Dependencies Check with Jenkins

Grégoire Willmann
Jul 15 · 2 min read

OWASP Dependency-Check Plugin was recently updated from version 4.x to version 5.x introducing breaking changes for our Jenkins pipelines.

After upgrading the plugin, create a new Dependency-Check installation in the Global tools configuration of your Jenkins instance:

new installation of Dependency-Check

We have a Jenkins job running every day which sole purpose is to update the NVD database.
As it was not a pipeline job we had to reconfigure it from the UI.

This job runs every day at 4 AM

Next we had to change all our pipeline script for checking and publishing results of dependencies checks:

  • Checking

Changed from

dependencyCheckAnalyzer datadir: ‘/home/jenkins/security/owasp-nvd/’, hintsFile: ‘’, includeCsvReports: false, includeHtmlReports: true, includeJsonReports: true, includeVulnReports: true, isAutoupdateDisabled: true, outdir: ‘build/owasp’, scanpath: ‘’, skipOnScmChange: false, skipOnUpstreamChange: false, suppressionFile: ‘’, zipExtensions: ‘’

to

sh(‘mkdir -p build/owasp’)
dependencycheck additionalArguments: '--project plastinforme --scan ./ --data /home/jenkins/security/owasp-nvd/ --out build/owasp/dependency-check-report.xml --format XML', odcInstallation: 'Dependency Checker'
  • publishing results

Changed from

dependencyCheckPublisher canComputeNew: false, defaultEncoding: '', healthy: '', pattern: 'build/owasp/dependency-check-report.xml', unHealthy: ''

to

dependencyCheckPublisher pattern: 'build/owasp/dependency-check-report.xml'

Grégoire Willmann

Written by

Head of infrastructure at Kinoba | Ruby On Rails expert 👾 | Developing innovative web platforms for our tribe (https://kinoba.fr)

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade