Plugin Documentation
This report describes goals, parameters details, requirements and sample usage of this plugin.
Goals
Goals available for this plugin:
Goal | Report? | Description |
---|---|---|
dependency-check:aggregate | Yes | Maven Plugin that checks project dependencies and the dependencies of all child modules to see if they have any known published vulnerabilities. |
dependency-check:check | Yes | Maven Plugin that checks the project dependencies to see if they have any known published vulnerabilities. |
dependency-check:help | No | Display help information on dependency-check-maven.
Call mvn dependency-check:help -Ddetail=true -Dgoal=<goal-name> to display parameter details. |
dependency-check:purge | Yes | Maven Plugin that purges the local copy of the NVD data. |
dependency-check:update-only | Yes | Maven Plugin that updates the local cache of the NVD data from NIST. |
System Requirements
The following specifies the minimum requirements to run this Maven plugin:
Maven | 3.6.3 |
JDK | 11 |
System Requirements History
The following specifies the minimum requirements to run this Maven plugin for historical versions:
Plugin Version | Maven | JDK |
---|---|---|
from 11.0.0 to 11.1.1 | 3.6.3 | 11 |
from 5.1.0 to 10.0.4 | 3.1.0 | 8 |
from 4.0.0 to 5.0.0 | ${maven.api.version>} | 8 |
from 3.3.0 to 3.3.4 | ${maven.api.version>} | 7 |
from 2.0.0 to 3.2.1 | 3.0 | 7 |
from 1.4.4 to 1.4.5 | 3.1 | 6 |
from 1.2.9 to 1.4.3 | - | 6 |
from 1.0.0 to 1.2.8 | 3.0 | 6 |
Usage
You should specify the version in your project's plugin configuration:
<project>
...
<build>
<!-- To define the plugin version in your parent POM -->
<pluginManagement>
<plugins>
<plugin>
<groupId>org.owasp</groupId>
<artifactId>dependency-check-maven</artifactId>
<version>11.1.1</version>
</plugin>
...
</plugins>
</pluginManagement>
<!-- To use the plugin goals in your POM or parent POM -->
<plugins>
<plugin>
<groupId>org.owasp</groupId>
<artifactId>dependency-check-maven</artifactId>
</plugin>
...
</plugins>
</build>
...
<!-- To use the report goals in your POM or parent POM -->
<reporting>
<plugins>
<plugin>
<groupId>org.owasp</groupId>
<artifactId>dependency-check-maven</artifactId>
<version>11.1.1</version>
</plugin>
...
</plugins>
</reporting>
...
</project>
For more information, see "Guide to Configuring Plug-ins"