Publication & version output

[Chelseasweeney07]

Hello,

Is there a way with OWASP or OWASP azure pipeline task to output all packages publication dates and versions? Not just report out on the ones with vulnerabilities?

[jeremylong]

In the HTML report there is a button to show all of the dependencies scanned:

[Chelseasweeney07]

Is there any way to do this within the excel spreadsheet output? We are needing all open-source packages used in our applications with their published dates and versions. Thanks, Chelsea Sweeney IT Platform Administrator II, Application Development NORIDIAN HEALTHCARE SOLUTIONS LLC, FARGO 701-277-6624 ***@***.******@***.***> www.noridian.com<http://www.noridian.com/> | www.noridianmedicare.com<http://www.noridianmedicare.com/> [NAS email signature logo] Confidentiality Notice: This communication and any attachments are for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, distribution or copying is prohibited. If you are not the intended recipient(s), please contact the sender by replying to this e-mail and destroy/delete all copies of this e-mail message. From: Jeremy Long ***@***.***> Sent: Wednesday, November 13, 2024 6:51 AM To: jeremylong/DependencyCheck ***@***.***> Cc: Chelsea Sweeney ***@***.***>; Author ***@***.***> Subject: Re: [jeremylong/DependencyCheck] Publication & version output (Issue #7151) WARNING: This is an external email. Do not click links or open attachments unless you recognize the sender and know the content is safe. In the HTML report there is a button to show all of the dependencies scanned: image.png (view on web)<https://github.com/user-attachments/assets/04b94ceb-f4c9-4b08-8917-04c7c8721fcb> - Reply to this email directly, view it on GitHub<#7151 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/BJ4DTZJMOPZ3FWGT6MSL3WL2ANDLJAVCNFSM6AAAAABRSVQPBGVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDINZTGUZTCMJUGQ>. You are receiving this because you authored the thread.Message ID: ***@***.***>

[jeremylong]

The only way to do this with a CSV report would be to create a copy of the CVS velocity template from this repo - modify it to your requirements, and then just specify the path to the report template in your dependency-check configuration (e.g. instead of HTML you would just put the path to the custom report template).