DEV Community

loading...
Cover image for [Video] Security scanning within Gradle
Snyk

[Video] Security scanning within Gradle

brianverm profile image Brian Vermeer 🧑🏼‍🎓🧑🏼‍💻 ・1 min read

Check out the Snyk Gradle plugin.

Scan your thirds party open source dependencies for security vulnerabilities direct from Gradle using the new Snyk Gradle plugin.

For more information check out:

GitHub logo snyk / gradle-plugin

Snyk Gradle Plugin - Scanning and monitoring your dependencies for security vulnerabilities from Gradle

Snyk logo

Snyk plugin for Gradle

Application CI

Snyk helps you find, fix and monitor for known vulnerabilities in your dependencies, both on an ad hoc basis and as part of your CI (Build) system.

The Snyk Gradle plugin tests and monitors your Gradle dependencies.

ℹ️ This product is not an official Snyk supported product. It is an open-source community driven project that is initialised and partially maintained by Snyk engineers

Using the Snyk Plugin for Gradle

The latest version of the plugin is released at the Gradle Plugins Portal Import the plugin using the plugin DSL

Groovy:

plugins {
  id "io.snyk.gradle.plugin.snykplugin" version "0.4"
}
Enter fullscreen mode Exit fullscreen mode

Kotlin

plugins {
  id("io.snyk.gradle.plugin.snykplugin") version "0.4"
}
Enter fullscreen mode Exit fullscreen mode

Setting:

Groovy:

snyk {
    arguments = '--all-sub-projects'
    severity = 'low'
    api = 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx'
    autoDownload = true
    autoUpdate = true
}
Enter fullscreen mode Exit fullscreen mode

all fields are optional

  • arguments…

Snyk plugging on the Gradle plugin portal

Discussion (0)

pic
Editor guide