diff --git a/dependency-check-core/src/main/resources/dependencycheck.properties b/dependency-check-core/src/main/resources/dependencycheck.properties index b56a26bfe..38d9a0108 100644 --- a/dependency-check-core/src/main/resources/dependencycheck.properties +++ b/dependency-check-core/src/main/resources/dependencycheck.properties @@ -2,27 +2,30 @@ application.name=${pom.name} application.version=${pom.version} autoupdate=true -#temp.directory defaults to System.getProperty("java.io.tmpdir") +# the location of the temp directory. if this is not specified it defaults to +# System.getProperty("java.io.tmpdir") #temp.directory=[path to temp directory] -# the path to the data directory; if tis +# the path to the data directory; if this begins with "[JAR]" the directory +# specified will be in the same directory as the core jar file. data.directory=[JAR]/data # the path to the lucene index to store the cpe data data.cpe=cpe # the path to the h2 database to store the nvd cve data data.cve=cve - -# the path to the cpe xml file -cpe.url=http://static.nvd.nist.gov/feeds/xml/cpe/dictionary/official-cpe-dictionary_v2.2.xml.gz -# the path to the cpe meta data file. -cpe.meta.url=http://static.nvd.nist.gov/feeds/xml/cpe/dictionary/official-cpe-dictionary_v2.2.meta - # the number of days that the modified nvd cve data holds data for. We don't need # to update the other files if we are within this timespan. Per NIST this file # holds 8 days of updates, we are using 7 just to be safe. cve.url.modified.validfordays=7 +# the location of the zipped CVE database and Lucene index. If specified and +# a full download of data is required this URL will be used and the data extracted +# into the specified "data" directory. Additionally, after pulling the data the +# system will attempt to update the modified. Thus, if one were maintaining an +# internal copy of the data one would not need to update it nightly. +batch.update.url=file://C:/Users/jeremy/Desktop/demo/cli/data/data.zip + # the path to the modified nvd cve xml file. cve.url-1.2.modified=http://nvd.nist.gov/download/nvdcve-modified.xml cve.url-2.0.modified=http://static.nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-modified.xml