mirror of
https://github.com/ysoftdevs/DependencyCheck.git
synced 2026-01-14 15:53:36 +01:00
updated documentation
Former-commit-id: 026a64cd80c9870830dd11a37dcdeae0c6274659
This commit is contained in:
Jeremy Long
@@ -22,28 +22,28 @@ The following table lists the configurable properties:
|
||||
|
||||
Property | Description | Requirement | Default Value
|
||||
----------------------|-------------|-------------|------------
|
||||
ApplicationName | The name of the application to use in the generated report. | Required |
|
||||
ReportFormat | The format of the report to be generated. Allowed values are: HTML, XML, VULN, or ALL. The default value is HTML.| Optional |
|
||||
ReportOutputDirectory | The directory where dependency-check will store data used for analysis. Defaults to the current working directory. | Optional |
|
||||
FailBuildOn | If set and a CVE is found that is greater then the specified value the build will fail. The default value is 11 which means that the build will not fail. Valid values are 0-11. | Optional |
|
||||
AutoUpdate | If set to false the NVD CVE data is not automatically updated. Setting this to false could result in false negatives. However, this may be required in some environments. The default value is true. | Optional |
|
||||
DataDirectory | The directory where dependency-check will store data used for analysis. Defaults to a folder called, called 'dependency-check-data', that is in the same directory as the dependency-check-ant jar file was installed in. *It is not recommended to change this.* | Optional |
|
||||
LogFile | The file path to write verbose logging information. | Optional |
|
||||
SuppressionFile | An XML file conforming to the suppression schema that suppresses findings; this is used to hide [false positives](../suppression.html). | Optional |
|
||||
ProxyUrl | Defines the proxy used to connect to the Internet. | Optional |
|
||||
ProxyPort | Defines the port for the proxy. | Optional |
|
||||
ProxyUsername | Defines the proxy user name. | Optional |
|
||||
ProxyPassword | Defines the proxy password. | Optional |
|
||||
ConnectionTimeout | The connection timeout used when downloading data files from the Internet. | Optional |
|
||||
nexusAnalyzerEnabled | The connection timeout used when downloading data files from the Internet. | Optional |
|
||||
nexusUrl | The connection timeout used when downloading data files from the Internet. | Optional |
|
||||
ApplicationName | The name of the application to use in the generated report. | Required |
|
||||
ReportFormat | The format of the report to be generated. Allowed values are: HTML, XML, VULN, or ALL. The default value is HTML.| Optional | HTML
|
||||
ReportOutputDirectory | The directory where dependency-check will store data used for analysis. Defaults to the current working directory. | Optional |
|
||||
FailBuildOn | If set and a CVE is found that is greater then the specified value the build will fail. The default value is 11 which means that the build will not fail. Valid values are 0-11. | Optional | 11
|
||||
AutoUpdate | If set to false the NVD CVE data is not automatically updated. Setting this to false could result in false negatives. However, this may be required in some environments. | Optional | true
|
||||
DataDirectory | The directory where dependency-check will store data used for analysis. Defaults to a folder called, called 'dependency-check-data', that is in the same directory as the dependency-check-ant jar file was installed in. *It is not recommended to change this.* | Optional |
|
||||
LogFile | The file path to write verbose logging information. | Optional |
|
||||
SuppressionFile | An XML file conforming to the suppression schema that suppresses findings; this is used to hide [false positives](../suppression.html). | Optional |
|
||||
ProxyUrl | Defines the proxy used to connect to the Internet. | Optional |
|
||||
ProxyPort | Defines the port for the proxy. | Optional |
|
||||
ProxyUsername | Defines the proxy user name. | Optional |
|
||||
ProxyPassword | Defines the proxy password. | Optional |
|
||||
ConnectionTimeout | The connection timeout used when downloading data files from the Internet. | Optional |
|
||||
nexusAnalyzerEnabled | The connection timeout used when downloading data files from the Internet. | Optional |
|
||||
nexusUrl | The connection timeout used when downloading data files from the Internet. | Optional |
|
||||
nexusUsesProxy | Whether or not the defined proxy should be used when connecting to Nexus. | Optional | true
|
||||
databaseDriverName | The name of the database driver. Example: org.h2.Driver. | Optional |
|
||||
databaseDriverPath | The path to the database driver JAR file; only used if the driver is not in the class path. | Optional |
|
||||
connectionString | The connection string used to connect to the database. | Optional |
|
||||
databaseDriverName | The name of the database driver. Example: org.h2.Driver. | Optional |
|
||||
databaseDriverPath | The path to the database driver JAR file; only used if the driver is not in the class path. | Optional |
|
||||
connectionString | The connection string used to connect to the database. | Optional |
|
||||
databaseUser | The username used when connecting to the database. | Optional | dcuser
|
||||
databasePassword | The password used when connecting to the database. | Optional |
|
||||
zipExtensions | A comma-separated list of additional file extensions to be treated like a ZIP file, the contents will be extracted and analyzed. | Optional
|
||||
databasePassword | The password used when connecting to the database. | Optional |
|
||||
zipExtensions | A comma-separated list of additional file extensions to be treated like a ZIP file, the contents will be extracted and analyzed. | Optional |
|
||||
cveUrl12Modified | URL for the modified CVE 1.2 | Optional | http://nvd.nist.gov/download/nvdcve-modified.xml
|
||||
cveUrl20Modified | URL for the modified CVE 2.0 | Optional | http://static.nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-modified.xml
|
||||
cveUrl12Base | Base URL for each year's CVE 1.2, the %d will be replaced with the year | Optional | http://nvd.nist.gov/download/nvdcve-%d.xml
|
||||
|
||||
@@ -3,30 +3,30 @@ Command Line Arguments
|
||||
|
||||
The following table lists the command line arguments:
|
||||
|
||||
Short | Argument Name | Parameter | Description | Requirement
|
||||
-------|-----------------------|-------------|-------------|------------
|
||||
\-a | \-\-app | \<name\> | The name of the application being scanned. This is a required argument. |
|
||||
\-c | \-\-connectiontimeout | \<timeout\> | The connection timeout (in milliseconds) to use when downloading resources. | Optional
|
||||
\-d | \-\-data | \<path\> | The location of the data directory used to store persistent data. This option should generally not be set. | Optional
|
||||
\-f | \-\-format | \<format\> | The output format to write to (XML, HTML, VULN, ALL). The default is HTML. |
|
||||
\-h | \-\-help | | Print the help message. | Optional
|
||||
\-l | \-\-log | \<file\> | The file path to write verbose logging information. | Optional
|
||||
\-n | \-\-noupdate | | Disables the automatic updating of the CPE data. | Optional
|
||||
\-o | \-\-out | \<folder\> | The folder to write reports to. This defaults to the current directory. | Optional
|
||||
\-p | \-\-proxyport | \<port\> | The proxy port to use when downloading resources. | Optional
|
||||
| \-\-proxypass | \<pass\> | The proxy password to use when downloading resources. | Optional
|
||||
| \-\-proxyuser | \<user\> | The proxy username to use when downloading resources. | Optional
|
||||
\-s | \-\-scan | \<path\> | The path to scan \- this option can be specified multiple times. |
|
||||
| \-\-suppression | \<file\> | The file path to the suppression XML file; used to suppress [false positives](../suppression.html). | Optional
|
||||
\-u | \-\-proxyurl | \<url\> | The proxy url to use when downloading resources. | Optional
|
||||
\-v | \-\-version | | Print the version information. | Optional
|
||||
| \-\-advancedHelp | | Print the advanced help message. | Optional
|
||||
| \-\-connectionString | \<connStr\> | The connection string to the database. | Optional
|
||||
| \-\-dbDriverName | \<driver\> | The database driver name. | Optional
|
||||
| \-\-dbDriverPath | \<path\> | The path to the database driver; note, this does not need to be set unless the JAR is outside of the class path. | Optional
|
||||
| \-\-dbPassword | \<password\>| The password for connecting to the database. | Optional
|
||||
| \-\-dbUser | \<user\> | The username used to connect to the database. | Optional
|
||||
| \-\-disableNexus | | Disable the Nexus Analyzer. | Optional
|
||||
| \-\-nexus | \<url\> | The url to the Nexus Server. | Optional
|
||||
| \-\-nexusUsesProxy | \<true|false\> | Whether or not the defined proxy should be used when connecting to Nexus. | Optional
|
||||
| \-\-zipExtensions | \<strings\> | A comma-separated list of additional file extensions to be treated like a ZIP file, the contents will be extracted and analyzed. | Optional
|
||||
Short | Argument Name | Parameter | Description | Requirement
|
||||
-------|-----------------------|-----------------|-------------|------------
|
||||
\-a | \-\-app | \<name\> | The name of the application being scanned. This is a required argument. | Required
|
||||
\-c | \-\-connectiontimeout | \<timeout\> | The connection timeout (in milliseconds) to use when downloading resources. | Optional
|
||||
\-d | \-\-data | \<path\> | The location of the data directory used to store persistent data. This option should generally not be set. | Optional
|
||||
\-f | \-\-format | \<format\> | The output format to write to (XML, HTML, VULN, ALL). The default is HTML. | Required
|
||||
\-h | \-\-help | | Print the help message. | Optional
|
||||
\-l | \-\-log | \<file\> | The file path to write verbose logging information. | Optional
|
||||
\-n | \-\-noupdate | | Disables the automatic updating of the CPE data. | Optional
|
||||
\-o | \-\-out | \<folder\> | The folder to write reports to. This defaults to the current directory. | Optional
|
||||
\-p | \-\-proxyport | \<port\> | The proxy port to use when downloading resources. | Optional
|
||||
| \-\-proxypass | \<pass\> | The proxy password to use when downloading resources. | Optional
|
||||
| \-\-proxyuser | \<user\> | The proxy username to use when downloading resources. | Optional
|
||||
\-s | \-\-scan | \<path\> | The path to scan \- this option can be specified multiple times. | Required
|
||||
| \-\-suppression | \<file\> | The file path to the suppression XML file; used to suppress [false positives](../suppression.html). | Optional
|
||||
\-u | \-\-proxyurl | \<url\> | The proxy url to use when downloading resources. | Optional
|
||||
\-v | \-\-version | | Print the version information. | Optional
|
||||
| \-\-advancedHelp | | Print the advanced help message. | Optional
|
||||
| \-\-connectionString | \<connStr\> | The connection string to the database. | Optional
|
||||
| \-\-dbDriverName | \<driver\> | The database driver name. | Optional
|
||||
| \-\-dbDriverPath | \<path\> | The path to the database driver; note, this does not need to be set unless the JAR is outside of the class path. | Optional
|
||||
| \-\-dbPassword | \<password\> | The password for connecting to the database. | Optional
|
||||
| \-\-dbUser | \<user\> | The username used to connect to the database. | Optional
|
||||
| \-\-disableNexus | | Disable the Nexus Analyzer. | Optional
|
||||
| \-\-nexus | \<url\> | The url to the Nexus Server. | Optional
|
||||
| \-\-nexusUsesProxy | \<true\|false\> | Whether or not the defined proxy should be used when connecting to Nexus. | Optional
|
||||
| \-\-zipExtensions | \<strings\> | A comma-separated list of additional file extensions to be treated like a ZIP file, the contents will be extracted and analyzed. | Optional
|
||||
Reference in New Issue
Block a user