Remove OWASP from pom file and use it in command line

125 Views Asked by Julie At 11 April 2025 at 00:27

I have a requirement to run Owasp Dependency check in dev infra alone, not on UAT and PROD. Our M2 repo is hosted in a airgap infra.

Currently we have a OWASP plugin configured part of Pom file which works fine, but i need to remove from pom file and use it along with Maven command line.

is it supported? if not any other workaround please?

Original Q&A

There are 1 best solutions below

Pino On 06 September 2023 at 09:02

Yes, any plugin can be run from the command line. See What is the syntax to run a maven plugin from the command line.

In your case the syntax is:

mvn org.owasp:dependency-check-maven:8.4.0:check

If you need to specify some cfg param, for example a suppression file, you can add a -D option:

-DsuppressionFiles=http://myhost/owasp/suppression.xml

The parameter names are the ones described in the official documentation.

Remove OWASP from pom file and use it in command line

There are 1 best solutions below

Related Questions in DEVOPS

Related Questions in OWASP-DEPENDENCY-CHECK

Trending Questions

Popular # Hahtags

Popular Questions