github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-17 17:21:53 +01:00
Code Issues Packages Projects Releases Wiki Activity

site documentation 1.2.11

Browse Source
This commit is contained in:
Jeremy Long
2015-05-12 08:00:49 -04:00
parent 1359cc70b6
commit 1040418d65
1576 changed files with 332294 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

282
data/database.html Normal file
View File

@@ -0,0 +1,282 @@
<!DOCTYPE html>
<!--
| Generated by Apache Maven Doxia at 2015-05-11
| Rendered using Apache Maven Fluido Skin 1.3.1
-->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta name="Date-Revision-yyyymmdd" content="20150511" />
<meta http-equiv="Content-Language" content="en" />
<title>dependency-check - Using a Database Server</title>
<link rel="stylesheet" href="../css/apache-maven-fluido-1.3.1.min.css" />
<link rel="stylesheet" href="../css/site.css" />
<link rel="stylesheet" href="../css/print.css" media="print" />
<script type="text/javascript" src="../js/apache-maven-fluido-1.3.1.min.js"></script>
<style type="text/css">#bannerLeft { margin-top:-20px;margin-bottom:5px !important }</style>
</head>
<body class="topBarDisabled">
<a href="http://github.com/jeremylong/DependencyCheck">
<img style="position: absolute; top: 0; right: 0; border: 0; z-index: 10000;"
src="https://s3.amazonaws.com/github/ribbons/forkme_right_gray_6d6d6d.png"
alt="Fork me on GitHub">
</a>
<div class="container-fluid">
<div id="banner">
<div class="pull-left">
<div id="bannerLeft">
<img src="../images/dc.svg" alt="OWASP dependency-check"/>
</div>
</div>
<div class="pull-right"> </div>
<div class="clear"><hr/></div>
</div>
<div id="breadcrumbs">
<ul class="breadcrumb">
<li class="">
<a href="../#" title="">
</a>
<span class="divider">/</span>
</li>
<li class="active ">Using a Database Server</li>
<li id="publishDate" class="pull-right"><span class="divider">|</span> Last Published: 2015-05-11</li>
<li id="projectVersion" class="pull-right">
Version: 1.2.11
</li>
</ul>
</div>
<div class="row-fluid">
<div id="leftColumn" class="span3">
<div class="well sidebar-nav">
<ul class="nav nav-list">
<li class="nav-header">OWASP dependency-check</li>
<li>
<a href="../index.html" title="General">
<i class="icon-chevron-down"></i>
General</a>
<ul class="nav nav-list">
<li>
<a href="../general/internals.html" title="How it Works">
<i class="none"></i>
How it Works</a>
</li>
<li>
<a href="../general/thereport.html" title="Reading the Report">
<i class="none"></i>
Reading the Report</a>
</li>
<li>
<a href="../general/suppression.html" title="False Positives">
<i class="none"></i>
False Positives</a>
</li>
<li>
<a href="../data/index.html" title="Internet Access Required">
<i class="icon-chevron-down"></i>
Internet Access Required</a>
<ul class="nav nav-list">
<li>
<a href="../data/proxy.html" title="Proxy">
<i class="none"></i>
Proxy</a>
</li>
<li>
<a href="../data/mirrornvd.html" title="Mirroring NVD">
<i class="none"></i>
Mirroring NVD</a>
</li>
<li class="active">
<a href="#"><i class="none"></i>Central DB</a>
</li>
</ul>
</li>
<li>
<a href="../related.html" title="Related Work">
<i class="none"></i>
Related Work</a>
</li>
<li>
<a href="../general/dependency-check.pptx" title="Project Presentation (pptx)">
<i class="none"></i>
Project Presentation (pptx)</a>
</li>
<li>
<a href="../general/dependency-check.pdf" title="Project Presentation (pdf)">
<i class="none"></i>
Project Presentation (pdf)</a>
</li>
<li>
<a href="../general/SampleReport.html" title="Sample Report">
<i class="none"></i>
Sample Report</a>
</li>
</ul>
</li>
<li>
<a href="../analyzers/index.html" title="File Type Analyzers">
<i class="icon-chevron-right"></i>
File Type Analyzers</a>
</li>
<li>
<a href="../modules.html" title="Modules">
<i class="icon-chevron-right"></i>
Modules</a>
</li>
<li class="nav-header">Project Documentation</li>
<li>
<a href="../project-info.html" title="Project Information">
<i class="icon-chevron-right"></i>
Project Information</a>
</li>
</ul>
<hr />
<div id="poweredBy">
<script type="text/javascript" src="https://apis.google.com/js/plusone.js"></script>
<div class="g-plusone" data-href="https://github.com/jeremylong/DependencyCheck.git" data-size="tall" ></div>
<div class="clear"></div>
<div class="clear"></div>
<div id="twitter">
<a href="https://twitter.com/ctxt" class="twitter-follow-button" data-show-count="true" data-align="left" data-size="medium" data-show-screen-name="true" data-lang="en">Follow ctxt</a>
<script type="text/javascript">!function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0];if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src="//platform.twitter.com/widgets.js";fjs.parentNode.insertBefore(js,fjs);}}(document,"script","twitter-wjs");</script>
</div>
<div class="clear"></div>
<div class="clear"></div>
<a href="http://maven.apache.org/" title="Maven" class="builtBy">
<img class="builtBy" alt="built with maven" src="http://jeremylong.github.io/DependencyCheck/images/logos/maven-feather.png" />
</a>
<a href="http://www.jetbrains.com/idea/" title="IntelliJ" class="builtBy">
<img class="builtBy" alt="developed using" src="http://jeremylong.github.io/DependencyCheck/images/logos/logo_intellij_idea.png" width="170px" />
</a>
<a href="http://www.cloudbees.com/" title="Cloudbees" class="builtBy">
<img class="builtBy" alt="built on cloudbees" src="http://jeremylong.github.io/DependencyCheck/images/logos/Button-Built-on-CB-1.png" />
</a>
</div>
</div>
</div>
<div id="bodyColumn" class="span9" >
<h1>Using a Database Server</h1>
<p><font color="red"><b>WARNING: This discusses an advanced setup and you may run into issues.</b></font></p>
<p>Out of the box dependency-check uses a local H2 database. The location of the database file is configured using the data directory configuration option (see <a class="externalLink" href="https://jeremylong.github.io/DependencyCheck/dependency-check-cli/arguments.html">CLI</a>).</p>
<p>Some organizations may want to use a more robust centralized database. Currently, <a class="externalLink" href="http://www.h2database.com/html/tutorial.html#using_server">H2 in server mode</a> and <a class="externalLink" href="https://www.mysql.com/">MySQL</a> have been tested. In general, the setup is done by creating a central database, setting up a single instance of dependency-check, which can connect to the Internet, that is run in update-only mode once a day. Then the other dependency-check clients can connect, using a read-only connection, to perform the analysis. Please note that if the clients are unable to access the Internet the analysis may result in a few false negatives; see the note about Central <a href="./index.html">here</a>.</p>
<p>To setup a centralized database the following generalized steps can be used:</p>
<ol style="list-style-type: decimal">
<li>Create the database and tables using either <a class="externalLink" href="https://github.com/jeremylong/DependencyCheck/blob/master/dependency-check-core/src/main/resources/data/initialize.sql">initialize.sql</a>
or <a class="externalLink" href="https://github.com/jeremylong/DependencyCheck/blob/master/dependency-check-core/src/main/resources/data/initialize_mysql.sql">initialize_mysql.sql</a>.</li>
<li>The account that the clients will connect using must have select granted on the tables.
<ul>
<li>Note, if the clients performing the scans should run with the noupdate setting. A single
instance of the dependency-check client should be setup with update enabled and the account
used during the update process will need to be granted update rights on the tables.
</li></ul>
</li>
<li>Dependency-check clients running scans will need to be configured to use the central database:
<ul>
<li>The database driver will need to be specified using the dbDriver and if the driver is not
already in the classpath the dbDriverPath options will need to be set (see the specific configuration
options for Maven, Ant, CLI, and Jenkins).</li>
<li>The connection string, database user name, and the database user's password will also need to be configured.</li>
</ul>
</li></ol>
<p>Depending on the database being used, you may need to customize the <a class="externalLink" href="https://github.com/jeremylong/DependencyCheck/blob/master/dependency-check-core/src/main/resources/data/dbStatements.properties">dbStatements.properties</a>.</p>
<p>As always, feel free to open an <a class="externalLink" href="https://github.com/jeremylong/DependencyCheck/issues">issue</a> or post a question to the <a class="externalLink" href="https://groups.google.com/forum/#!forum/dependency-check">dependency-check google group</a>.</p>
</div>
</div>
</div>
<hr/>
<footer>
<div class="container-fluid">
<div class="row-fluid">
<p >Copyright &copy; 2012&#x2013;2015
<a href="http://www.owasp.org">OWASP</a>.
All rights reserved.
</p>
</div>
</div>
</footer>
</body>
</html>

270
data/index.html Normal file
View File

@@ -0,0 +1,270 @@
<!DOCTYPE html>
<!--
| Generated by Apache Maven Doxia at 2015-05-11
| Rendered using Apache Maven Fluido Skin 1.3.1
-->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta name="Date-Revision-yyyymmdd" content="20150511" />
<meta http-equiv="Content-Language" content="en" />
<title>dependency-check - Internet Access Required</title>
<link rel="stylesheet" href="../css/apache-maven-fluido-1.3.1.min.css" />
<link rel="stylesheet" href="../css/site.css" />
<link rel="stylesheet" href="../css/print.css" media="print" />
<script type="text/javascript" src="../js/apache-maven-fluido-1.3.1.min.js"></script>
<style type="text/css">#bannerLeft { margin-top:-20px;margin-bottom:5px !important }</style>
</head>
<body class="topBarDisabled">
<a href="http://github.com/jeremylong/DependencyCheck">
<img style="position: absolute; top: 0; right: 0; border: 0; z-index: 10000;"
src="https://s3.amazonaws.com/github/ribbons/forkme_right_gray_6d6d6d.png"
alt="Fork me on GitHub">
</a>
<div class="container-fluid">
<div id="banner">
<div class="pull-left">
<div id="bannerLeft">
<img src="../images/dc.svg" alt="OWASP dependency-check"/>
</div>
</div>
<div class="pull-right"> </div>
<div class="clear"><hr/></div>
</div>
<div id="breadcrumbs">
<ul class="breadcrumb">
<li class="">
<a href="../#" title="">
</a>
<span class="divider">/</span>
</li>
<li class="active ">Internet Access Required</li>
<li id="publishDate" class="pull-right"><span class="divider">|</span> Last Published: 2015-05-11</li>
<li id="projectVersion" class="pull-right">
Version: 1.2.11
</li>
</ul>
</div>
<div class="row-fluid">
<div id="leftColumn" class="span3">
<div class="well sidebar-nav">
<ul class="nav nav-list">
<li class="nav-header">OWASP dependency-check</li>
<li>
<a href="../index.html" title="General">
<i class="icon-chevron-down"></i>
General</a>
<ul class="nav nav-list">
<li>
<a href="../general/internals.html" title="How it Works">
<i class="none"></i>
How it Works</a>
</li>
<li>
<a href="../general/thereport.html" title="Reading the Report">
<i class="none"></i>
Reading the Report</a>
</li>
<li>
<a href="../general/suppression.html" title="False Positives">
<i class="none"></i>
False Positives</a>
</li>
<li class="active">
<a href="#"><i class="icon-chevron-down"></i>Internet Access Required</a>
<ul class="nav nav-list">
<li>
<a href="../data/proxy.html" title="Proxy">
<i class="none"></i>
Proxy</a>
</li>
<li>
<a href="../data/mirrornvd.html" title="Mirroring NVD">
<i class="none"></i>
Mirroring NVD</a>
</li>
<li>
<a href="../data/database.html" title="Central DB">
<i class="none"></i>
Central DB</a>
</li>
</ul>
</li>
<li>
<a href="../related.html" title="Related Work">
<i class="none"></i>
Related Work</a>
</li>
<li>
<a href="../general/dependency-check.pptx" title="Project Presentation (pptx)">
<i class="none"></i>
Project Presentation (pptx)</a>
</li>
<li>
<a href="../general/dependency-check.pdf" title="Project Presentation (pdf)">
<i class="none"></i>
Project Presentation (pdf)</a>
</li>
<li>
<a href="../general/SampleReport.html" title="Sample Report">
<i class="none"></i>
Sample Report</a>
</li>
</ul>
</li>
<li>
<a href="../analyzers/index.html" title="File Type Analyzers">
<i class="icon-chevron-right"></i>
File Type Analyzers</a>
</li>
<li>
<a href="../modules.html" title="Modules">
<i class="icon-chevron-right"></i>
Modules</a>
</li>
<li class="nav-header">Project Documentation</li>
<li>
<a href="../project-info.html" title="Project Information">
<i class="icon-chevron-right"></i>
Project Information</a>
</li>
</ul>
<hr />
<div id="poweredBy">
<script type="text/javascript" src="https://apis.google.com/js/plusone.js"></script>
<div class="g-plusone" data-href="https://github.com/jeremylong/DependencyCheck.git" data-size="tall" ></div>
<div class="clear"></div>
<div class="clear"></div>
<div id="twitter">
<a href="https://twitter.com/ctxt" class="twitter-follow-button" data-show-count="true" data-align="left" data-size="medium" data-show-screen-name="true" data-lang="en">Follow ctxt</a>
<script type="text/javascript">!function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0];if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src="//platform.twitter.com/widgets.js";fjs.parentNode.insertBefore(js,fjs);}}(document,"script","twitter-wjs");</script>
</div>
<div class="clear"></div>
<div class="clear"></div>
<a href="http://maven.apache.org/" title="Maven" class="builtBy">
<img class="builtBy" alt="built with maven" src="http://jeremylong.github.io/DependencyCheck/images/logos/maven-feather.png" />
</a>
<a href="http://www.jetbrains.com/idea/" title="IntelliJ" class="builtBy">
<img class="builtBy" alt="developed using" src="http://jeremylong.github.io/DependencyCheck/images/logos/logo_intellij_idea.png" width="170px" />
</a>
<a href="http://www.cloudbees.com/" title="Cloudbees" class="builtBy">
<img class="builtBy" alt="built on cloudbees" src="http://jeremylong.github.io/DependencyCheck/images/logos/Button-Built-on-CB-1.png" />
</a>
</div>
</div>
</div>
<div id="bodyColumn" class="span9" >
<h1>Internet Access Required</h1>
<p>There are two reasons dependency-check needs access to the Internet. Below you will find a discussion of each problem and possibly resolutions if you are facing organizational constraints.</p>
<div class="section">
<h2>Local NVD Database<a name="Local_NVD_Database"></a></h2>
<p>OWASP dependency-check maintains a local copy of the NVD data hosted by NIST. By default, a local <a class="externalLink" href="http://www.h2database.com/html/main.html">H2 database</a> instance is used. As each instance maintains its own copy of the NVD the machine will need access to nvd.nist.gov in order to download the NVD data feeds. While the initial download of the NVD data feed is large, if after the initial download the tool is run at least once every seven days only two small XML files containing the recent modifications will need to be downloaded.</p>
<p>If your build servers are using dependency-check and are unable to access the Internet you have a few options:</p>
<ol style="list-style-type: decimal">
<li>Configure the <a href="proxy.md">proxy settings</a> so that the build server can access the Internet</li>
<li><a href="./mirrornvd.md">Mirror the NVD</a> locally within your organization</li>
<li>Use a more robust <a href="./database.md">centralized database</a> with a single update node</li>
</ol></div>
<div class="section">
<h2>Downloading Additional Information<a name="Downloading_Additional_Information"></a></h2>
<p>If the machine that is running dependency-check cannot reach the <a class="externalLink" href="http://search.maven.org">Central Repository</a> the analysis may result in false negatives. This is because some POM files, that are not contained within the JAR file itself, contain evidence that is used to accurately identify a library. If Central cannot be reached, it is highly recommended to setup a Nexus server within your organization and to configure dependency-check to use the local Nexus server. <b>Note</b>, even with a Nexus server setup I have seen dependency-check be re-directed to other repositories on the Internet to download the actual POM file.</p></div>
</div>
</div>
</div>
<hr/>
<footer>
<div class="container-fluid">
<div class="row-fluid">
<p >Copyright &copy; 2012&#x2013;2015
<a href="http://www.owasp.org">OWASP</a>.
All rights reserved.
</p>
</div>
</div>
</footer>
</body>
</html>

282
data/mirrornvd.html Normal file
View File

@@ -0,0 +1,282 @@
<!DOCTYPE html>
<!--
| Generated by Apache Maven Doxia at 2015-05-11
| Rendered using Apache Maven Fluido Skin 1.3.1
-->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta name="Date-Revision-yyyymmdd" content="20150511" />
<meta http-equiv="Content-Language" content="en" />
<title>dependency-check - Mirroring the NVD from NIST</title>
<link rel="stylesheet" href="../css/apache-maven-fluido-1.3.1.min.css" />
<link rel="stylesheet" href="../css/site.css" />
<link rel="stylesheet" href="../css/print.css" media="print" />
<script type="text/javascript" src="../js/apache-maven-fluido-1.3.1.min.js"></script>
<style type="text/css">#bannerLeft { margin-top:-20px;margin-bottom:5px !important }</style>
</head>
<body class="topBarDisabled">
<a href="http://github.com/jeremylong/DependencyCheck">
<img style="position: absolute; top: 0; right: 0; border: 0; z-index: 10000;"
src="https://s3.amazonaws.com/github/ribbons/forkme_right_gray_6d6d6d.png"
alt="Fork me on GitHub">
</a>
<div class="container-fluid">
<div id="banner">
<div class="pull-left">
<div id="bannerLeft">
<img src="../images/dc.svg" alt="OWASP dependency-check"/>
</div>
</div>
<div class="pull-right"> </div>
<div class="clear"><hr/></div>
</div>
<div id="breadcrumbs">
<ul class="breadcrumb">
<li class="">
<a href="../#" title="">
</a>
<span class="divider">/</span>
</li>
<li class="active ">Mirroring the NVD from NIST</li>
<li id="publishDate" class="pull-right"><span class="divider">|</span> Last Published: 2015-05-11</li>
<li id="projectVersion" class="pull-right">
Version: 1.2.11
</li>
</ul>
</div>
<div class="row-fluid">
<div id="leftColumn" class="span3">
<div class="well sidebar-nav">
<ul class="nav nav-list">
<li class="nav-header">OWASP dependency-check</li>
<li>
<a href="../index.html" title="General">
<i class="icon-chevron-down"></i>
General</a>
<ul class="nav nav-list">
<li>
<a href="../general/internals.html" title="How it Works">
<i class="none"></i>
How it Works</a>
</li>
<li>
<a href="../general/thereport.html" title="Reading the Report">
<i class="none"></i>
Reading the Report</a>
</li>
<li>
<a href="../general/suppression.html" title="False Positives">
<i class="none"></i>
False Positives</a>
</li>
<li>
<a href="../data/index.html" title="Internet Access Required">
<i class="icon-chevron-down"></i>
Internet Access Required</a>
<ul class="nav nav-list">
<li>
<a href="../data/proxy.html" title="Proxy">
<i class="none"></i>
Proxy</a>
</li>
<li class="active">
<a href="#"><i class="none"></i>Mirroring NVD</a>
</li>
<li>
<a href="../data/database.html" title="Central DB">
<i class="none"></i>
Central DB</a>
</li>
</ul>
</li>
<li>
<a href="../related.html" title="Related Work">
<i class="none"></i>
Related Work</a>
</li>
<li>
<a href="../general/dependency-check.pptx" title="Project Presentation (pptx)">
<i class="none"></i>
Project Presentation (pptx)</a>
</li>
<li>
<a href="../general/dependency-check.pdf" title="Project Presentation (pdf)">
<i class="none"></i>
Project Presentation (pdf)</a>
</li>
<li>
<a href="../general/SampleReport.html" title="Sample Report">
<i class="none"></i>
Sample Report</a>
</li>
</ul>
</li>
<li>
<a href="../analyzers/index.html" title="File Type Analyzers">
<i class="icon-chevron-right"></i>
File Type Analyzers</a>
</li>
<li>
<a href="../modules.html" title="Modules">
<i class="icon-chevron-right"></i>
Modules</a>
</li>
<li class="nav-header">Project Documentation</li>
<li>
<a href="../project-info.html" title="Project Information">
<i class="icon-chevron-right"></i>
Project Information</a>
</li>
</ul>
<hr />
<div id="poweredBy">
<script type="text/javascript" src="https://apis.google.com/js/plusone.js"></script>
<div class="g-plusone" data-href="https://github.com/jeremylong/DependencyCheck.git" data-size="tall" ></div>
<div class="clear"></div>
<div class="clear"></div>
<div id="twitter">
<a href="https://twitter.com/ctxt" class="twitter-follow-button" data-show-count="true" data-align="left" data-size="medium" data-show-screen-name="true" data-lang="en">Follow ctxt</a>
<script type="text/javascript">!function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0];if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src="//platform.twitter.com/widgets.js";fjs.parentNode.insertBefore(js,fjs);}}(document,"script","twitter-wjs");</script>
</div>
<div class="clear"></div>
<div class="clear"></div>
<a href="http://maven.apache.org/" title="Maven" class="builtBy">
<img class="builtBy" alt="built with maven" src="http://jeremylong.github.io/DependencyCheck/images/logos/maven-feather.png" />
</a>
<a href="http://www.jetbrains.com/idea/" title="IntelliJ" class="builtBy">
<img class="builtBy" alt="developed using" src="http://jeremylong.github.io/DependencyCheck/images/logos/logo_intellij_idea.png" width="170px" />
</a>
<a href="http://www.cloudbees.com/" title="Cloudbees" class="builtBy">
<img class="builtBy" alt="built on cloudbees" src="http://jeremylong.github.io/DependencyCheck/images/logos/Button-Built-on-CB-1.png" />
</a>
</div>
</div>
</div>
<div id="bodyColumn" class="span9" >
<h1>Mirroring the NVD from NIST</h1>
<p>Several organizations have opted to mirror the NVD on an internal server and have the dependency-check clients simply pull the updates from the mirror. This setup is fairly simple:</p>
<ol style="list-style-type: decimal">
<li>Setup a nightly job to pull down the latest NVD files files from NIST
<ul>
<li>Note, all of the NVD files must be downloaded: both 1.2 and 2.0 schema for 2002 on.</li>
<li>See the <a class="externalLink" href="https://github.com/stevespringett/nist-data-mirror/">Nist-Data-Mirror</a> project on github.</li>
</ul>
</li>
<li>Configure the dependency-check clients to use the internal CVE urls. Note, all four URLs
must be specified (see the configuration for the specific dependency-check client used):
<ul>
<li>cveUrl12Modified</li>
<li>cveUrl20Modified</li>
<li>cveUrl12Base</li>
<li>cveUrl20Base</li>
</ul>
</li>
</ol>
</div>
</div>
</div>
<hr/>
<footer>
<div class="container-fluid">
<div class="row-fluid">
<p >Copyright &copy; 2012&#x2013;2015
<a href="http://www.owasp.org">OWASP</a>.
All rights reserved.
</p>
</div>
</div>
</footer>
</body>
</html>

264
data/proxy.html Normal file
View File

@@ -0,0 +1,264 @@
<!DOCTYPE html>
<!--
| Generated by Apache Maven Doxia at 2015-05-11
| Rendered using Apache Maven Fluido Skin 1.3.1
-->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta name="Date-Revision-yyyymmdd" content="20150511" />
<meta http-equiv="Content-Language" content="en" />
<title>dependency-check - Proxy Configuration</title>
<link rel="stylesheet" href="../css/apache-maven-fluido-1.3.1.min.css" />
<link rel="stylesheet" href="../css/site.css" />
<link rel="stylesheet" href="../css/print.css" media="print" />
<script type="text/javascript" src="../js/apache-maven-fluido-1.3.1.min.js"></script>
<style type="text/css">#bannerLeft { margin-top:-20px;margin-bottom:5px !important }</style>
</head>
<body class="topBarDisabled">
<a href="http://github.com/jeremylong/DependencyCheck">
<img style="position: absolute; top: 0; right: 0; border: 0; z-index: 10000;"
src="https://s3.amazonaws.com/github/ribbons/forkme_right_gray_6d6d6d.png"
alt="Fork me on GitHub">
</a>
<div class="container-fluid">
<div id="banner">
<div class="pull-left">
<div id="bannerLeft">
<img src="../images/dc.svg" alt="OWASP dependency-check"/>
</div>
</div>
<div class="pull-right"> </div>
<div class="clear"><hr/></div>
</div>
<div id="breadcrumbs">
<ul class="breadcrumb">
<li class="">
<a href="../#" title="">
</a>
<span class="divider">/</span>
</li>
<li class="active ">Proxy Configuration</li>
<li id="publishDate" class="pull-right"><span class="divider">|</span> Last Published: 2015-05-11</li>
<li id="projectVersion" class="pull-right">
Version: 1.2.11
</li>
</ul>
</div>
<div class="row-fluid">
<div id="leftColumn" class="span3">
<div class="well sidebar-nav">
<ul class="nav nav-list">
<li class="nav-header">OWASP dependency-check</li>
<li>
<a href="../index.html" title="General">
<i class="icon-chevron-down"></i>
General</a>
<ul class="nav nav-list">
<li>
<a href="../general/internals.html" title="How it Works">
<i class="none"></i>
How it Works</a>
</li>
<li>
<a href="../general/thereport.html" title="Reading the Report">
<i class="none"></i>
Reading the Report</a>
</li>
<li>
<a href="../general/suppression.html" title="False Positives">
<i class="none"></i>
False Positives</a>
</li>
<li>
<a href="../data/index.html" title="Internet Access Required">
<i class="icon-chevron-down"></i>
Internet Access Required</a>
<ul class="nav nav-list">
<li class="active">
<a href="#"><i class="none"></i>Proxy</a>
</li>
<li>
<a href="../data/mirrornvd.html" title="Mirroring NVD">
<i class="none"></i>
Mirroring NVD</a>
</li>
<li>
<a href="../data/database.html" title="Central DB">
<i class="none"></i>
Central DB</a>
</li>
</ul>
</li>
<li>
<a href="../related.html" title="Related Work">
<i class="none"></i>
Related Work</a>
</li>
<li>
<a href="../general/dependency-check.pptx" title="Project Presentation (pptx)">
<i class="none"></i>
Project Presentation (pptx)</a>
</li>
<li>
<a href="../general/dependency-check.pdf" title="Project Presentation (pdf)">
<i class="none"></i>
Project Presentation (pdf)</a>
</li>
<li>
<a href="../general/SampleReport.html" title="Sample Report">
<i class="none"></i>
Sample Report</a>
</li>
</ul>
</li>
<li>
<a href="../analyzers/index.html" title="File Type Analyzers">
<i class="icon-chevron-right"></i>
File Type Analyzers</a>
</li>
<li>
<a href="../modules.html" title="Modules">
<i class="icon-chevron-right"></i>
Modules</a>
</li>
<li class="nav-header">Project Documentation</li>
<li>
<a href="../project-info.html" title="Project Information">
<i class="icon-chevron-right"></i>
Project Information</a>
</li>
</ul>
<hr />
<div id="poweredBy">
<script type="text/javascript" src="https://apis.google.com/js/plusone.js"></script>
<div class="g-plusone" data-href="https://github.com/jeremylong/DependencyCheck.git" data-size="tall" ></div>
<div class="clear"></div>
<div class="clear"></div>
<div id="twitter">
<a href="https://twitter.com/ctxt" class="twitter-follow-button" data-show-count="true" data-align="left" data-size="medium" data-show-screen-name="true" data-lang="en">Follow ctxt</a>
<script type="text/javascript">!function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0];if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src="//platform.twitter.com/widgets.js";fjs.parentNode.insertBefore(js,fjs);}}(document,"script","twitter-wjs");</script>
</div>
<div class="clear"></div>
<div class="clear"></div>
<a href="http://maven.apache.org/" title="Maven" class="builtBy">
<img class="builtBy" alt="built with maven" src="http://jeremylong.github.io/DependencyCheck/images/logos/maven-feather.png" />
</a>
<a href="http://www.jetbrains.com/idea/" title="IntelliJ" class="builtBy">
<img class="builtBy" alt="developed using" src="http://jeremylong.github.io/DependencyCheck/images/logos/logo_intellij_idea.png" width="170px" />
</a>
<a href="http://www.cloudbees.com/" title="Cloudbees" class="builtBy">
<img class="builtBy" alt="built on cloudbees" src="http://jeremylong.github.io/DependencyCheck/images/logos/Button-Built-on-CB-1.png" />
</a>
</div>
</div>
</div>
<div id="bodyColumn" class="span9" >
<h1>Proxy Configuration</h1>
<p>All of the dependency-check clients (CLI, Maven, Ant, Jenkins) can be configured to use a proxy to connect to the Internet. See the configuration settings for each:</p>
<ul>
<li><a class="externalLink" href="https://jeremylong.github.io/DependencyCheck/dependency-check-ant/configuration.html">Ant Task</a></li>
<li><a class="externalLink" href="https://jeremylong.github.io/DependencyCheck/dependency-check-cli/arguments.html">Command Line</a></li>
<li><a class="externalLink" href="https://jeremylong.github.io/DependencyCheck/dependency-check-maven/configuration.html">Maven Plugin</a></li>
</ul>
<p>Note, it may also be possible to use the core <a class="externalLink" href="https://docs.oracle.com/javase/8/docs/technotes/guides/net/proxies.html">Java proxy</a> system properties instead of the configuration above.</p>
</div>
</div>
</div>
<hr/>
<footer>
<div class="container-fluid">
<div class="row-fluid">
<p >Copyright &copy; 2012&#x2013;2015
<a href="http://www.owasp.org">OWASP</a>.
All rights reserved.
</p>
</div>
</div>
</footer>
</body>
</html>