Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events

Forums

Articles
Create
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Way to access code insight report generated after bitbucket dependency scan

Sachin Kaushik
Sachin Kaushik January 8, 2025

Hi,

 

Is there a way to access code insight report generated after bitbucket dependency scan? I want to upload this insights report to artifact so that i can access in the next steps in the pipeline.

Answer
Watch
Like Be the first to like this
539 views

3 answers

0 votes
Oleksandr Kyrdan
Oleksandr Kyrdan
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 25, 2025

Hi @Sachin Kaushik 

Thank you for your feedback!

The new pipe's version with support reports generation even pipe is failed and level of cvss:

  - pipe: atlassian/bitbucket-dependency-scanner:0.7.0
    variables:
      NVD_API_KEY: $NVD_API_KEY
      EXTRA_ARGS:
        - "--failOnCVSS=7"


Best regards,
Oleksandr Kyrdan

Reply
0 votes
Sachin Kaushik
Sachin Kaushik January 9, 2025

Hi Patrik,

 

Sorry, I should have been more descriptive. I can access the scan report per se, like you mention. My question was actually directed towards the reports you see when you click a  pipeline run to view its details/logs (not sure what do we call these reports, I guess). Please refer to the image for more clarity.

Is there a way to have these exported/downloaded in some form so I can use them in later steps (like attaching these reports to a JIRA ticket)?

Reply
0 votes
Patrik S
Patrik S
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 9, 2025

Hello @Sachin Kaushik ,

Thanks for reaching out to the Community!

By default, the pipe atlassian/bitbucket-dependency-scanner will generate the report in the directory where the pipeline was at when the pipe was invoked.

The report will be named  dependency-check-report.json and you can export it as an artifact configuring your YAML similar to the below example 

script:
  - pipe: atlassian/bitbucket-dependency-scanner:0.3.0
artifacts:
  - dependency-check-report.json

Could you try that suggestion and let us know how it goes ?

Than you, @Sachin Kaushik !

Patrik S

View More Comments
Sachin Kaushik
Sachin Kaushik January 9, 2025

Hi Patrik,

 

Sorry, I should have been more descriptive. I can access the scan report per se, like you mention. My question was actually directed towards the reports you see when you click a  pipeline run to view its details/logs (not sure what do we call these reports, I guess). Please refer to the image for more clarity.

Is there a way to have these exported/downloaded in some form so I can use them in later steps (like attaching these reports to a JIRA ticket)?

PipelineReports.png

Like
Igor Stoyanov
Igor Stoyanov
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 10, 2025 edited

@Sachin Kaushik Hi. Check the file here: 


How to use artifacts
Screenshot 2025-01-10 at 14.41.43.png

Regards, Igor

Like
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
PREMIUM
TAGS
AUG Leaders

Atlassian Community Events

Community
Forums
FAQs Forums guidelines
Learning
About learning Resources
Events
Copyright © 2025 Atlassian
Privacy Policy Terms Security
Welcome illustration

Welcome to the new Atlassian Community

Online forums and learning are now in one easy-to-use experience.

By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.