Grégoire Willmann
Oct 15 · 1 min read

Hi Matt,

You’re absolutely right!

You should remove the `--noupdate` from the dependencyChecker scan and point to the correct directory where your local copy of the NVD is stored with the --data argument.

dependencycheck additionalArguments: ‘ — project plastinforme — scan ./ — data /home/jenkins/security/owasp-nvd/ — out build/owasp/dependency-check-report.xml — format XML’, odcInstallation: ‘Dependency Checker’

I have updated my post.

    Grégoire Willmann

    Written by

    Head of infrastructure at Kinoba | Ruby On Rails expert 👾 | Developing innovative web platforms for our tribe (https://kinoba.fr)