{"id":2080,"date":"2024-05-25T19:15:03","date_gmt":"2024-05-25T11:15:03","guid":{"rendered":"http:\/\/oneai.eu.org\/?p=2080"},"modified":"2024-05-25T19:15:03","modified_gmt":"2024-05-25T11:15:03","slug":"dependency-check-for-sonarqube%e4%bd%bf%e7%94%a8%e8%af%b4%e6%98%8e","status":"publish","type":"post","link":"https:\/\/oneai.eu.org\/?p=2080","title":{"rendered":"Dependency-Check for SonarQube\u4f7f\u7528\u8bf4\u660e"},"content":{"rendered":"
\n
\n


SonarQube 10.2 \u6216\u66f4\u9ad8\u7248\u672c\u7684\u4f9d\u8d56\u5173\u7cfb\u68c0\u67e5\u63d2\u4ef6<\/font><\/font><\/font><\/h1>\n

<\/path><\/svg><\/a><\/div>\n

\"Build<\/a>
\n\"Codacy<\/a>
\n\"Download\"<\/a>
\n\"Downloads\"<\/a>
\n\"Quality<\/a>
\n\"Coverage\"<\/a>
\n\"Security<\/a><\/p>\n


\u5c06 Dependency-Check \u62a5\u544a\u96c6\u6210\u5230 SonarQube v10.2 \u6216\u66f4\u9ad8\u7248\u672c\u4e2d\u3002<\/font><\/font><\/font><\/p>\n


\u8be5\u9879\u76ee\u5c06\u5c1d\u8bd5\u5c06\u6240\u6709\u4ee3\u7801\u4ece master \u5206\u652f\u5411\u540e\u79fb\u690d\u5230\u6700\u540e\u652f\u6301\u7684 LTS\u3002\u8bf7\u53c2\u9605 SonarQube 6.x \u6216 SonarQube 7.x \u5206\u652f\uff0c\u4e86\u89e3\u53d7\u652f\u6301\u7684\u65e7\u7248\u672c\u3002<\/font><\/font><\/font><\/p>\n

\n

 <\/font>\u5173\u4e8e\u4f9d\u8d56\u9879\u68c0\u67e5<\/font><\/font><\/font><\/h2>\n

<\/path><\/svg><\/a><\/div>\n


Dependency-Check \u662f\u4e00\u4e2a\u5b9e\u7528\u7a0b\u5e8f\uff0c\u7528\u4e8e\u5c1d\u8bd5\u68c0\u6d4b\u9879\u76ee\u4f9d\u8d56\u9879\u4e2d\u5305\u542b\u7684\u516c\u5f00\u62ab\u9732\u7684\u6f0f\u6d1e\u3002\u5b83\u901a\u8fc7\u786e\u5b9a\u7ed9\u5b9a\u4f9d\u8d56\u9879\u662f\u5426\u5b58\u5728\u901a\u7528\u5e73\u53f0\u679a\u4e3e \uff08CPE\uff09 \u6807\u8bc6\u7b26\u6765\u5b9e\u73b0\u6b64\u76ee\u7684\u3002<\/font><\/font><\/font>

\u5982\u679c\u627e\u5230\uff0c\u5b83\u5c06\u751f\u6210\u94fe\u63a5\u5230\u5173\u8054 CVE \u6761\u76ee\u7684\u62a5\u544a\u3002<\/font><\/font><\/font><\/p>\n


Dependency-Check \u652f\u6301\u8bc6\u522b\u591a\u79cd\u4e0d\u540c\u8bed\u8a00\uff08\u5305\u62ec Java\u3001.NET\u3001Node.js\u3001Ruby \u548c Python\uff09\u7684\u9879\u76ee\u4f9d\u8d56\u9879\u3002<\/font><\/font><\/font><\/p>\n

\n

 <\/font>\u6ce8\u610f<\/font><\/font><\/font><\/h2>\n

<\/path><\/svg><\/a><\/div>\n


\u6b64 SonarQube \u63d2\u4ef6\u4e0d\u6267\u884c\u5206\u6790\uff0c\u800c\u662f\u8bfb\u53d6\u73b0\u6709\u7684\u4f9d\u8d56\u5173\u7cfb\u68c0\u67e5\u62a5\u544a\u3002\u4f7f\u7528\u5176\u4ed6\u53ef\u7528\u65b9\u6cd5\u4e4b\u4e00\u626b\u63cf\u9879\u76ee\u4f9d\u8d56\u9879\u5e76\u751f\u6210\u5fc5\u8981\u7684 JSON \u62a5\u544a\uff0c\u7136\u540e\u6b64\u63d2\u4ef6\u53ef\u4ee5\u4f7f\u7528\u8be5\u62a5\u544a\u3002\u6709\u5173\u76f8\u5173\u6587\u6863\uff0c\u8bf7\u53c2\u9605 Dependency-Check \u9879\u76ee\u3002<\/font><\/font><\/font><\/p>\n

\n

 <\/font>\u6307\u6807<\/font><\/font><\/font><\/h2>\n

<\/path><\/svg><\/a><\/div>\n


\u8be5\u63d2\u4ef6\u4f1a\u8ddf\u8e2a\u8bb8\u591a\u7edf\u8ba1\u6570\u636e\uff0c\u5305\u62ec\uff1a<\/font><\/font><\/font><\/p>\n