search

jeremylong / DependencyCheck

OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
https://owasp.org/www-project-dependency-check/
Apache License 2.0
6.34k stars 1.27k forks source link

HTML Report Filesize #5977

Open creasoft-dag opened 1 year ago

creasoft-dag commented 1 year ago

Hello,

ist it possible to filter all the "non-vulnerable" dependencies from the HTML report? The dependency check report of my node project has 0 vulnerabilities and 107 MB. A lot of "notvulnerable" tr elements.

<tr class="notvulnerable">
   <td data-sort-value="@ANT-DESIGN-ICONS-NPM-4.8.1-827069ACB9-ABD3603EA9.ZIP: AIMOUTLINED.JS">
      <a href="#l14_6bdce89c8080ad77ecee989e8949e4eeec04a8ea">@ant-design-icons-npm-4.8.1-827069acb9-abd3603ea9.zip: AimOutlined.js</a>
   </td>
   <td data-sort-value=""></td>
   <td data-sort-value=""></td>
   <td data-sort-value="-10">&nbsp;</td>
   <td>0</td><td data-sort-value="0"></td>
   <td>0</td>
</tr>

Can't find a parameter for the dependency check cli tool to filter these.

Thanks in advance

jeremylong commented 12 months ago

You might try --retirejsFilterNonVulnerable.