dependency-track plugin

Giriş

Açıklaması şöyle

Dependency-Track is an open-source platform by OWASP that allows you to track and manage your software dependencies and their associated risks. Integrating Dependency-Track with your Maven build can provide a comprehensive view of your project’s vulnerabilities. 

Açıklaması şöyle

Now, whenever you build your project, the plugin will automatically upload your project’s dependencies and their metadata to your Dependency-Track instance. You can then monitor and manage the vulnerabilities in your project from the Dependency-Track dashboard.

Örnek

Şöyle yaparız

<plugin>
  <groupId>io.github.dependencytrack</groupId>
  <artifactId>dependency-track-maven-plugin</artifactId>
  <version>4.3.1</version>
  <configuration>
    <apiKey>${dependencyTrackApiKey}</apiKey>
    <url>${dependencyTrackUrl}</url>
    <project>${project.artifactId}</project>
    <version>${project.version}</version>
  </configuration>
</plugin>