Index (dependency-check-gradle 9.2.0 API)

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z _

A

AbstractAnalyze - Class in org.owasp.dependencycheck.gradle.tasks
AbstractAnalyze.CheckForFailureResult - Class in org.owasp.dependencycheck.gradle.tasks
AbstractAnalyze() - Constructor in AbstractAnalyze
addDependency(org.owasp.dependencycheck.Engine, java.lang.String, java.lang.String, org.gradle.api.artifacts.ModuleVersionIdentifier, java.lang.String, java.io.File) - Method in AbstractAnalyze: Adds a dependency to the engine.
addInfoToDependencies(List<Dependency>, java.lang.String, org.gradle.api.artifacts.ModuleVersionIdentifier, Set<IncludedByReference>) - Method in AbstractAnalyze: Adds additional information and evidence to the dependencies.
AdditionalCpe - Class in org.owasp.dependencycheck.gradle.extension: Holder for the information regarding an additional CPE to be checked.
AdditionalCpe(java.lang.String) - Constructor in AdditionalCpe
additionalCpes - Property in DependencyCheckExtension: Additional CPE to be analyzed.
Aggregate - Class in org.owasp.dependencycheck.gradle.tasks: Checks the projects dependencies for known vulnerabilities.
Aggregate() - Constructor in Aggregate
AGGREGATE_TASK - Field in DependencyCheckPlugin
Analyze - Class in org.owasp.dependencycheck.gradle.tasks: Checks the projects dependencies for known vulnerabilities.
analyze() - Method in AbstractAnalyze: Calls dependency-check-core's analysis engine to scan all of the projects dependencies.
Analyze() - Constructor in Analyze
ANALYZE_TASK - Field in DependencyCheckPlugin
analyzedTypes - Property in DependencyCheckExtension: The artifact types that will be analyzed in the gradle build.
AnalyzerExtension - Class in org.owasp.dependencycheck.gradle.extension: The analyzer configuration extension.
AnalyzerExtension(org.gradle.api.Project) - Constructor in AnalyzerExtension
analyzers - Property in DependencyCheckExtension: Configuration for the analyzers.
apiKey - Property in NvdExtension: The API Key to access the NVD API; obtained from https://nvd.nist.gov/developers/request-an-api-key.
apiToken - Property in ArtifactoryExtension: The API token to connect to Artifactory instance.
apply(org.gradle.api.Project) - Method in DependencyCheckPlugin
archiveEnabled - Property in AnalyzerExtension: Sets whether the Archive Analyzer will be used.
artifactory - Property in AnalyzerExtension: The configuration extension for artifactory settings.
ArtifactoryExtension - Class in org.owasp.dependencycheck.gradle.extension: The artifactory analyzer configuration.
ArtifactoryExtension() - Constructor in ArtifactoryExtension
artifactType - Property in AbstractAnalyze
assemblyEnabled - Property in AnalyzerExtension: Sets whether the .NET Assembly Analyzer should be used.
autoconfEnabled - Property in AnalyzerExtension: Sets whether the autoconf Analyzer should be used.
autoUpdate - Property in DependencyCheckExtension: Sets whether auto-updating of the NVD CVE/CPE data is enabled.

B

bearerToken - Property in ArtifactoryExtension: The bearer token to connect to Artifactory instance.
bundleAuditEnabled - Property in AnalyzerExtension: Sets whether the Ruby Bundle Audit analyzer is enabled; requires running bundle audit.

C

cache - Property in DependencyCheckExtension: The configuration extension for cache settings.
CacheExtension - Class in org.owasp.dependencycheck.gradle.extension: The configuration for caching external results.
CacheExtension() - Constructor in CacheExtension
callIncompatibleWithConfigurationCache() - Method in AbstractAnalyze: Calls notCompatibleWithConfigurationCache method in order to avoid failures when Gradle configuration cache is enabled.
canBeResolved(org.gradle.api.artifacts.Configuration) - Method in AbstractAnalyze: Determines if the onfiguration can be resolved
central - Property in CacheExtension: Sets whether the Central Analyzer's results should be cached locally.
centralEnabled - Property in AnalyzerExtension: Sets whether Central Analyzer will be used.
checkForFailure(org.owasp.dependencycheck.Engine) - Method in AbstractAnalyze: If configured, fails the build if a vulnerability is identified with a CVSS score higher than the failure threshold configured.
CheckForFailureResult(java.lang.Boolean, java.lang.String) - Constructor in AbstractAnalyze.CheckForFailureResult
checkGradleVersion(org.gradle.api.Project) - Method in DependencyCheckPlugin
cleanup(org.owasp.dependencycheck.Engine) - Method in AbstractAnalyze: Releases resources and removes temporary files used.
cleanup() - Method in Purge: Releases resources and removes temporary files used.
cleanup(org.owasp.dependencycheck.Engine) - Method in Update: Releases resources and removes temporary files used.
cmakeEnabled - Property in AnalyzerExtension: Sets whether the CMake Analyzer should be used.
cocoapodsEnabled - Property in AnalyzerExtension: Sets whether the cocoapods analyzer is enabled.
composerEnabled - Property in AnalyzerExtension: Sets whether the PHP Composer Lock File Analyzer should be used.
config - Property in ConfiguredTask
ConfiguredTask - Class in org.owasp.dependencycheck.gradle.tasks: Standard class to read in the configuration and populated the ODC settings.
ConfiguredTask() - Constructor in ConfiguredTask
connectionString - Property in DataExtension: The connection string to the database.
cpanEnabled - Property in AnalyzerExtension: Sets whether the Perl CPAN File Analyzer should be used.
cpe - Property in AdditionalCpe: The CPE to be checked against the database.
createFailed(java.lang.String) - Method in AbstractAnalyze.CheckForFailureResult
createSuccess() - Method in AbstractAnalyze.CheckForFailureResult
currentProjectName - Property in AbstractAnalyze

D

dartEnabled - Property in AnalyzerExtension: Sets whether the swift package manager analyzer is enabled.
data - Property in DependencyCheckExtension: The configuration extension for data related configuration options.
DataExtension - Class in org.owasp.dependencycheck.gradle.extension: The update data configuration extension.
DataExtension(org.gradle.api.Project) - Constructor in DataExtension
datafeedPassword - Property in NvdExtension: Credentials used for basic authentication for the NVD API Data feed.
datafeedUrl - Property in NvdExtension: The URL for the NVD API Data feed that can be generated using https://github.com/jeremylong/Open-Vulnerability-Project/tree/main/vulnz#caching-the-nvd-cve-data.
datafeedUser - Property in NvdExtension: Credentials used for basic authentication for the NVD API Data feed.
delay - Property in NvdExtension: The number of milliseconds to wait between calls to the NVD API.
DependencyCheckExtension - Class in org.owasp.dependencycheck.gradle.extension
DependencyCheckExtension(org.gradle.api.Project) - Constructor in DependencyCheckExtension
DependencyCheckPlugin - Class in org.owasp.dependencycheck.gradle
DependencyCheckPlugin() - Constructor in DependencyCheckPlugin
description - Property in AdditionalCpe: Description for the what the CPE represents.
determineDisplayName() - Method in AbstractAnalyze: Gets the projects display name.
directory - Property in DataExtension: The directory to store the H2 database that contains the cache of the NVD CVE data.
driver - Property in DataExtension: The database driver name (e.g. org.h2.Driver).
driverPath - Property in DataExtension: The path to the driver (JAR) in case it is not already in the classpath.

E

enabled - Property in ArtifactoryExtension: Sets whether the Artifactory Analyzer should be used.
enabled - Property in HostedSuppressionsExtension: Whether the hosted suppressions fie will be used.
enabled - Property in NodeAuditExtension: Sets whether the Node Audit Analyzer should be used.
enabled - Property in NodePackageExtension: Sets whether the Node Package Analyzer should be used.
enabled - Property in OssIndexExtension: Sets whether the OSS Index Analyzer should be used.
enabled - Property in RetireJSExtension: Sets whether the RetireJS Analyzer should be used.
enabled - Property in SlackExtension
endpoint - Property in NvdExtension: The NVD API endpoint URL; configuring this is uncommon.
experimentalEnabled - Property in AnalyzerExtension: Sets whether the experimental analyzers will be used.

F

failBuildOnCVSS - Property in DependencyCheckExtension: Specifies if the build should be failed if a CVSS score above a specified level is identified.
failOnError - Property in DependencyCheckExtension: Whether the plugin should fail when errors occur.
filterNonVulnerable - Property in RetireJSExtension: Whether the Retire JS analyzer should filter the non-vunerable JS from the report.
filters - Property in RetireJSExtension: The JS content filters (regular expressions) used to filter which JS files will be skipped if the content matches one of the filters.
forceupdate - Property in HostedSuppressionsExtension: Whether the hosted suppressions file should be updated regardless of the `autoupdate` setting.
forceupdate - Property in RetireJSExtension: Whether the Retire JS analyzer should be updated regardless of the `autoupdate` setting.
format - Property in DependencyCheckExtension: The report format to be generated (HTML, XML, CSV, JUNIT, SARIF, ALL).
formats - Property in DependencyCheckExtension: The list of formats to generate to report (HTML, XML, CSV, JUNIT, SARIF, ALL).

G

golangDepEnabled - Property in AnalyzerExtension: Sets whether the Golang Dependency analyzer is enabled.
golangModEnabled - Property in AnalyzerExtension: Sets whether Golang Module Analyzer is enabled; this requires `go` to be installed.

H

hasNotCompatibleWithConfigurationCacheOption() - Method in AbstractAnalyze: Check if the notCompatibleWithConfigurationCache method exists in the class.
hintsFile - Property in DependencyCheckExtension: The path to the hints file.
hostedSuppressions - Property in DependencyCheckExtension: The configuration extension that configures the hosted suppressions file.
HostedSuppressionsExtension - Class in org.owasp.dependencycheck.gradle.extension: The advanced configuration for the hosted suppressions file.
HostedSuppressionsExtension() - Constructor in HostedSuppressionsExtension

I

initializeConfigurations(org.gradle.api.Project) - Method in DependencyCheckPlugin
initializeSettings() - Method in ConfiguredTask: Initializes the settings object.
isTestConfiguration(org.gradle.api.artifacts.Configuration) - Method in AbstractAnalyze: Determines if the configuration should be considered a test configuration.
isTestConfigurationCheck(org.gradle.api.artifacts.Configuration) - Method in AbstractAnalyze: Checks whether a configuration is considered to be a test configuration in order to skip it.

J

jarEnabled - Property in AnalyzerExtension: Sets whether Jar Analyzer will be used.
junitFailOnCVSS - Property in DependencyCheckExtension: Specifies the CVSS score that should be considered a failure when generating a JUNIT formatted report.

K

knownExploitedEnabled - Property in AnalyzerExtension: Sets whether the Known Exploited Vulnerability update and Analyzer will be used.
knownExploitedURL - Property in AnalyzerExtension: URL to the CISA Known Exploited Vulnerabilities JSON data feed.
knownExploitedValidForHours - Property in AnalyzerExtension: Controls the skipping of the check for Known Exploited Vulnerabilities updates.

L

M

maxRetryCount - Property in NvdExtension: The maximum number of retry requests for a single call to the NVD API.
MINIMUM_GRADLE_VERSION - Property in DependencyCheckPlugin
msbuildEnabled - Property in AnalyzerExtension: Sets whether the MS Build Analyzer should be used.

N

name - Property in AdditionalCpe: Name assigned to the CPE entry during configuration.
nexusEnabled - Property in AnalyzerExtension: Sets whether Nexus Analyzer will be used.
nexusUrl - Property in AnalyzerExtension: Defines the Nexus Server's web service end point (example http://domain.enterprise/service/local/).
nexusUsesProxy - Property in AnalyzerExtension: whether the defined proxy should be used when connecting to Nexus.
nodeAudit - Property in AnalyzerExtension: The configuration extension for the node audit settings.
nodeAudit - Property in CacheExtension: Sets whether the Node Audit Analyzer's results should be cached locally.
nodeAuditEnabled - Property in AnalyzerExtension: Sets whether the NSP Analyzer should be used.
NodeAuditExtension - Class in org.owasp.dependencycheck.gradle.extension: The configuration for the Node Audit Analyzer.
NodeAuditExtension() - Constructor in NodeAuditExtension
nodeEnabled - Property in AnalyzerExtension: Sets whether the Node.js Analyzer should be used.
nodePackage - Property in AnalyzerExtension: The configuration extension for the node package settings.
NodePackageExtension - Class in org.owasp.dependencycheck.gradle.extension: The configuration for the Node Package Analyzer.
NodePackageExtension() - Constructor in NodePackageExtension
nonProxyHosts - Property in ProxyExtension
nugetconfEnabled - Property in AnalyzerExtension: Sets whether the Nuget packages.config Configuration Analyzer should be used.
nuspecEnabled - Property in AnalyzerExtension: Sets whether the .NET Nuget Nuspec Analyzer will be used.
nvd - Property in DependencyCheckExtension: The configuration extension that defines the location of the NVD CVE data.
NvdExtension - Class in org.owasp.dependencycheck.gradle.extension
NvdExtension() - Constructor in NvdExtension

O

opensslEnabled - Property in AnalyzerExtension: Sets whether the openssl Analyzer should be used.
ossIndex - Property in AnalyzerExtension: The configuration extension for artifactory settings.
ossIndex - Property in CacheExtension: Sets whether the OSS Index Analyzer's results should be cached locally.
ossIndexEnabled - Property in AnalyzerExtension: Sets whether the OSS Index Analyzer should be used.
OssIndexExtension - Class in org.owasp.dependencycheck.gradle.extension: The configuration for the OSS Index Analyzer.
OssIndexExtension() - Constructor in OssIndexExtension
outputDirectory - Property in DependencyCheckExtension: The directory where the reports will be written.

P

parallelAnalysis - Property in ArtifactoryExtension: Whether the Artifactory analyzer should be run in parallel or not.
password - Property in DataExtension: The password to use when connecting to the database.
password - Property in OssIndexExtension: The optional password or API token to connect to the OSS Index
password - Property in ProxyExtension
pathToBundleAudit - Property in AnalyzerExtension: The path to Ruby's bundle audit.
pathToDotnet - Property in AnalyzerExtension: The path to dotnet core - used to analyze dot net assemblies.
pathToGo - Property in AnalyzerExtension: The path to `go` - used to analyze go modules via `go mod`.
pnpmEnabled - Property in NodeAuditExtension: Sets whether the Pnpm Audit Analyzer should be used.
pnpmPath - Property in NodeAuditExtension: The path to `pnpm`.
port - Property in ProxyExtension
processBuildEnvironment(org.gradle.api.Project, org.owasp.dependencycheck.Engine) - Method in AbstractAnalyze: Process the incoming artifacts for the given project's configurations.
processConfigLegacy(org.gradle.api.artifacts.Configuration, org.owasp.dependencycheck.Engine) - Method in AbstractAnalyze: Process the incoming artifacts for the given project's configurations using APIs pre-gradle 4.0.
processConfigurations(org.gradle.api.Project, org.owasp.dependencycheck.Engine) - Method in AbstractAnalyze: Process the incoming artifacts for the given project's configurations.
processConfigV4(org.gradle.api.Project, org.gradle.api.artifacts.Configuration, org.owasp.dependencycheck.Engine, boolean) - Method in AbstractAnalyze: Process the incoming artifacts for the given project's configurations using APIs introduced in gradle 4.0+.
project - Property in AnalyzerExtension
project - Property in DependencyCheckExtension
PROPERTIES_FILE - Property in ConfiguredTask
proxy - Property in DependencyCheckExtension: The configuration extension for proxy settings.
ProxyExtension - Class in org.owasp.dependencycheck.gradle.extension: TODO - this should not be needed, instead rely on the configured HTTP or HTTPS proxies https://docs.gradle.org/current/userguide/build_environment.html
ProxyExtension() - Constructor in ProxyExtension
Purge - Class in org.owasp.dependencycheck.gradle.tasks: Purges the local cache of the NVD CVE data.
Purge() - Constructor in Purge: Initializes the purge task.
PURGE_TASK - Field in DependencyCheckPlugin
pyDistributionEnabled - Property in AnalyzerExtension: Sets whether the Python Distribution Analyzer will be used.
pyPackageEnabled - Property in AnalyzerExtension: Sets whether the Python Package Analyzer will be used.

Q

quickQueryTimestamp - Property in DependencyCheckExtension: Set to false if the proxy does not support HEAD requests.

R

REGISTER_TASK_GRADLE_VERSION - Property in DependencyCheckPlugin
registerTasks(org.gradle.api.Project) - Method in DependencyCheckPlugin
retirejs - Property in AnalyzerExtension: The configuration extension for retirejs settings.
RetireJSExtension - Class in org.owasp.dependencycheck.gradle.extension: The configuration for the RetireJS Analyzer.
RetireJSExtension() - Constructor in RetireJSExtension
retireJsUrl - Property in RetireJSExtension: The Retire JS Repository URL.
rubygemsEnabled - Property in AnalyzerExtension: Sets whether the Ruby Gemspec Analyzer will be used.

S

scanBuildEnv - Property in DependencyCheckExtension: Whether the buildEnv should be analyzed.
scanConfigurations - Property in DependencyCheckExtension: Names of the configurations to scan.
scanDependencies(org.owasp.dependencycheck.Engine) - Method in AbstractAnalyze: Loads the projects dependencies into the dependency-check analysis engine.
scanDependencies(org.owasp.dependencycheck.Engine) - Method in Aggregate: Loads the projects dependencies into the dependency-check analysis engine.
scanDependencies(org.owasp.dependencycheck.Engine) - Method in Analyze: Loads the projects dependencies into the dependency-check analysis engine.
scanDependencies - Property in DependencyCheckExtension: Whether the dependencies should be analyzed.
scanProjects - Property in DependencyCheckExtension: Paths of the projects to scan.
scanSet - Property in DependencyCheckExtension: A set of files or folders to scan.
send(java.lang.String, java.lang.String) - Method in SlackNotificationSenderService
sendSlackNotification(CheckForFailureResult) - Method in AbstractAnalyze
server - Property in ProxyExtension
setSuppressionFiles(Collection<String>) - Method in DependencyCheckExtension
settings - Property in ConfiguredTask
shouldBeScanned(org.gradle.api.artifacts.Configuration) - Method in AbstractAnalyze: Checks whether the given configuration should be scanned because either scanConfigurations is empty or it contains the configuration's name.
shouldBeSkipped(org.gradle.api.artifacts.result.ResolvedArtifactResult) - Method in AbstractAnalyze: Checks whether the given artifact should be skipped because skipGroups contains the artifact's group prefix.
shouldBeSkippedAsTest(org.gradle.api.artifacts.Configuration) - Method in AbstractAnalyze: Checks whether the given configuration should be skipped because it is a test configuration and skipTestGroups is true.
showSummary(org.owasp.dependencycheck.Engine) - Method in AbstractAnalyze: Displays a summary of the dependency-check results to the build console.
showSummary - Property in DependencyCheckExtension: Displays a summary of the findings.
skip - Property in DependencyCheckExtension: whether to skip the execution of dependency-check.
skipConfigurations - Property in DependencyCheckExtension: Names of the configurations to skip when scanning.
skipDevDependencies - Property in NodeAuditExtension: Sets whether the Node Audit Analyzer should skip devDependencies.
skipDevDependencies - Property in NodePackageExtension: Sets whether the Node Package Analyzer should skip devDependencies.
skipGroups - Property in DependencyCheckExtension: Group prefixes of the modules to skip when scanning.
skipProjects - Property in DependencyCheckExtension: Paths of the projects to skip when scanning.
skipTestGroups - Property in DependencyCheckExtension: When set to true configurations that are considered a test configuration will not be included in the analysis.
SLACK__WEBHOOK__ENABLED - Field in SlackNotificationSenderService
SLACK__WEBHOOK__URL - Field in SlackNotificationSenderService
slack - Property in DependencyCheckExtension: The configuration extension for proxy settings.
SlackExtension - Class in org.owasp.dependencycheck.gradle.extension: The configuration for the Node Audit Analyzer.
SlackExtension() - Constructor in SlackExtension
SlackNotificationSenderService - Class in org.owasp.dependencycheck.gradle.service
SlackNotificationSenderService(org.owasp.dependencycheck.utils.Settings) - Constructor in SlackNotificationSenderService
suppressionFile - Property in DependencyCheckExtension: The path to the suppression file.
suppressionFilePassword - Property in DependencyCheckExtension: The password for downloading the suppression file(s)
suppressionFiles - Property in DependencyCheckExtension: The list of paths to suppression files.
suppressionFileUser - Property in DependencyCheckExtension: The username for downloading the suppression file(s)
swiftEnabled - Property in AnalyzerExtension: Sets whether the swift package manager analyzer is enabled.
swiftPackageResolvedEnabled - Property in AnalyzerExtension: Sets whether the swift package resolved analyzer is enabled.

T

U

Update - Class in org.owasp.dependencycheck.gradle.tasks: Updates the local cache of the NVD CVE data.
UPDATE_TASK - Field in DependencyCheckPlugin
Update() - Constructor in Update: Initializes the update task.
url - Property in ArtifactoryExtension: The Artifactory server URL.
url - Property in HostedSuppressionsExtension: The URL for a mirrored hosted suppressions file.
url - Property in OssIndexExtension: The OSS Index URL.
useCache - Property in NodeAuditExtension: Sets whether the Node Audit Analyzer should cache results locally.
username - Property in ArtifactoryExtension: The user name (only used with API token) to connect to Artifactory instance.
username - Property in DataExtension: The user name to use when connecting to the database.
username - Property in OssIndexExtension: The optional username to connect to the OSS Index
username - Property in ProxyExtension
usesProxy - Property in ArtifactoryExtension: Whether Artifactory should be accessed through a proxy or not.

V

validForHours - Property in HostedSuppressionsExtension: The number of hours to wait before checking for changes in the hosted suppressions file.
validForHours - Property in NvdExtension: The number of hours to wait before checking for new updates from the NVD.
verifySettings() - Method in AbstractAnalyze: Verifies aspects of the configuration to ensure dependency-check can run correctly.

W

warnOnlyOnRemoteErrors - Property in OssIndexExtension: Only output a warning message instead of failing when remote errors occur.
webhookUrl - Property in SlackExtension

X

Y

yarnEnabled - Property in NodeAuditExtension: Sets whether the Yarn Audit Analyzer should be used.
yarnPath - Property in NodeAuditExtension: The path to `yarn`.

Z

zipExtensions - Property in AnalyzerExtension: A comma-separated list of additional file extensions to be treated like a ZIP file, the contents will be extracted and analyzed.