You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We are running the dependency checker as maven plugin in a ci/cd-runner without internet access. The runner has however access to a local service which is able to mirror the suppression-url. The service requires authentication in order to access the url.
It seems when specifying the hostedSuppressionsUrl setting, the plugin is trying to access the local service, but it seems the suppressionFileUser and suppressionFilePassword is not used when accessing hostedSuppressionsUrl?
It it possible to specify username and password/access-token in any way for the hostedSuppressionsUrl, or is it something that would be considered useful in an upcominge update?
The text was updated successfully, but these errors were encountered:
If this is accepted, then maybe if it is not too much more work, the same could be configured for the knownExploitedUrl also? We currently have this disabled for the same reason, that username and password/access-token cannot be specified.
Hi!
We are running the dependency checker as maven plugin in a ci/cd-runner without internet access. The runner has however access to a local service which is able to mirror the suppression-url. The service requires authentication in order to access the url.
It seems when specifying the hostedSuppressionsUrl setting, the plugin is trying to access the local service, but it seems the suppressionFileUser and suppressionFilePassword is not used when accessing hostedSuppressionsUrl?
It it possible to specify username and password/access-token in any way for the hostedSuppressionsUrl, or is it something that would be considered useful in an upcominge update?
The text was updated successfully, but these errors were encountered: