Skip to main content
Skip table of contents

Getting Started

Include Dependency Check for Bamboo does not require any specific configuration or any additional build tasks.

Once the app is installed you will be able to use out of the box the following features:

  • Dependency Check results in your Bamboo build summary (includes ability to create pre-filled Jira issues for follow-up)

  • Bamboo report with count of unique vulnerabilities in your Bamboo plans


Include Dependency Check for Bamboo relies on OWASP Dependency Checks configured by the users within their Bamboo builds.

To use the app, you need existing OWASP Dependency Checks in your Bamboo builds.

To setup Dependency Check in your build plans, check the official Dependency Check documentation where you can find instructions for various build systems like Maven, Gradle, SBT etc.

For example, if using Maven you would add the following to your pom.xml file:

    <version>USE LATEST VERSION</version>

Once you set this up, you should see “dependency-check-report.html” files in your build results directory. The default report format is HTML and it should not be changed.

The app will pick up the report/s and link them to your build plans.

Requisite to create pre-filled Jira issues

In order to enable the feature to create Jira issues pre-filled with the dependency check context in your build summary, you need to:

  • add Jira issue keys to your commit messages and

  • integrate Bamboo with a Jira DC or Cloud application

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.