github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-03-13 05:35:36 +01:00
Code Issues Packages Projects Releases Wiki Activity

version 1.1.2 of project documentation

Browse Source
This commit is contained in:
Jeremy Long
2014-03-03 19:32:36 -05:00
parent 9f9ed6f1da
commit 9a00756d3f
982 changed files with 42586 additions and 30816 deletions
Download Patch File Download Diff File Expand all files Collapse all files

170
dependency-check-maven/usage.html
View File

@@ -1,27 +1,27 @@
<!DOCTYPE html>
<!--
| Generated by Apache Maven Doxia at 2014-01-30
| Rendered using Apache Maven Fluido Skin 1.3.0
| Generated by Apache Maven Doxia at 2014-03-03
| Rendered using Apache Maven Fluido Skin 1.3.1
-->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta name="Date-Revision-yyyymmdd" content="20140130" />
<meta name="Date-Revision-yyyymmdd" content="20140303" />
<meta http-equiv="Content-Language" content="en" />
<title>dependency-check-maven - Usage</title>
<link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" />
<link rel="stylesheet" href="./css/apache-maven-fluido-1.3.1.min.css" />
<link rel="stylesheet" href="./css/site.css" />
<link rel="stylesheet" href="./css/print.css" media="print" />
<script type="text/javascript" src="./js/apache-maven-fluido-1.3.0.min.js"></script>
<script type="text/javascript" src="./js/apache-maven-fluido-1.3.1.min.js"></script>
<style type="text/css">#bannerLeft { margin-top:50px !important }</style>
</head>
</head>
<body class="topBarDisabled">
@@ -54,21 +54,23 @@
<li class="">
<a href="../../../../../../../../../../../../c:/Users/jeremy/Documents/NetBeansProjects/DependencyCheck/target/site/1.1.1/#" title="">
<a href="../../../../../../../../../../../../c:/Users/jeremy/Documents/NetBeansProjects/DependencyCheck/target/site/1.1.2/#" title="">
</a>
</li>
<li class="divider ">/</li>
<span class="divider">/</span>
</li>
<li class="">
<a href="../index.html" title="dependency-check">
dependency-check</a>
</li>
<li class="divider ">/</li>
<li class="">Usage</li>
<span class="divider">/</span>
</li>
<li class="active ">Usage</li>
<li id="publishDate" class="pull-right">Last Published: 2014-01-30</li> <li class="divider pull-right">|</li>
<li id="projectVersion" class="pull-right">Version: 1.1.1</li>
<li id="publishDate" class="pull-right"><span class="divider">|</span> Last Published: 2014-03-03</li>
<li id="projectVersion" class="pull-right">
Version: 1.1.2
</li>
</ul>
</div>
@@ -81,29 +83,29 @@
<ul class="nav nav-list">
<li class="nav-header">Getting Started</li>
<li class="active">
<a href="#"><i class="none"></i>Usage</a>
</li>
<li>
<a href="configuration.html" title="Configuration">
<i class="none"></i>
Configuration</a>
</li>
<li class="nav-header">Project Documentation</li>
<li>
<a href="project-info.html" title="Project Information">
<i class="icon-chevron-right"></i>
Project Information</a>
</li>
<li>
<a href="project-reports.html" title="Project Reports">
<i class="icon-chevron-right"></i>
Project Reports</a>
@@ -112,10 +114,16 @@
<hr class="divider" />
<hr />
<div id="poweredBy">
<div class="clear"></div>
<script type="text/javascript" src="https://apis.google.com/js/plusone.js"></script>
<div class="g-plusone" data-href="http://maven.apache.org" data-size="tall" ></div>
<div class="clear"></div>
<div class="clear"></div>
@@ -127,10 +135,17 @@
</div>
<div class="clear"></div>
<a href="http://maven.apache.org/" title="Built by Maven" class="poweredBy">
<img class="builtBy" alt="Built by Maven" src="./images/logos/maven-feather.png" />
<div class="clear"></div>
<a href="./" title="Maven" class="builtBy">
<img class="builtBy" alt="built with maven" src="http://jeremylong.github.io/DependencyCheck/images/logos/maven-feather.png" />
</a>
</div>
<a href="./" title="IntelliJ" class="builtBy">
<img class="builtBy" alt="developed using" src="http://jeremylong.github.io/DependencyCheck/images/logos/logo_intellij_idea.png" width="170px" />
</a>
<a href="http://www.cloudbees.com/" title="Cloudbees" class="builtBy">
<img class="builtBy" alt="built on cloudbees" src="http://jeremylong.github.io/DependencyCheck/images/logos/Button-Built-on-CB-1.png" />
</a>
</div>
</div>
</div>
@@ -141,10 +156,9 @@
<p>Dependency-check-maven is very simple to utilize and can be used as a stand-alone plugin or as part of the site plugin.</p>
<p>It is important to understand that the first time this task is executed it may take 20 minutes or more as it downloads and processes the data from the National Vulnerability Database (NVD) hosted by NIST: <a class="externalLink" href="https://nvd.nist.gov">https://nvd.nist.gov</a></p>
<p>After the first batch download, as long as the plugin is executed at least once every seven days the update will only take a few seconds.</p>
<div class="section">
<div class="section">
<h3>Create the DependencyCheck-report.html in the target directory<a name="Create_the_DependencyCheck-report.html_in_the_target_directory"></a></h3>
<h2>Example 1:<a name="Example_1:"></a></h2>
<p>Create the DependencyCheck-report.html in the target directory</p>
<div class="source">
<pre>&lt;project&gt;
@@ -154,7 +168,7 @@
&lt;plugin&gt;
&lt;groupId&gt;org.owasp&lt;/groupId&gt;
&lt;artifactId&gt;dependency-check-maven&lt;/artifactId&gt;
&lt;version&gt;1.1.1&lt;/version&gt;
&lt;version&gt;1.1.2&lt;/version&gt;
&lt;executions&gt;
&lt;execution&gt;
&lt;goals&gt;
@@ -169,10 +183,10 @@
&lt;/build&gt;
...
&lt;/project&gt;
</pre></div>
</div>
</pre></div></div>
<div class="section">
<h3>Create the DependencyCheck-report.html and fail the build for CVSS greater then 8<a name="Create_the_DependencyCheck-report.html_and_fail_the_build_for_CVSS_greater_then_8"></a></h3>
<h2>Example 2:<a name="Example_2:"></a></h2>
<p>Create the DependencyCheck-report.html and fail the build for CVSS greater then 8</p>
<div class="source">
<pre>&lt;project&gt;
@@ -182,7 +196,7 @@
&lt;plugin&gt;
&lt;groupId&gt;org.owasp&lt;/groupId&gt;
&lt;artifactId&gt;dependency-check-maven&lt;/artifactId&gt;
&lt;version&gt;1.1.1&lt;/version&gt;
&lt;version&gt;1.1.2&lt;/version&gt;
&lt;configuration&gt;
&lt;failBuildOnCVSS&gt;8&lt;/failBuildOnCVSS&gt;
&lt;/configuration&gt;
@@ -200,10 +214,10 @@
&lt;/build&gt;
...
&lt;/project&gt;
</pre></div>
</div>
</pre></div></div>
<div class="section">
<h3>Create the dependency-check report within the site<a name="Create_the_dependency-check_report_within_the_site"></a></h3>
<h2>Example 3:<a name="Example_3:"></a></h2>
<p>Create the dependency-check report within the site</p>
<div class="source">
<pre>&lt;project&gt;
@@ -218,7 +232,7 @@
&lt;plugin&gt;
&lt;groupId&gt;org.owasp&lt;/groupId&gt;
&lt;artifactId&gt;dependency-check-maven&lt;/artifactId&gt;
&lt;version&gt;1.1.1&lt;/version&gt;
&lt;version&gt;1.1.2&lt;/version&gt;
&lt;configuration&gt;
&lt;externalReport&gt;false&lt;/externalReport&gt;
&lt;/configuration&gt;
@@ -232,7 +246,73 @@
&lt;/build&gt;
...
&lt;/project&gt;
</pre></div></div></div>
</pre></div></div>
<div class="section">
<h2>Example 4:<a name="Example_4:"></a></h2>
<p>Create the DependencyCheck-report.html and skip artifacts no bundled in distribution (Provided and Runtime scope)</p>
<div class="source">
<pre>&lt;project&gt;
&lt;build&gt;
&lt;plugins&gt;
...
&lt;plugin&gt;
&lt;groupId&gt;org.owasp&lt;/groupId&gt;
&lt;artifactId&gt;dependency-check-maven&lt;/artifactId&gt;
&lt;version&gt;1.1.2&lt;/version&gt;
&lt;configuration&gt;
&lt;skipProvidedScope&gt;true&lt;/skipProvidedScope&gt;
&lt;skipRuntimeScope&gt;true&lt;/skipRuntimeScope&gt;
&lt;/configuration&gt;
&lt;executions&gt;
&lt;execution&gt;
&lt;goals&gt;
&lt;goal&gt;check&lt;/goal&gt;
&lt;/goals&gt;
&lt;/execution&gt;
&lt;/executions&gt;
&lt;/plugin&gt;
...
&lt;/plugins&gt;
...
&lt;/build&gt;
...
&lt;/project&gt;
</pre></div></div>
<div class="section">
<h2>Example 5:<a name="Example_5:"></a></h2>
<p>Create the DependencyCheck-report.html and use internal mirroring of CVE contents</p>
<div class="source">
<pre>&lt;project&gt;
&lt;build&gt;
&lt;plugins&gt;
...
&lt;plugin&gt;
&lt;groupId&gt;org.owasp&lt;/groupId&gt;
&lt;artifactId&gt;dependency-check-maven&lt;/artifactId&gt;
&lt;version&gt;1.1.2&lt;/version&gt;
&lt;configuration&gt;
&lt;cveUrl12Modified&gt;http://internal-mirror.mycorp.com/downloads/nist/nvdcve-modified.xml&lt;/cveUrl12Modified&gt;
&lt;cveUrl20Modified&gt;http://internal-mirror.mycorp.com/downloads/nist/nvdcve-2.0-modified.xml&lt;/cveUrl20Modified&gt;
&lt;cveUrl12Base&gt;http://internal-mirror.mycorp.com/downloads/nist/nvdcve-%d.xml&lt;/cveUrl12Base&gt;
&lt;cveUrl20Base&gt;http://internal-mirror.mycorp.com/downloads/nist/nvdcve-2.0-%d.xml&lt;/cveUrl20Base&gt;
&lt;/configuration&gt;
&lt;executions&gt;
&lt;execution&gt;
&lt;goals&gt;
&lt;goal&gt;check&lt;/goal&gt;
&lt;/goals&gt;
&lt;/execution&gt;
&lt;/executions&gt;
&lt;/plugin&gt;
...
&lt;/plugins&gt;
...
&lt;/build&gt;
...
&lt;/project&gt;
</pre></div></div>
</div>
</div>
</div>
@@ -241,15 +321,17 @@
<footer>
<div class="container-fluid">
<div class="row span12">Copyright &copy; 2013-2014
<div class="row-fluid">
<p >Copyright &copy; 2013&#x2013;2014
<a href="http://www.owasp.org">OWASP</a>.
All Rights Reserved.
All rights reserved.
</div>
</p>
</div>
</div>
</footer>
</body>
</body>
</html>