Allows Jenkins to push source and build artifacts to SRM (formerly known as Code Dx) and display the aggregated results of its full suite of analysis tools.
- This plugin is maintained by Black Duck Software, Inc.
- Plugin version 3.0.0 and later support Pipelines projects as well as Freestyle
- Plugin version 4.0.0 includes fixes for CVE-2023-2195, CVE-2023-2631, CVE-2023-2633, CVE-2023-2632, CVE-2023-2196
- This is a breaking change - see changelog.md for more info and guidance
- Upload your source, binaries, and/or scan file(s) from your Jenkins jobs to your SRM installation easily
- Scan your source and binaries for potential vulnerabilities and quality issues using SRM
- SRM is an application vulnerability correlation and management system that supports C/C++, C#, Java/JSP, Javascript, PHP, Python, Ruby on Rails, Scala, and Visual Basic .NET
- See SRM finding trends right in Jenkins
- Prevent serious issues from slipping through the cracks by configuring Jenkins to fail your builds with customizable SRM findings criteria
Jenkins 2.200 or later, and an SRM installation deployment with an API Key created from the SRM admin page.
Consult the latest SRM online documentation for instructions on how to configure your build.