From 305db5f8b160c6467cf7dbea6177ce50536a987a Mon Sep 17 00:00:00 2001 From: Jeremy Long Date: Mon, 3 Jul 2017 08:04:54 -0400 Subject: [PATCH] updated documentation per issue #782 --- .../configuration-purge.md | 26 +++++++++++++++---- .../configuration-update.md | 25 +++++++++++++----- .../dependency-check-gradle/configuration.md | 19 +++++++++++--- .../dependency-check-gradle/index.md.vm | 6 ++--- src/site/site.xml | 2 +- 5 files changed, 60 insertions(+), 18 deletions(-) diff --git a/src/site/markdown/dependency-check-gradle/configuration-purge.md b/src/site/markdown/dependency-check-gradle/configuration-purge.md index 3e4c136ce..fd72643e4 100644 --- a/src/site/markdown/dependency-check-gradle/configuration-purge.md +++ b/src/site/markdown/dependency-check-gradle/configuration-purge.md @@ -3,13 +3,28 @@ Tasks Task | Description ----------------------------------------------------|----------------------- -[dependencyCheck](configuration.html) | Runs dependency-check against the project and generates a report. +[dependencyCheckAnalyze](configuration.html) | Runs dependency-check against the project and generates a report. [dependencyCheckUpdate](configuration-update.html) | Updates the local cache of the NVD data from NIST. dependencyCheckPurge | Deletes the local copy of the NVD. This is used to force a refresh of the data. -Configuration: dependencyCheckPurge +Configuration ==================== -The following properties can be configured for the dependencyCheckPurge task: + +```groovy +buildscript { + repositories { + mavenCentral() + } + dependencies { + classpath 'org.owasp:dependency-check-gradle:${project.version}' + } +} +apply plugin: 'org.owasp.dependencycheck' +``` + +```bash +$ gradle dependencyCheckPurge +``` Property | Description | Default Value ---------------------|------------------------------------|------------------ @@ -17,7 +32,8 @@ failOnError | Fails the build if an error occurs during the dependency- #### Example ```groovy -dependencyCheckPurge { +dependencyCheck { + failOnError=true } ``` @@ -31,7 +47,7 @@ data | directory | Sets the data directory to hold SQL CVEs cont #### Example ```groovy -dependencyCheckPurge { +dependencyCheck { data { directory='d:/nvd' } diff --git a/src/site/markdown/dependency-check-gradle/configuration-update.md b/src/site/markdown/dependency-check-gradle/configuration-update.md index f3ab37d35..92ac76d22 100644 --- a/src/site/markdown/dependency-check-gradle/configuration-update.md +++ b/src/site/markdown/dependency-check-gradle/configuration-update.md @@ -3,13 +3,26 @@ Tasks Task | Description -------------------------------------------------|----------------------- -[dependencyCheck](configuration.html) | Runs dependency-check against the project and generates a report. +[dependencyCheckAnalyze](configuration.html) | Runs dependency-check against the project and generates a report. dependencyCheckUpdate | Updates the local cache of the NVD data from NIST. [dependencyCheckPurge](configuration-purge.html) | Deletes the local copy of the NVD. This is used to force a refresh of the data. -Configuration: dependencyCheckUpdate +Configuration ==================== -The following properties can be configured for the dependencyCheckUpdate task: + +```groovy +buildscript { + repositories { + mavenCentral() + } + dependencies { + classpath 'org.owasp:dependency-check-gradle:${project.version}' + } +} +apply plugin: 'org.owasp.dependencycheck' + +check.dependsOn dependencyCheckUpdate +``` Property | Description | Default Value ---------------------|------------------------------------|------------------ @@ -18,7 +31,7 @@ failOnError | Fails the build if an error occurs during the dependency- #### Example ```groovy -dependencyCheckUpdate { +dependencyCheck { cveValidForHours=1 } ``` @@ -35,7 +48,7 @@ connectionTimeout | The URL Connection Timeout. |   #### Example ```groovy -dependencyCheckUpdate { +dependencyCheck { proxy { server=some.proxy.server port=8989 @@ -64,7 +77,7 @@ data | password | The password used when connecting to the data #### Example ```groovy -dependencyCheckUpdate { +dependencyCheck { data { directory='d:/nvd' } diff --git a/src/site/markdown/dependency-check-gradle/configuration.md b/src/site/markdown/dependency-check-gradle/configuration.md index 5549c6215..048454109 100644 --- a/src/site/markdown/dependency-check-gradle/configuration.md +++ b/src/site/markdown/dependency-check-gradle/configuration.md @@ -3,13 +3,26 @@ Tasks Task | Description ---------------------------------------------------|----------------------- -dependencyCheck | Runs dependency-check against the project and generates a report. +dependencyCheckAnalyze | Runs dependency-check against the project and generates a report. [dependencyCheckUpdate](configuration-update.html) | Updates the local cache of the NVD data from NIST. [dependencyCheckPurge](configuration-purge.html) | Deletes the local copy of the NVD. This is used to force a refresh of the data. -Configuration: dependencyCheck +Configuration: ==================== -The following properties can be configured for the dependencyCheck task: + +```groovy +buildscript { + repositories { + mavenCentral() + } + dependencies { + classpath 'org.owasp:dependency-check-gradle:${project.version}' + } +} +apply plugin: 'org.owasp.dependencycheck' + +check.dependsOn dependencyCheckAnalyze +``` Property | Description | Default Value ---------------------|------------------------------------|------------------ diff --git a/src/site/markdown/dependency-check-gradle/index.md.vm b/src/site/markdown/dependency-check-gradle/index.md.vm index 91fe21059..f38cf4072 100644 --- a/src/site/markdown/dependency-check-gradle/index.md.vm +++ b/src/site/markdown/dependency-check-gradle/index.md.vm @@ -30,20 +30,20 @@ buildscript { apply plugin: 'org.owasp.dependencycheck' ``` -$H$H$H Step 2, Run the dependencyCheck task +$H$H$H Step 2, Run the dependencyCheckAnalyze task Once the dependency-check plugin is applied, if the [Java plugin](https://docs.gradle.org/current/userguide/java_plugin.html) is being used dependency-check will automatically be added to the `check` task. Alternatively, you can run dependency-check directly: ```bash -gradle dependencyCheck --info +gradle dependencyCheckAnalyze --info ``` The reports will be generated automatically under `build/reports` folder. $H$H Task Configuration -The OWASP dependency-check-gradle plugin contains three tasks: [dependencyCheck](configuration.html), +The OWASP dependency-check-gradle plugin contains three tasks: [dependencyCheckAnalyze](configuration.html), [dependencyCheckUpdate](configuration-update.html), and [dependencyCheckPurge](configuration-purge.html). Please see each tasks configuration page for more information. diff --git a/src/site/site.xml b/src/site/site.xml index 9bc8009dd..4da3f6d45 100644 --- a/src/site/site.xml +++ b/src/site/site.xml @@ -161,7 +161,7 @@ Copyright (c) 2013 Jeremy Long. All Rights Reserved. Gradle plugin for OWASP dependency-check. - +