github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-15 08:13:43 +01:00
Code Issues Packages Projects Releases Wiki Activity

updates to resolve #1050 and #1051

Browse Source
This commit is contained in:
Jeremy Long
2018-01-05 06:32:28 -05:00
parent 560f7b6e24
commit 3abe415805
3 changed files with 15 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
README.md
View File

@@ -42,7 +42,10 @@ $ dependency-check --project Testing --out . --scan [path to jar files to be sca
### Maven Plugin
More detailed instructions can be found on the [dependency-check-maven github pages](http://jeremylong.github.io/DependencyCheck/dependency-check-maven).
The plugin can be configured using the following:
By default, the plugin is tied to the `verify` phase (i.e. `mvn verify`). Alternatively,
one can directly invoke the plugin via `mvn org.owasp:dependency-check-maven:check`.
The dependency-check plugin can be configured using the following:
```xml
<project>
@@ -97,7 +100,7 @@ On Windows
> .\dependency-check-cli\target\release\bin\dependency-check.bat --project Testing --out . --scan ./src/test/resources
```
Then load the resulting 'DependencyCheck-Report.html' into your favorite browser.
Then load the resulting 'dependency-check-report.html' into your favorite browser.
### Docker

2
dependency-check-ant/src/test/java/org/owasp/dependencycheck/taskdefs/DependencyCheckTaskTest.java
View File

@@ -57,7 +57,7 @@ public class DependencyCheckTaskTest extends BaseDBTestCase {
public void testAddFileSet() throws Exception {
File report = new File("target/dependency-check-report.html");
if (report.exists() && !report.delete()) {
throw new Exception("Unable to delete 'target/DependencyCheck-Report.html' prior to test.");
throw new Exception("Unable to delete 'target/dependency-check-report.html' prior to test.");
}
buildFileRule.executeTarget("test.fileset");
assertTrue("DependencyCheck report was not generated", report.exists());

13
dependency-check-maven/src/site/markdown/index.md.vm
View File

@@ -10,10 +10,15 @@ Vulnerability Database (NVD) hosted by NIST: https://nvd.nist.gov
After the first batch download, as long as the plug-in is executed at least once every
seven days the update will only take a few seconds.
### Default Phase
The dependency-check plugin is, by default, tied to the `verify` or `site` phase
depending on if it is configured as a build or reporting plugin. The examples
below can be executed using `mvn verify` or in the reporting example `mvn site`.
#set( $H = '#' )
$H$H$H Example 1:
Create the DependencyCheck-report.html in the target directory.
Create the dependency-check-report.html in the target directory.
```xml
<project>
@@ -73,7 +78,7 @@ Create an aggregated dependency-check report within the site.
```
$H$H$H Example 3:
Create the DependencyCheck-report.html and fail the build for CVSS greater than or equal to 8.
Create the dependency-check-report.html and fail the build for CVSS greater than or equal to 8.
```xml
<project>
@@ -106,7 +111,7 @@ Create the DependencyCheck-report.html and fail the build for CVSS greater than
```
$H$H$H Example 4:
Create the DependencyCheck-report.html and skip artifacts not bundled in distribution (Provided and Runtime scope).
Create the dependency-check-report.html and skip artifacts not bundled in distribution (Provided and Runtime scope).
```xml
<project>
@@ -140,7 +145,7 @@ Create the DependencyCheck-report.html and skip artifacts not bundled in distrib
```
$H$H$H Example 5:
Create the DependencyCheck-report.html and use internal mirroring of CVE contents.
Create the dependency-check-report.html and use internal mirroring of CVE contents.
```xml
<project>