-
We've integrated dependency check into our pipeline. In one of the steps, we're using the following command:
```
run: |
gradle dependencyCheckAggregate \
-PdependencyCheck.nvd.apiKey=${{ i…
-
### Description
I am using the `NVD_API_TOKEN` environment variable to provide nvd-clojure with my NVD API key, and it does not work. Using the Clojure Tools method, I should have either expected t…
-
i pull the cache data (json) :
ls **~/java/target/docs**:
......
nvdcve-1.1-2024.json.gz
.....
staff 376K 10 24 16:01 nvdcve-1.1-recent.json.gz
staff 162B 10 24 16:01 nv…
-
### Current Behavior
This issue is a parent of [dependency-track#3294](https://github.com/DependencyTrack/dependency-track/issues/3294)
Since Dependency Track use NVD Rest API (with the APIKEY p…
sebD updated
8 months ago
-
We have a gradle project and currently use ` id 'org.owasp.dependencycheck' version '10.0.4'` in a spring project.
Dependency check has been giving this error in our pipeline for the past two days wi…
-
### Current Behavior
Previously I used the NVD mirroring feature to speed up dependency-check using parameters `-DcveUrlModified=https://my.dependency-track.host/mirror/nvd/nvdcve-1.1-modified.json.g…
-
I've been tracking why none of the security scanners detect my honeypot npm project with a dependency on `jsonpath-plus@10.0.0`. I think I tracked it down to the source data but I'm not sure if the so…
-
**Cannot reproduce** -- Monitor the build times to see if this happens again (local and CI).**
**Related to epic #565.**
While rerunning a failed PR build, I spotted this in the output for the Earthl…
-
As title suggests, how to run with Docker and also supply an API key? I use the script on the readme.txt for linux and can run scans fine but adding --nvdApiKey in the script does not work
-
run with docker like this:
docker run --name vulnz -itd -e NVD_API_KEY=00b50b29-xxxx -v nvd-cache:/usr/local/apache2/htdocs jeremylong/open-vulnerability-data-mirror:v7.0.0
show logs:
docke…