Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

specify maven settings.xml for cli #7260

Closed
beradrian opened this issue Dec 18, 2024 · 2 comments
Closed

specify maven settings.xml for cli #7260

beradrian opened this issue Dec 18, 2024 · 2 comments
Labels
question

Comments

@beradrian
Copy link

If I run the tool from CLI to check a pom.xml file, how can I specify the location of settings.xml file (~/.m2/settings.xml)? I have two different private maven repositories specified in there to get the dependencies and transient dependencies, which are currently not scanned.
@aikebah
Copy link
Collaborator

aikebah commented Dec 18, 2024
edited
Loading

You can't, the CLI knows nothing about a maven settings.xml or a pom.xml's dependencies. From a pom.xml it only harvests some evidences about the project itself, not about dependencies, as trying to do that would require us to rebuild all of Maven in the CLI.

To check a pom.xml you would use the maven plugin:
mvn org.owasp:dependency-check-maven:11.1.0:check -f path/to/pom.xml

@beradrian
Copy link
Author

I thought so, but I wanted to confirm. Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@aikebah @beradrian