Forums

Articles
Create
cancel
Showing results for 
Search instead for 
Did you mean: 

Way to access code insight report generated after bitbucket dependency scan

Sachin Kaushik January 8, 2025

Hi,

 

Is there a way to access code insight report generated after bitbucket dependency scan? I want to upload this insights report to artifact so that i can access in the next steps in the pipeline.

3 answers

0 votes
Oleksandr Kyrdan
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 25, 2025

Hi @Sachin Kaushik 

Thank you for your feedback!

The new pipe's version with support reports generation even pipe is failed and level of cvss:

  - pipe: atlassian/bitbucket-dependency-scanner:0.7.0
    variables:
      NVD_API_KEY: $NVD_API_KEY
      EXTRA_ARGS:
        - "--failOnCVSS=7"


Best regards,
Oleksandr Kyrdan

0 votes
Sachin Kaushik January 9, 2025

Hi Patrik,

 

Sorry, I should have been more descriptive. I can access the scan report per se, like you mention. My question was actually directed towards the reports you see when you click a  pipeline run to view its details/logs (not sure what do we call these reports, I guess). Please refer to the image for more clarity.

Is there a way to have these exported/downloaded in some form so I can use them in later steps (like attaching these reports to a JIRA ticket)?

0 votes
Patrik S
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 9, 2025

Hello @Sachin Kaushik ,

Thanks for reaching out to the Community!

By default, the pipe atlassian/bitbucket-dependency-scanner will generate the report in the directory where the pipeline was at when the pipe was invoked.

The report will be named  dependency-check-report.json and you can export it as an artifact configuring your YAML similar to the below example 

script:
  - pipe: atlassian/bitbucket-dependency-scanner:0.3.0
artifacts:
  - dependency-check-report.json

Could you try that suggestion and let us know how it goes ?

Than you, @Sachin Kaushik !

Patrik S

Sachin Kaushik January 9, 2025

Hi Patrik,

 

Sorry, I should have been more descriptive. I can access the scan report per se, like you mention. My question was actually directed towards the reports you see when you click a  pipeline run to view its details/logs (not sure what do we call these reports, I guess). Please refer to the image for more clarity.

Is there a way to have these exported/downloaded in some form so I can use them in later steps (like attaching these reports to a JIRA ticket)?

PipelineReports.png

Igor Stoyanov
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 10, 2025 edited

@Sachin Kaushik Hi. Check the file here: 


How to use artifacts
Screenshot 2025-01-10 at 14.41.43.png

Regards, Igor

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
PREMIUM
TAGS
loom essentials certification, loom training, get certified in loom, atlassian certification, loom async video, video messaging skills, atlassian learning, loom for teams, online certification, loom badge, loom for business, atlassian education

Get Certified in Loom! 🧑‍🎓

Time to up your Loom game! The new Loom Essentials Certification is here! Show off your skills, learn pro tips, and get officially recognized. Perfect for taking your video messaging to the next level.

Learn more
AUG Leaders

Atlassian Community Events