extension

• java.lang.Object cache(groovy.lang.Closure configClosure)

  Allows programmatic configuration of the cache extension

  Parameters:

  configClosure - the closure to configure the cache extension

  Returns:

  the cache extension

• java.lang.Object cve(groovy.lang.Closure configClosure)

  Allows programmatic configuration of the cve extension

  Parameters:

  configClosure - the closure to configure the cve extension

  Returns:

  the cve extension

• java.lang.Object data(groovy.lang.Closure configClosure)

  Allows programmatic configuration of the data extension

  Parameters:

  configClosure - the closure to configure the data extension

  Returns:

  the data extension

• java.lang.Object proxy(groovy.lang.Closure configClosure)

  Allows programmatic configuration of the proxy extension

  Parameters:

  configClosure - the closure to configure the proxy extension

  Returns:

  the proxy extension

• java.lang.Object slack(groovy.lang.Closure configClosure)

  Allows programmatic configuration of the slack extension

  Parameters:

  configClosure - the closure to configure the slack extension

  Returns:

  the slack extension