Fork me on GitHub

Tasks

Task Description
dependencyCheckAnalyze Runs dependency-check against the project and generates a report.
dependencyCheckUpdate Updates the local cache of the NVD data from NIST.
dependencyCheckPurge Deletes the local copy of the NVD. This is used to force a refresh of the data.

Configuration

buildscript {
    repositories {
        mavenCentral()
    }
    dependencies {
        classpath 'org.owasp:dependency-check-gradle:${project.version}'
    }
}
apply plugin: 'org.owasp.dependencycheck'
$ gradle dependencyCheckPurge
Property Description Default Value
failOnError Fails the build if an error occurs during the dependency-check analysis. true

Example

dependencyCheck {
    failOnError=true
}

Advanced Configuration

The following properties can be configured in the dependencyCheckPurge task. However, they are less frequently changed.

Config Group Property Description Default Value
data directory Sets the data directory to hold SQL CVEs contents. This should generally not be changed.  

Example

dependencyCheck {
    data {
        directory='d:/nvd'
    }
}