9 Mayıs 2023 Salı

dependency-track plugin

Giriş
Açıklaması şöyle
Dependency-Track is an open-source platform by OWASP that allows you to track and manage your software dependencies and their associated risks. Integrating Dependency-Track with your Maven build can provide a comprehensive view of your project’s vulnerabilities. 
Açıklaması şöyle
Now, whenever you build your project, the plugin will automatically upload your project’s dependencies and their metadata to your Dependency-Track instance. You can then monitor and manage the vulnerabilities in your project from the Dependency-Track dashboard.
Örnek
Şöyle yaparız
<plugin>
  <groupId>io.github.dependencytrack</groupId>
  <artifactId>dependency-track-maven-plugin</artifactId>
  <version>4.3.1</version>
  <configuration>
    <apiKey>${dependencyTrackApiKey}</apiKey>
    <url>${dependencyTrackUrl}</url>
    <project>${project.artifactId}</project>
    <version>${project.version}</version>
  </configuration>
</plugin>
zaman:

Hiç yorum yok:

Yorum Gönder

Kaydol: Kayıt Yorumları (Atom)

Local Snapshot Kullanmak

Örnek Şöyle yaparız <repository> <id>snapshot-repository</id> <name>Maven2 Snapshot Repository</name> &l...