github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-16 08:36:55 +01:00
Code Issues Packages Projects Releases Wiki Activity

documentation update v1.4.4

Browse Source
This commit is contained in:
Jeremy Long
2016-11-05 09:41:16 -04:00
parent e1a447f722
commit a1b5e3f7b0
1217 changed files with 79708 additions and 51391 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
data/cachenvd.html
View File

@@ -1,13 +1,13 @@
<!DOCTYPE html>
<!--
| Generated by Apache Maven Doxia Site Renderer 1.7.1 at 2016-09-06
| Generated by Apache Maven Doxia Site Renderer 1.7.1 at 2016-11-05
| Rendered using Apache Maven Fluido Skin 1.5
-->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta name="Date-Revision-yyyymmdd" content="20160906" />
<meta name="Date-Revision-yyyymmdd" content="20161105" />
<meta http-equiv="Content-Language" content="en" />
<title>dependency-check &#x2013; Snapshotting the NVD</title>
<link rel="stylesheet" href="../css/apache-maven-fluido-1.5.min.css" />
@@ -59,9 +59,9 @@
<li class="active ">Snapshotting the NVD</li>
<li id="publishDate" class="pull-right"><span class="divider">|</span> Last Published: 2016-09-06</li>
<li id="publishDate" class="pull-right"><span class="divider">|</span> Last Published: 2016-11-05</li>
<li id="projectVersion" class="pull-right">
Version: 1.4.3
Version: 1.4.4
</li>
</ul>
@@ -74,7 +74,7 @@
<ul class="nav nav-list">
<li class="nav-header">OWASP dependency-check</li>
<li>
<a href="../index.html" title="General">
@@ -102,6 +102,13 @@
<span class="none"></span>
False Positives</a>
</li>
<li>
<a href="../general/hints.html" title="False Negatives">
<span class="none"></span>
False Negatives</a>
</li>
<li>
@@ -174,7 +181,7 @@
</li>
</ul>
</li>
<li>
<a href="../analyzers/index.html" title="File Type Analyzers">

21
data/database.html
View File

@@ -1,13 +1,13 @@
<!DOCTYPE html>
<!--
| Generated by Apache Maven Doxia Site Renderer 1.7.1 at 2016-09-06
| Generated by Apache Maven Doxia Site Renderer 1.7.1 at 2016-11-05
| Rendered using Apache Maven Fluido Skin 1.5
-->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta name="Date-Revision-yyyymmdd" content="20160906" />
<meta name="Date-Revision-yyyymmdd" content="20161105" />
<meta http-equiv="Content-Language" content="en" />
<title>dependency-check &#x2013; Using a Database Server</title>
<link rel="stylesheet" href="../css/apache-maven-fluido-1.5.min.css" />
@@ -59,9 +59,9 @@
<li class="active ">Using a Database Server</li>
<li id="publishDate" class="pull-right"><span class="divider">|</span> Last Published: 2016-09-06</li>
<li id="publishDate" class="pull-right"><span class="divider">|</span> Last Published: 2016-11-05</li>
<li id="projectVersion" class="pull-right">
Version: 1.4.3
Version: 1.4.4
</li>
</ul>
@@ -74,7 +74,7 @@
<ul class="nav nav-list">
<li class="nav-header">OWASP dependency-check</li>
<li>
<a href="../index.html" title="General">
@@ -102,6 +102,13 @@
<span class="none"></span>
False Positives</a>
</li>
<li>
<a href="../general/hints.html" title="False Negatives">
<span class="none"></span>
False Negatives</a>
</li>
<li>
@@ -174,7 +181,7 @@
</li>
</ul>
</li>
<li>
<a href="../analyzers/index.html" title="File Type Analyzers">
@@ -286,7 +293,7 @@
&lt;plugin&gt;
&lt;groupId&gt;org.owasp&lt;/groupId&gt;
&lt;artifactId&gt;dependency-check-maven&lt;/artifactId&gt;
&lt;version&gt;1.4.3&lt;/version&gt;
&lt;version&gt;1.4.4&lt;/version&gt;
&lt;dependencies&gt;
&lt;dependency&gt;
&lt;groupId&gt;org.mariadb.jdbc&lt;/groupId&gt;

22
data/index.html
View File

@@ -1,13 +1,13 @@
<!DOCTYPE html>
<!--
| Generated by Apache Maven Doxia Site Renderer 1.7.1 at 2016-09-06
| Generated by Apache Maven Doxia Site Renderer 1.7.1 at 2016-11-05
| Rendered using Apache Maven Fluido Skin 1.5
-->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta name="Date-Revision-yyyymmdd" content="20160906" />
<meta name="Date-Revision-yyyymmdd" content="20161105" />
<meta http-equiv="Content-Language" content="en" />
<title>dependency-check &#x2013; Internet Access Required</title>
<link rel="stylesheet" href="../css/apache-maven-fluido-1.5.min.css" />
@@ -59,9 +59,9 @@
<li class="active ">Internet Access Required</li>
<li id="publishDate" class="pull-right"><span class="divider">|</span> Last Published: 2016-09-06</li>
<li id="publishDate" class="pull-right"><span class="divider">|</span> Last Published: 2016-11-05</li>
<li id="projectVersion" class="pull-right">
Version: 1.4.3
Version: 1.4.4
</li>
</ul>
@@ -74,7 +74,7 @@
<ul class="nav nav-list">
<li class="nav-header">OWASP dependency-check</li>
<li>
<a href="../index.html" title="General">
@@ -102,6 +102,13 @@
<span class="none"></span>
False Positives</a>
</li>
<li>
<a href="../general/hints.html" title="False Negatives">
<span class="none"></span>
False Negatives</a>
</li>
<li class="active">
@@ -174,7 +181,7 @@
</li>
</ul>
</li>
<li>
<a href="../analyzers/index.html" title="File Type Analyzers">
@@ -245,7 +252,8 @@
<p>There are two reasons dependency-check needs access to the Internet. Below you will find a discussion of each problem and possibly resolutions if you are facing organizational constraints.</p>
<div class="section">
<h2><a name="Local_NVD_Database"></a>Local NVD Database</h2>
<p>OWASP dependency-check maintains a local copy of the NVD data hosted by NIST. By default, a local <a class="externalLink" href="http://www.h2database.com/html/main.html">H2 database</a> instance is used. As each instance maintains its own copy of the NVD the machine will need access to nvd.nist.gov in order to download the NVD data feeds. While the initial download of the NVD data feed is large, if after the initial download the tool is run at least once every seven days only two small XML files containing the recent modifications will need to be downloaded.</p>
<p>OWASP dependency-check maintains a local copy of the NVD CVE data hosted by NIST. By default, a local <a class="externalLink" href="http://www.h2database.com/html/main.html">H2 database</a> instance is used. As each instance maintains its own copy of the NVD the machine will need access to nvd.nist.gov in order to download the NVD data feeds. While the initial download of the NVD data feed is large, if after the initial download the tool is run at least once every seven days only two small XML files containing the recent modifications will need to be downloaded.</p>
<p>In some installations OpenJDK may not be able to download the NVD CVE data. Please see the <a href="./tlsfailure.html">TLS Failures article</a> for more information.</p>
<p>If your build servers are using dependency-check and are unable to access the Internet you have a few options:</p>
<ol style="list-style-type: decimal">

19
data/mirrornvd.html
View File

@@ -1,13 +1,13 @@
<!DOCTYPE html>
<!--
| Generated by Apache Maven Doxia Site Renderer 1.7.1 at 2016-09-06
| Generated by Apache Maven Doxia Site Renderer 1.7.1 at 2016-11-05
| Rendered using Apache Maven Fluido Skin 1.5
-->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta name="Date-Revision-yyyymmdd" content="20160906" />
<meta name="Date-Revision-yyyymmdd" content="20161105" />
<meta http-equiv="Content-Language" content="en" />
<title>dependency-check &#x2013; Mirroring the NVD from NIST</title>
<link rel="stylesheet" href="../css/apache-maven-fluido-1.5.min.css" />
@@ -59,9 +59,9 @@
<li class="active ">Mirroring the NVD from NIST</li>
<li id="publishDate" class="pull-right"><span class="divider">|</span> Last Published: 2016-09-06</li>
<li id="publishDate" class="pull-right"><span class="divider">|</span> Last Published: 2016-11-05</li>
<li id="projectVersion" class="pull-right">
Version: 1.4.3
Version: 1.4.4
</li>
</ul>
@@ -74,7 +74,7 @@
<ul class="nav nav-list">
<li class="nav-header">OWASP dependency-check</li>
<li>
<a href="../index.html" title="General">
@@ -102,6 +102,13 @@
<span class="none"></span>
False Positives</a>
</li>
<li>
<a href="../general/hints.html" title="False Negatives">
<span class="none"></span>
False Negatives</a>
</li>
<li>
@@ -174,7 +181,7 @@
</li>
</ul>
</li>
<li>
<a href="../analyzers/index.html" title="File Type Analyzers">

19
data/proxy.html
View File

@@ -1,13 +1,13 @@
<!DOCTYPE html>
<!--
| Generated by Apache Maven Doxia Site Renderer 1.7.1 at 2016-09-06
| Generated by Apache Maven Doxia Site Renderer 1.7.1 at 2016-11-05
| Rendered using Apache Maven Fluido Skin 1.5
-->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta name="Date-Revision-yyyymmdd" content="20160906" />
<meta name="Date-Revision-yyyymmdd" content="20161105" />
<meta http-equiv="Content-Language" content="en" />
<title>dependency-check &#x2013; Proxy Configuration</title>
<link rel="stylesheet" href="../css/apache-maven-fluido-1.5.min.css" />
@@ -59,9 +59,9 @@
<li class="active ">Proxy Configuration</li>
<li id="publishDate" class="pull-right"><span class="divider">|</span> Last Published: 2016-09-06</li>
<li id="publishDate" class="pull-right"><span class="divider">|</span> Last Published: 2016-11-05</li>
<li id="projectVersion" class="pull-right">
Version: 1.4.3
Version: 1.4.4
</li>
</ul>
@@ -74,7 +74,7 @@
<ul class="nav nav-list">
<li class="nav-header">OWASP dependency-check</li>
<li>
<a href="../index.html" title="General">
@@ -102,6 +102,13 @@
<span class="none"></span>
False Positives</a>
</li>
<li>
<a href="../general/hints.html" title="False Negatives">
<span class="none"></span>
False Negatives</a>
</li>
<li>
@@ -174,7 +181,7 @@
</li>
</ul>
</li>
<li>
<a href="../analyzers/index.html" title="File Type Analyzers">

173
data/tlsfailure.html Normal file
View File

@@ -0,0 +1,173 @@
<!DOCTYPE html>
<!--
| Generated by Apache Maven Doxia Site Renderer 1.7.1 at 2016-11-05
| Rendered using Apache Maven Fluido Skin 1.5
-->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta name="Date-Revision-yyyymmdd" content="20161105" />
<meta http-equiv="Content-Language" content="en" />
<title>dependency-check &#x2013; NVD CVE Download Failures</title>
<link rel="stylesheet" href="../css/apache-maven-fluido-1.5.min.css" />
<link rel="stylesheet" href="../css/site.css" />
<link rel="stylesheet" href="../css/print.css" media="print" />
<script type="text/javascript" src="../js/apache-maven-fluido-1.5.min.js"></script>
<style type="text/css">
#bannerLeft { margin-top:-20px;margin-bottom:5px !important }
</style>
</head>
<body class="topBarDisabled">
<a href="https://github.com/jeremylong/DependencyCheck">
<img style="position: absolute; top: 0; right: 0; border: 0; z-index: 10000;"
src="https://s3.amazonaws.com/github/ribbons/forkme_right_gray_6d6d6d.png"
alt="Fork me on GitHub">
</a>
<div class="container-fluid">
<div id="banner">
<div class="pull-left">
<div id="bannerLeft">
<img src="../images/dc.svg" alt="OWASP dependency-check"/>
</div>
</div>
<div class="pull-right"> </div>
<div class="clear"><hr/></div>
</div>
<div id="breadcrumbs">
<ul class="breadcrumb">
<li class="">
<a href="../#" title="">
</a>
<span class="divider">/</span>
</li>
<li class="active ">NVD CVE Download Failures</li>
<li id="publishDate" class="pull-right"><span class="divider">|</span> Last Published: 2016-11-05</li>
<li id="projectVersion" class="pull-right">
Version: 1.4.4
</li>
</ul>
</div>
<div class="row-fluid">
<div id="leftColumn" class="span2">
<div class="well sidebar-nav">
<ul class="nav nav-list">
<li class="nav-header">OWASP dependency-check</li>
<li>
<a href="../index.html" title="General">
<span class="icon-chevron-right"></span>
General</a>
</li>
<li>
<a href="../analyzers/index.html" title="File Type Analyzers">
<span class="icon-chevron-right"></span>
File Type Analyzers</a>
</li>
<li>
<a href="../modules.html" title="Modules">
<span class="icon-chevron-right"></span>
Modules</a>
</li>
<li class="nav-header">Project Documentation</li>
<li>
<a href="../project-info.html" title="Project Information">
<span class="icon-chevron-right"></span>
Project Information</a>
</li>
<li>
<a href="../project-reports.html" title="Project Reports">
<span class="icon-chevron-right"></span>
Project Reports</a>
</li>
</ul>
<hr />
<div id="poweredBy">
<script type="text/javascript" src="https://apis.google.com/js/plusone.js"></script>
<div class="g-plusone" data-href="https://github.com/jeremylong/DependencyCheck.git" data-size="tall" ></div>
<div class="clear"></div>
<div class="clear"></div>
<div id="twitter">
<a href="https://twitter.com/ctxt" class="twitter-follow-button" data-show-count="true" data-align="left" data-size="medium" data-show-screen-name="true" data-lang="en">Follow ctxt</a>
<script type="text/javascript">!function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0];if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src="//platform.twitter.com/widgets.js";fjs.parentNode.insertBefore(js,fjs);}}(document,"script","twitter-wjs");</script>
</div>
<div class="clear"></div>
<div class="clear"></div>
<a href="http://maven.apache.org/" title="Maven" class="builtBy">
<img class="builtBy" alt="built with maven" src="http://jeremylong.github.io/DependencyCheck/images/logos/maven-feather.png" />
</a>
<a href="http://www.jetbrains.com/idea/" title="IntelliJ" class="builtBy">
<img class="builtBy" alt="developed using" src="http://jeremylong.github.io/DependencyCheck/images/logos/logo_intellij_idea.png" width="170px" />
</a>
</div>
</div>
</div>
<div id="bodyColumn" class="span10" >
<h1>NVD CVE Download Failures</h1>
<p>In some installations of the JRE (such as OpenJDK on CentOS/RHEL/Amazon Linux) do not have the correct libraries to support EC cryptography. If you run into problems running dependency-check you may need to install Bouncy Castle and configure Java to use the more robust cryptographic provider.</p>
<p>Helpful Links * <a class="externalLink" href="http://stackoverflow.com/a/33521718/1995422">Stackoverflow discussion</a> * <a class="externalLink" href="https://www.bouncycastle.org/java.html">Bouncy Castle</a></p>
</div>
</div>
</div>
<hr/>
<footer>
<div class="container-fluid">
<div class="row-fluid">
<p >Copyright &copy; 2012&#x2013;2016
<a href="http://www.owasp.org">OWASP</a>.
All rights reserved.
</p>
</div>
</div>
</footer>
</body>
</html>

12
data/upgrade.html
View File

@@ -1,13 +1,13 @@
<!DOCTYPE html>
<!--
| Generated by Apache Maven Doxia Site Renderer 1.7.1 at 2016-09-06
| Generated by Apache Maven Doxia Site Renderer 1.7.1 at 2016-11-05
| Rendered using Apache Maven Fluido Skin 1.5
-->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta name="Date-Revision-yyyymmdd" content="20160906" />
<meta name="Date-Revision-yyyymmdd" content="20161105" />
<meta http-equiv="Content-Language" content="en" />
<title>dependency-check &#x2013; Database Upgrades</title>
<link rel="stylesheet" href="../css/apache-maven-fluido-1.5.min.css" />
@@ -59,9 +59,9 @@
<li class="active ">Database Upgrades</li>
<li id="publishDate" class="pull-right"><span class="divider">|</span> Last Published: 2016-09-06</li>
<li id="publishDate" class="pull-right"><span class="divider">|</span> Last Published: 2016-11-05</li>
<li id="projectVersion" class="pull-right">
Version: 1.4.3
Version: 1.4.4
</li>
</ul>
@@ -74,14 +74,14 @@
<ul class="nav nav-list">
<li class="nav-header">OWASP dependency-check</li>
<li>
<a href="../index.html" title="General">
<span class="icon-chevron-right"></span>
General</a>
</li>
<li>
<a href="../analyzers/index.html" title="File Type Analyzers">