mirror of
https://github.com/ysoftdevs/DependencyCheck.git
synced 2026-03-24 18:11:47 +01:00
added documentation for issue #390
This commit is contained in:
Jeremy Long
@@ -29,19 +29,20 @@ Configuration: dependency-check Task
|
|||||||
--------------------
|
--------------------
|
||||||
The following properties can be set on the dependency-check-update task.
|
The following properties can be set on the dependency-check-update task.
|
||||||
|
|
||||||
Property | Description | Default Value
|
Property | Description | Default Value
|
||||||
----------------------|------------------------------------|------------------
|
----------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------
|
||||||
autoUpdate | Sets whether auto-updating of the NVD CVE/CPE data is enabled. It is not recommended that this be turned to false. | true
|
autoUpdate | Sets whether auto-updating of the NVD CVE/CPE data is enabled. It is not recommended that this be turned to false. | true
|
||||||
projectName | The name of the project being scanned. | Dependency-Check
|
cveValidForHours | Sets the number of hours to wait before checking for new updates from the NVD | 4
|
||||||
reportOutputDirectory | The location to write the report(s). Note, this is not used if generating the report as part of a `mvn site` build | 'target'
|
failBuildOnCVSS | Specifies if the build should be failed if a CVSS score above a specified level is identified. The default is 11 which means since the CVSS scores are 0-10, by default the build will never fail. | 11
|
||||||
failBuildOnCVSS | Specifies if the build should be failed if a CVSS score above a specified level is identified. The default is 11 which means since the CVSS scores are 0-10, by default the build will never fail. | 11
|
projectName | The name of the project being scanned. | Dependency-Check
|
||||||
reportFormat | The report format to be generated (HTML, XML, VULN, ALL). This configuration option has no affect if using this within the Site plugin unless the externalReport is set to true. | HTML
|
reportFormat | The report format to be generated (HTML, XML, VULN, ALL). This configuration option has no affect if using this within the Site plugin unless the externalReport is set to true. | HTML
|
||||||
suppressionFile | The file path to the XML suppression file \- used to suppress [false positives](../general/suppression.html) |
|
reportOutputDirectory | The location to write the report(s). Note, this is not used if generating the report as part of a `mvn site` build | 'target'
|
||||||
proxyServer | The Proxy Server. |
|
suppressionFile | The file path to the XML suppression file \- used to suppress [false positives](../general/suppression.html) |
|
||||||
proxyPort | The Proxy Port. |
|
proxyServer | The Proxy Server. |
|
||||||
proxyUsername | Defines the proxy user name. |
|
proxyPort | The Proxy Port. |
|
||||||
proxyPassword | Defines the proxy password. |
|
proxyUsername | Defines the proxy user name. |
|
||||||
connectionTimeout | The URL Connection Timeout. |
|
proxyPassword | Defines the proxy password. |
|
||||||
|
connectionTimeout | The URL Connection Timeout. |
|
||||||
|
|
||||||
Analyzer Configuration
|
Analyzer Configuration
|
||||||
====================
|
====================
|
||||||
|
|||||||
@@ -17,6 +17,8 @@ Short | Argument Name | Parameter | Description | Requir
|
|||||||
\-h | \-\-help | | Print the help message. | Optional
|
\-h | \-\-help | | Print the help message. | Optional
|
||||||
| \-\-advancedHelp | | Print the advanced help message. | Optional
|
| \-\-advancedHelp | | Print the advanced help message. | Optional
|
||||||
\-v | \-\-version | | Print the version information. | Optional
|
\-v | \-\-version | | Print the version information. | Optional
|
||||||
|
| \-\-cveValidForHours | \<hours\> | The number of hours to wait before checking for new updates from the NVD. The default is 4 hours. | Optional
|
||||||
|
|
||||||
|
|
||||||
Advanced Options
|
Advanced Options
|
||||||
================
|
================
|
||||||
|
|||||||
@@ -15,15 +15,16 @@ The following properties can be set on the dependency-check-maven plugin.
|
|||||||
Property | Description | Default Value
|
Property | Description | Default Value
|
||||||
---------------------|------------------------------------|------------------
|
---------------------|------------------------------------|------------------
|
||||||
autoUpdate | Sets whether auto-updating of the NVD CVE/CPE data is enabled. It is not recommended that this be turned to false. | true
|
autoUpdate | Sets whether auto-updating of the NVD CVE/CPE data is enabled. It is not recommended that this be turned to false. | true
|
||||||
outputDirectory | The location to write the report(s). Note, this is not used if generating the report as part of a `mvn site` build | 'target'
|
cveValidForHours | Sets the number of hours to wait before checking for new updates from the NVD. | 4
|
||||||
failBuildOnCVSS | Specifies if the build should be failed if a CVSS score above a specified level is identified. The default is 11 which means since the CVSS scores are 0-10, by default the build will never fail. | 11
|
failBuildOnCVSS | Specifies if the build should be failed if a CVSS score above a specified level is identified. The default is 11 which means since the CVSS scores are 0-10, by default the build will never fail. | 11
|
||||||
format | The report format to be generated (HTML, XML, VULN, ALL). This configuration option has no affect if using this within the Site plugin unless the externalReport is set to true. | HTML
|
format | The report format to be generated (HTML, XML, VULN, ALL). This configuration option has no affect if using this within the Site plugin unless the externalReport is set to true. | HTML
|
||||||
name | The name of the report in the site | dependency-check or dependency-check:aggregate
|
name | The name of the report in the site | dependency-check or dependency-check:aggregate
|
||||||
suppressionFile | The file path to the XML suppression file \- used to suppress [false positives](../general/suppression.html) |
|
outputDirectory | The location to write the report(s). Note, this is not used if generating the report as part of a `mvn site` build | 'target'
|
||||||
skip | Skips the dependency-check analysis | false
|
skip | Skips the dependency-check analysis | false
|
||||||
skipTestScope | Should be skip analysis for artifacts with Test Scope | true
|
skipTestScope | Should be skip analysis for artifacts with Test Scope | true
|
||||||
skipProvidedScope | Should be skip analysis for artifacts with Provided Scope | false
|
skipProvidedScope | Should be skip analysis for artifacts with Provided Scope | false
|
||||||
skipRuntimeScope | Should be skip analysis for artifacts with Runtime Scope | false
|
skipRuntimeScope | Should be skip analysis for artifacts with Runtime Scope | false
|
||||||
|
suppressionFile | The file path to the XML suppression file \- used to suppress [false positives](../general/suppression.html) |
|
||||||
|
|
||||||
Analyzer Configuration
|
Analyzer Configuration
|
||||||
====================
|
====================
|
||||||
|
|||||||
Reference in New Issue
Block a user