...
Here is the command line I use on Windows to start the check (I used the OWASP Dependency Check command line option on Windows):
Warning | ||
---|---|---|
| ||
This is still a WIP, the .gradle\caches contains may contain jars unrelated to OFBiz. Notably Eclipse jars if you use the Gradle Eclipse task and more if you use Gradle for other reasons than OFBiz. I will see if we can't have the jars properly in OFBiz. It seems to me that Pierre Smits suggested something like that... |
dependency-check -project OFBiz -scan C:\Users\Jacques\.gradle\caches --suppression C:\projectsASF\ofbiz\tools\security\dependency-check\suppress.xml --out C:\projectsASF\ofbiz\tools\security\dependency-check\
...
Here is the previous report file for our last stable branches