Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

bitbucket-dependency-scanner: Can you generate a code insights report when the scan fails

Rik Overvelde
Rik Overvelde January 30, 2025

Hello,

I'm configuring the bitbucket-dependency-scanner in a pipeline. I'd like the pipeline to fail when a dependency with a CVSS score of 7 or higher is found. 

Normally, the dependency scanner generates annotations for a code insight report after finishing the scan. However, if I add the EXTRA_ARGS: --failOnCVSS=7 option (according to the examples) the scanner fails before the annotations are generated.

I'd like to have the report available as well if the step fails. Is this possible?

Answer
Watch
Like Be the first to like this
146 views

1 answer

0 votes
Igor Stoyanov
Igor Stoyanov
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 31, 2025

Hi @Rik Overvelde . Thanks for your suggestion.

We will investigate this and notify you when new pipe version will become available.

Regards, Igor

View More Comments
Rik Overvelde
Rik Overvelde January 31, 2025

Thanks for the answer! For now it's not a major issue but it would be a nice improvement.

Like Igor Stoyanov likes this
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
PREMIUM
TAGS
AUG Leaders

Atlassian Community Events

    See all events