-
Notifications
You must be signed in to change notification settings - Fork 159
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add dependencies to build info #761
Comments
Hi @Niklas-6804, Mind giving us some more details about your use case? Could you let us know which tools you're using, describe the error you're encountering, and perhaps share a few screenshots? Appreciate it! |
Hi @yahavi, First of all, this is no bug, rather a question about how to include additional information in the build info. I am using gradle to deploy maven artifacts. An exemplary artifact is a zip consisting of cpp source files and dlls. One example for this is openssl, which is linked into a dll part of the zip but not included itself. [artifact] is a .zip and contains {.cpp, .h, .dll, ...} deploy [artifact] -----> "artifact is deployed to jfrog artifacory" I am quite new in this field so excuse my ignorance. |
Thanks for sharing your use case, @Niklas-6804. |
I am using the gradle artifactory plugin @yahavi. |
@yahavi do you have any idea how I could solve my issue? |
@Niklas-6804
Feel free to let me know if you need any further clarification or assistance! |
Thanks @yahavi, For steps 3-5, I set a build name and number explicitly to enforce a connection. Is there anything I am missing? tldr: After publishing, jfrog artifactory webui shows a new build with empty build info and an empty published modules slot. |
Any idea, how I can fix this last step @yahavi? |
I have a zipped artifact consisting of cpp source files without any cpp package manager, thus xray is not able to identify any libraries inside it.
However, I know precisely which libraries are linked into source code and their version.
Can i somehow include library and version infos in the build info? And instruct xray to compare given infos with an underlying cve database independent of files in the artifact?
The text was updated successfully, but these errors were encountered: