Scan Your code for vulnerabilities

Modern applications need to follow security rules. Time when limited or zero attacks on applications are gone, now each developer need to protect own app.
One of the good way to establish good level of application is keeping dependencies up to date.
There is really good Gradle plug-in that help with that task – owsap dependency check.

To add it just include in project build.gradle file following snippet

 classpath "org.owasp:dependency-check-gradle:3.0.2"

in buildscript dependencies section
and
apply plugin: "org.owasp.dependencycheck" 

in applay plugin section of your file.

Next using command

gradle dependencyCheckAnalyze -info

You will get detailed information about project dependencies that have vulnerabilities.

Autor
Kategorie