From 3396cb28873ca1f07d448fdf254d3fb04083322c Mon Sep 17 00:00:00 2001 From: Jeremy Long Date: Thu, 10 Dec 2015 18:33:31 -0500 Subject: [PATCH] fix for issue #416 --- dependency-check-ant/src/main/resources/task.properties | 2 +- .../src/main/resources/dependencycheck.properties | 5 +++++ dependency-check-maven/src/main/resources/mojo.properties | 2 +- src/site/markdown/dependency-check-gradle/configuration.md | 6 +++--- 4 files changed, 10 insertions(+), 5 deletions(-) diff --git a/dependency-check-ant/src/main/resources/task.properties b/dependency-check-ant/src/main/resources/task.properties index 348493abf..7fbbe3b6a 100644 --- a/dependency-check-ant/src/main/resources/task.properties +++ b/dependency-check-ant/src/main/resources/task.properties @@ -1,2 +1,2 @@ # the path to the data directory -data.directory=data +data.directory=data/3.0 diff --git a/dependency-check-core/src/main/resources/dependencycheck.properties b/dependency-check-core/src/main/resources/dependencycheck.properties index 271845516..118b5b50f 100644 --- a/dependency-check-core/src/main/resources/dependencycheck.properties +++ b/dependency-check-core/src/main/resources/dependencycheck.properties @@ -18,7 +18,12 @@ engine.version.url=http://jeremylong.github.io/DependencyCheck/current.txt data.directory=[JAR]/data #if the filename has a %s it will be replaced with the current expected version data.file_name=dc.h2.db + +### if you increment the DB version then you must increment the database file path +### in the mojo.properties, task.properties (maven and ant respectively), and +### the gradle PurgeDataExtension. data.version=3.0 + data.connection_string=jdbc:h2:file:%s;FILE_LOCK=SERIALIZED;AUTOCOMMIT=ON; #data.connection_string=jdbc:mysql://localhost:3306/dependencycheck diff --git a/dependency-check-maven/src/main/resources/mojo.properties b/dependency-check-maven/src/main/resources/mojo.properties index eadab9896..5521fb290 100644 --- a/dependency-check-maven/src/main/resources/mojo.properties +++ b/dependency-check-maven/src/main/resources/mojo.properties @@ -1,2 +1,2 @@ # the path to the data directory -data.directory=[JAR]/../../dependency-check-data +data.directory=[JAR]/../../dependency-check-data/3.0 diff --git a/src/site/markdown/dependency-check-gradle/configuration.md b/src/site/markdown/dependency-check-gradle/configuration.md index 518190285..7d2516118 100644 --- a/src/site/markdown/dependency-check-gradle/configuration.md +++ b/src/site/markdown/dependency-check-gradle/configuration.md @@ -17,7 +17,7 @@ autoUpdate | Sets whether auto-updating of the NVD CVE/CPE data is ena cveValidForHours | Sets the number of hours to wait before checking for new updates from the NVD. | 4 failBuildOnCVSS | Specifies if the build should be failed if a CVSS score above a specified level is identified. The default is 11; since the CVSS scores are 0-10, by default the build will never fail. | 11 format | The report format to be generated (HTML, XML, VULN, ALL). | HTML -reportsDirName | The location to write the report(s). This directory will be located in the build directory. | reports +outputDirectory | The location to write the report(s). This directory will be located in the build directory. | build/reports skipTestGroups | When set to true (the default) all dependency groups that being with 'test' will be skipped. | true suppressionFile | The file path to the XML suppression file \- used to suppress [false positives](../general/suppression.html) |   @@ -81,7 +81,7 @@ dependencyCheck { ### Analyzer Configuration In addition to the above, the dependencyCheck plugin can be configured to enable or disable specific -analyzers by configuring the `analyzer` section. Note, specific file type analyzers will automatically +analyzers by configuring the `analyzers` section. Note, specific file type analyzers will automatically disable themselves if no file types that they support are detected - so specifically disabling the analyzers is likely not needed. @@ -109,7 +109,7 @@ pathToMono | The path to Mono for .NET assembly analysis on non-windo #### Example ```groovy dependencyCheck { - analyzer { + analyzers { assemblyEnabled=false } }