mirror of
https://github.com/ysoftdevs/DependencyCheck.git
synced 2026-03-21 08:39:24 +01:00
Merge pull request #830 from stefanneuhaus/documentation-fixes
Documentation fixes
This commit is contained in:
Jeremy Long
@@ -24,11 +24,8 @@ Build Nist-Data-Mirror
|
|||||||
----------------------
|
----------------------
|
||||||
|
|
||||||
1. Perform a "git clone" of [Nist-Data-Mirror](https://github.com/stevespringett/nist-data-mirror/)
|
1. Perform a "git clone" of [Nist-Data-Mirror](https://github.com/stevespringett/nist-data-mirror/)
|
||||||
2. Install gradle, if necessary. See [here](http://gradle.org/gradle-download/)
|
2. Follow the build and run [instructions](https://github.com/stevespringett/nist-data-mirror/blob/master/README.md#user-content-building).
|
||||||
or your Linux distributions package management system. (e.g.,
|
You will be left with a build artifact called `nist-data-mirror.jar`.
|
||||||
`sudo apt-get install gradle`).
|
|
||||||
3. Follow the [build instructions](https://github.com/stevespringett/nist-data-mirror/blob/master/README.md#user-content-build).
|
|
||||||
You will be left with a build artifact called `nist-data-mirror-1.0.0.jar`.
|
|
||||||
|
|
||||||
Set Up a Daily NVD Download Job
|
Set Up a Daily NVD Download Job
|
||||||
-------------------------------
|
-------------------------------
|
||||||
|
|||||||
@@ -27,7 +27,7 @@ To setup a centralized database the following generalized steps can be used:
|
|||||||
</li><li>Dependency-check clients running scans will need to be configured to use the central database:
|
</li><li>Dependency-check clients running scans will need to be configured to use the central database:
|
||||||
<ul><li>The database driver will need to be specified using the dbDriver and if the driver is not
|
<ul><li>The database driver will need to be specified using the dbDriver and if the driver is not
|
||||||
already in the classpath the dbDriverPath options will need to be set (see the specific configuration
|
already in the classpath the dbDriverPath options will need to be set (see the specific configuration
|
||||||
options for Maven, Ant, CLI, and Jenkins).</li>
|
options for Maven, Gradle, Ant, CLI, and Jenkins).</li>
|
||||||
<li>The connection string, database user name, and the database user's password will also need to be configured.</li>
|
<li>The connection string, database user name, and the database user's password will also need to be configured.</li>
|
||||||
</ul>
|
</ul>
|
||||||
</li></ol>
|
</li></ol>
|
||||||
|
|||||||
@@ -1,11 +1,12 @@
|
|||||||
Proxy Configuration
|
Proxy Configuration
|
||||||
===================
|
===================
|
||||||
All of the dependency-check clients (CLI, Maven, Ant, Jenkins) can be configured
|
All of the dependency-check clients (CLI, Maven, Gradle, Ant, Jenkins) can be configured
|
||||||
to use a proxy to connect to the Internet. See the configuration settings for each:
|
to use a proxy to connect to the Internet. See the configuration settings for each:
|
||||||
|
|
||||||
|
* [Maven Plugin](https://jeremylong.github.io/DependencyCheck/dependency-check-maven/configuration.html)
|
||||||
|
* [Gradle Plugin](https://jeremylong.github.io/DependencyCheck/dependency-check-gradle/configuration.html)
|
||||||
* [Ant Task](https://jeremylong.github.io/DependencyCheck/dependency-check-ant/configuration.html)
|
* [Ant Task](https://jeremylong.github.io/DependencyCheck/dependency-check-ant/configuration.html)
|
||||||
* [Command Line](https://jeremylong.github.io/DependencyCheck/dependency-check-cli/arguments.html)
|
* [Command Line](https://jeremylong.github.io/DependencyCheck/dependency-check-cli/arguments.html)
|
||||||
* [Maven Plugin](https://jeremylong.github.io/DependencyCheck/dependency-check-maven/configuration.html)
|
|
||||||
|
|
||||||
Note, it may also be possible to use the core [Java proxy](https://docs.oracle.com/javase/8/docs/technotes/guides/net/proxies.html)
|
Note, it may also be possible to use the core [Java proxy](https://docs.oracle.com/javase/8/docs/technotes/guides/net/proxies.html)
|
||||||
system properties instead of the configuration above.
|
system properties instead of the configuration above.
|
||||||
|
|||||||
@@ -38,13 +38,12 @@ dependencyCheck {
|
|||||||
|
|
||||||
### Proxy Configuration
|
### Proxy Configuration
|
||||||
|
|
||||||
Property | Description | Default Value
|
Config Group | Property | Description | Default Value
|
||||||
------------------|------------------------------------|------------------
|
-------------|-------------------|------------------------------------|------------------
|
||||||
server | The proxy server. |
|
proxy | server | The proxy server. |
|
||||||
port | The proxy port. |
|
proxy | port | The proxy port. |
|
||||||
username | Defines the proxy user name. |
|
proxy | username | Defines the proxy user name. |
|
||||||
password | Defines the proxy password. |
|
proxy | password | Defines the proxy password. |
|
||||||
connectionTimeout | The URL Connection Timeout. |
|
|
||||||
|
|
||||||
#### Example
|
#### Example
|
||||||
```groovy
|
```groovy
|
||||||
|
|||||||
@@ -49,13 +49,12 @@ dependencyCheck {
|
|||||||
|
|
||||||
### Proxy Configuration
|
### Proxy Configuration
|
||||||
|
|
||||||
Property | Description | Default Value
|
Config Group | Property | Description | Default Value
|
||||||
------------------|------------------------------------|------------------
|
-------------|-------------------|------------------------------------|------------------
|
||||||
server | The proxy server; see the [proxy configuration](../data/proxy.html) page for more information. |
|
proxy | server | The proxy server; see the [proxy configuration](../data/proxy.html) page for more information. |
|
||||||
port | The proxy port. |
|
proxy | port | The proxy port. |
|
||||||
username | Defines the proxy user name. |
|
proxy | username | Defines the proxy user name. |
|
||||||
password | Defines the proxy password. |
|
proxy | password | Defines the proxy password. |
|
||||||
connectionTimeout | The URL Connection Timeout. |
|
|
||||||
|
|
||||||
#### Example
|
#### Example
|
||||||
```groovy
|
```groovy
|
||||||
@@ -102,32 +101,32 @@ analyzers by configuring the `analyzers` section. Note, specific file type analy
|
|||||||
disable themselves if no file types that they support are detected - so specifically disabling the
|
disable themselves if no file types that they support are detected - so specifically disabling the
|
||||||
analyzers is likely not needed.
|
analyzers is likely not needed.
|
||||||
|
|
||||||
Property | Description | Default Value
|
Config Group | Property | Description | Default Value
|
||||||
----------------------|-------------------------------------------------------------------------------------------------------------------|------------------
|
-------------|-----------------------|-------------------------------------------------------------------------------------------------------------------|------------------
|
||||||
experimentalEnabled | Sets whether the [experimental analyzers](../analyzers/index.html) will be used. If not set to true the analyzers marked as experimental (see below) will not be used | false
|
analyzers | experimentalEnabled | Sets whether the [experimental analyzers](../analyzers/index.html) will be used. If not set to true the analyzers marked as experimental (see below) will not be used | false
|
||||||
archiveEnabled | Sets whether the Archive Analyzer will be used. | true
|
analyzers | archiveEnabled | Sets whether the Archive Analyzer will be used. | true
|
||||||
zipExtensions | A comma-separated list of additional file extensions to be treated like a ZIP file, the contents will be extracted and analyzed. |
|
analyzers | zipExtensions | A comma-separated list of additional file extensions to be treated like a ZIP file, the contents will be extracted and analyzed. |
|
||||||
jarEnabled | Sets whether Jar Analyzer will be used. | true
|
analyzers | jarEnabled | Sets whether Jar Analyzer will be used. | true
|
||||||
centralEnabled | Sets whether Central Analyzer will be used. If this analyzer is being disabled there is a good chance you also want to disable the Nexus Analyzer (see below). | true
|
analyzers | centralEnabled | Sets whether Central Analyzer will be used. If this analyzer is being disabled there is a good chance you also want to disable the Nexus Analyzer (see below). | true
|
||||||
nexusEnabled | Sets whether Nexus Analyzer will be used. This analyzer is superceded by the Central Analyzer; however, you can configure this to run against a Nexus Pro installation. | true
|
analyzers | nexusEnabled | Sets whether Nexus Analyzer will be used. This analyzer is superceded by the Central Analyzer; however, you can configure this to run against a Nexus Pro installation. | true
|
||||||
nexusUrl | Defines the Nexus Server's web service end point (example http://domain.enterprise/service/local/). If not set the Nexus Analyzer will be disabled. |
|
analyzers | nexusUrl | Defines the Nexus Server's web service end point (example http://domain.enterprise/service/local/). If not set the Nexus Analyzer will be disabled. |
|
||||||
nexusUsesProxy | Whether or not the defined proxy should be used when connecting to Nexus. | true
|
analyzers | nexusUsesProxy | Whether or not the defined proxy should be used when connecting to Nexus. | true
|
||||||
pyDistributionEnabled | Sets whether the [experimental](../analyzers/index.html) Python Distribution Analyzer will be used. | true
|
analyzers | pyDistributionEnabled | Sets whether the [experimental](../analyzers/index.html) Python Distribution Analyzer will be used. | true
|
||||||
pyPackageEnabled | Sets whether the [experimental](../analyzers/index.html) Python Package Analyzer will be used. | true
|
analyzers | pyPackageEnabled | Sets whether the [experimental](../analyzers/index.html) Python Package Analyzer will be used. | true
|
||||||
rubygemsEnabled | Sets whether the [experimental](../analyzers/index.html) Ruby Gemspec Analyzer will be used. | true
|
analyzers | rubygemsEnabled | Sets whether the [experimental](../analyzers/index.html) Ruby Gemspec Analyzer will be used. | true
|
||||||
opensslEnabled | Sets whether or not the openssl Analyzer should be used. | true
|
analyzers | opensslEnabled | Sets whether or not the openssl Analyzer should be used. | true
|
||||||
nuspecEnabled | Sets whether or not the .NET Nuget Nuspec Analyzer will be used. | true
|
analyzers | nuspecEnabled | Sets whether or not the .NET Nuget Nuspec Analyzer will be used. | true
|
||||||
assemblyEnabled | Sets whether or not the .NET Assembly Analyzer should be used. | true
|
analyzers | assemblyEnabled | Sets whether or not the .NET Assembly Analyzer should be used. | true
|
||||||
pathToMono | The path to Mono for .NET assembly analysis on non-windows systems. |
|
analyzers | pathToMono | The path to Mono for .NET assembly analysis on non-windows systems. |
|
||||||
cmakeEnabled | Sets whether or not the [experimental](../analyzers/index.html) CMake Analyzer should be used. | true
|
analyzers | cmakeEnabled | Sets whether or not the [experimental](../analyzers/index.html) CMake Analyzer should be used. | true
|
||||||
autoconfEnabled | Sets whether or not the [experimental](../analyzers/index.html) autoconf Analyzer should be used. | true
|
analyzers | autoconfEnabled | Sets whether or not the [experimental](../analyzers/index.html) autoconf Analyzer should be used. | true
|
||||||
composerEnabled | Sets whether or not the [experimental](../analyzers/index.html) PHP Composer Lock File Analyzer should be used. | true
|
analyzers | composerEnabled | Sets whether or not the [experimental](../analyzers/index.html) PHP Composer Lock File Analyzer should be used. | true
|
||||||
nodeEnabled | Sets whether or not the [experimental](../analyzers/index.html) Node.js Analyzer should be used. | true
|
analyzers | nodeEnabled | Sets whether or not the [experimental](../analyzers/index.html) Node.js Analyzer should be used. | true
|
||||||
nspEnabled | Sets whether the NSP Analyzer should be used. | true
|
analyzers | nspEnabled | Sets whether the NSP Analyzer should be used. | true
|
||||||
cocoapodsEnabled | Sets whether or not the [experimental](../analyzers/index.html) Cocoapods Analyzer should be used. | true
|
analyzers | cocoapodsEnabled | Sets whether or not the [experimental](../analyzers/index.html) Cocoapods Analyzer should be used. | true
|
||||||
swiftEnabled | Sets whether or not the [experimental](../analyzers/index.html) Swift Package Manager Analyzer should be used. | true
|
analyzers | swiftEnabled | Sets whether or not the [experimental](../analyzers/index.html) Swift Package Manager Analyzer should be used. | true
|
||||||
bundleAuditEnabled | Sets whether or not the [experimental](../analyzers/index.html) Ruby Bundle Audit Analyzer should be used. | true
|
analyzers | bundleAuditEnabled | Sets whether or not the [experimental](../analyzers/index.html) Ruby Bundle Audit Analyzer should be used. | true
|
||||||
pathToBundleAudit | The path to bundle audit. |
|
analyzers | pathToBundleAudit | The path to bundle audit. |
|
||||||
|
|
||||||
#### Example
|
#### Example
|
||||||
```groovy
|
```groovy
|
||||||
|
|||||||
Reference in New Issue
Block a user