Jenkins : Black Duck Vulnerability Installer Plugin

Were you looking for the Hub Jenkins Plugin? Check out :

Deprecated: This plugin has been removed from the Jenkins Update Center

This will not work with update-sites-manager 2.0.0. It will cause an error during the Jenkins startup, and the server will not work until you either remove the blackduck-installer plugin or downgrade the update-sites-manager plugin to 1.0.1

Archived versions of this plugin remain available for download.
This plugin is no longer supported and should not be used.

Plugin Information

No information for the plugin 'blackduck-installer' is available. It may have been removed from distribution.

Allows users to add the Black Duck Update Site and install the Black Duck Vulnerability Plugin

Table of Contents


As a Jenkins user, this plugin enables you to:

  • Add the Black Duck Update Site to list of Jenkins Update Sites
  • Install the Black Duck Vulnerability Plugin that provides a report highlighting known vulnerabilities reported against the open source software found in the build


  • Jenkins LTS 1.580.3 or higher
  • Ensure the Jenkins Update Sites Manager plugin is installed


  1. Install the plugin and restart the Jenkins instance

Upon Jenkins restart, the plugin should :

  • Adds the Black Duck Update site to the list of Update Sites in Jenkins
  • Adds the Black Duck CA certificate file to the directory ${JENKINS_HOME}/update-center-rootCAs/
  • Install Black Duck Vulnerability Plugin and its dependencies

Trouble Shooting

  • If you try to use Java 6 instead of Java 7, instead of getting the normal "Unsupported major:minor version error" it sometimes throws a false "java.lang.OutOfMemoryError: Java heap space" instead.
  • If you get a message that says "Not Found (404) - Not Found",  check that you are not behind a firewall. If you are then try using a Proxy. 
  • For any issues please post on!forum/bdosvr|!forum/bdosvr