From 3df6f88f2f2694635345271fca7f72d0baa212f1 Mon Sep 17 00:00:00 2001 From: Philipp Dallig Date: Thu, 4 Feb 2021 12:47:26 +0100 Subject: [PATCH] Readme improvements --- README.md | 26 ++++++++++++++------------ 1 file changed, 14 insertions(+), 12 deletions(-) diff --git a/README.md b/README.md index 9eba90ba..838ba36e 100755 --- a/README.md +++ b/README.md @@ -1,12 +1,13 @@ +# Dependency-Check Plugin for SonarQube 7.x and 8.x + ![Build Status](https://github.com/dependency-check/dependency-check-sonar-plugin/workflows/build/badge.svg?branch=master) [![Codacy Badge](https://api.codacy.com/project/badge/Grade/e9cebd3112ec4252804bba68a5b44071)](https://www.codacy.com/manual/dependency-check/dependency-check-sonar-plugin?utm_source=github.com&utm_medium=referral&utm_content=dependency-check/dependency-check-sonar-plugin&utm_campaign=Badge_Grade) [![Download](https://img.shields.io/github/v/release/dependency-check/dependency-check-sonar-plugin)](https://github.com/dependency-check/dependency-check-sonar-plugin/releases/latest) +![Downloads](https://img.shields.io/github/downloads/dependency-check/dependency-check-sonar-plugin/total) [![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=dependency-check_dependency-check-sonar-plugin&metric=alert_status)](https://sonarcloud.io/dashboard?id=dependency-check_dependency-check-sonar-plugin) [![Coverage](https://sonarcloud.io/api/project_badges/measure?project=dependency-check_dependency-check-sonar-plugin&metric=coverage)](https://sonarcloud.io/dashboard?id=dependency-check_dependency-check-sonar-plugin) [![Security Rating](https://sonarcloud.io/api/project_badges/measure?project=dependency-check_dependency-check-sonar-plugin&metric=security_rating)](https://sonarcloud.io/dashboard?id=dependency-check_dependency-check-sonar-plugin) -# Dependency-Check Plugin for SonarQube 7.x and 8.x - Integrates [Dependency-Check][] reports into SonarQube v7.9 or higher. The project will try to backport all code from master branch to last supported LTS. Please see the [SonarQube 6.x][] or [SonarQube 5.x][] branch for old supported version. @@ -25,10 +26,10 @@ Dependency-Check supports the identification of project dependencies in a number The plugin keeps track of a number of statistics including: -- Total number of dependencies scanned -- Total number of vulnerabilities found across all dependencies -- Total number of vulnerable components -- Total number of critical, high, medium, and low severity vulnerabilities +- Total number of dependencies scanned +- Total number of vulnerabilities found across all dependencies +- Total number of vulnerable components +- Total number of critical, high, medium, and low severity vulnerabilities Additionally, the following two metrics are defined: @@ -124,12 +125,13 @@ sonar.dependencyCheck.securityHotspot=false (default) ## Ecosystem Dependency-Check is available as a: -- Command-line utility -- Ant Task -- Gradle Plugin -- Jenkins Plugin -- Maven Plugin -- SonarQube Plugin + +- Command-line utility +- Ant Task +- Gradle Plugin +- Jenkins Plugin +- Maven Plugin +- SonarQube Plugin ## Copyright & License