From 1083cdb743a15ceed52d28a8b5f5829b433b3f62 Mon Sep 17 00:00:00 2001 From: Jeremy Long Date: Sat, 11 Jan 2014 12:42:50 -0500 Subject: [PATCH] added new properties for database connections Former-commit-id: 9e96b0ce823cb40ac9c35d3e8aeeb7a23712bee5 --- .../main/resources/dependencycheck.properties | 32 +++++++++++++------ 1 file changed, 22 insertions(+), 10 deletions(-) diff --git a/dependency-check-core/src/main/resources/dependencycheck.properties b/dependency-check-core/src/main/resources/dependencycheck.properties index 0b17e7db5..5606f8d2b 100644 --- a/dependency-check-core/src/main/resources/dependencycheck.properties +++ b/dependency-check-core/src/main/resources/dependencycheck.properties @@ -6,8 +6,29 @@ max.download.threads=3 #temp.directory defaults to System.getProperty("java.io.tmpdir") #temp.directory=[path to temp directory] -# the path to the data directory +# the path to the data directory; the [JAR] signifies to use the relative path +# to the dependency-check-core JAR file. This path is only used to construct +# the connection string for the H2 driver (or other drivers that require a file path +# to be supplied. If you are using another database (MySQL, Oracle, etc.) this property +# will not be used. The data.directory will be resolved and if the connection string +# below contains a %s then the data.directory will replace the %s. data.directory=[JAR]/data +data.connection_string=jdbc:h2:file:%s;AUTO_SERVER=TRUE +#data.connection_string=jdbc:mysql://localhost:3306/dependencycheck +# user name and password for the database connection. The inherent case is to use H2. +# As such, this unsecure username/password exist. +data.user=dcuser +data.password=DC-Pass1337! +# The following are only used if the DB Driver is not JDBC4 compliant and/or the driver +# is not in the current classpath. Setting these properties will add the give path(s) to +# the class loader and then register the driver with the DriverManager. If the class is +# not in the path you must specify both the driver name (aka the fully qualified driver name) +# and the driver path. The driver path can be a semi-colon seperated list of files/directories +# to ensure any and all needed files can be added to the classpath to load the driver. +# For non-JDBC4 drivers in the classpath only the driver_name needs to be set. +# For MOST situations these properties likely do not need to be set. +data.driver_name= +data.driver_path= # the path to the cpe xml file cpe.url=http://static.nvd.nist.gov/feeds/xml/cpe/dictionary/official-cpe-dictionary_v2.2.xml.gz @@ -19,15 +40,6 @@ cpe.meta.url=http://static.nvd.nist.gov/feeds/xml/cpe/dictionary/official-cpe-di # holds 8 days of updates, we are using 7 just to be safe. cve.url.modified.validfordays=7 -# The location of the zipped CVE H2 database and CPE Lucene index. If specified and -# a full download of data is required this URL will be used and the data extracted -# into the specified "data" directory. Additionally, after pulling the data the -# system will attempt to update the modified. Thus, if one were maintaining an -# internal copy of the data one would not need to update it nightly. -# If the 'modified' URLs below for the CVE are removed and a batch url is provided -# then if an update is required, the entre zip file will be downloaded. -#batch.update.url=file:///C:/path/to/data.zip - # the path to the modified nvd cve xml file. cve.url-1.2.modified=http://nvd.nist.gov/download/nvdcve-modified.xml cve.url-2.0.modified=http://static.nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-modified.xml