github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-05-10 09:00:17 +02:00
Code Issues Packages Projects Releases Wiki Activity

documentation v1.3.2

Browse Source
This commit is contained in:
Jeremy Long
2015-11-29 07:44:14 -05:00
parent 191c5fae56
commit a426de69cd
1220 changed files with 51071 additions and 40455 deletions
Download Patch File Download Diff File Expand all files Collapse all files

236
dependency-check-gradle/index.html
View File

@@ -1,21 +1,21 @@
<!DOCTYPE html>
<!--
| Generated by Apache Maven Doxia at 2015-09-20
| Generated by Apache Maven Doxia at 2015-11-28
| Rendered using Apache Maven Fluido Skin 1.4
-->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta name="Date-Revision-yyyymmdd" content="20150920" />
<meta name="Date-Revision-yyyymmdd" content="20151128" />
<meta http-equiv="Content-Language" content="en" />
<title>dependency-check-gradle &#x2013; Dependency-Check Gradle Plugin</title>
<link rel="stylesheet" href="./css/apache-maven-fluido-1.4.min.css" />
<link rel="stylesheet" href="./css/site.css" />
<link rel="stylesheet" href="./css/print.css" media="print" />
<title>dependency-check &#x2013; Usage</title>
<link rel="stylesheet" href="../css/apache-maven-fluido-1.4.min.css" />
<link rel="stylesheet" href="../css/site.css" />
<link rel="stylesheet" href="../css/print.css" media="print" />
<script type="text/javascript" src="./js/apache-maven-fluido-1.4.min.js"></script>
<script type="text/javascript" src="../js/apache-maven-fluido-1.4.min.js"></script>
@@ -42,7 +42,7 @@
<div id="banner">
<div class="pull-left">
<div id="bannerLeft">
<img src="images/dc-gradle.svg" alt="OWASP dependency-check-gradle"/>
<img src="../images/dc.svg" alt="OWASP dependency-check"/>
</div>
</div>
<div class="pull-right"> </div>
@@ -54,22 +54,17 @@
<li class="">
<a href="../../../../../target/site/1.3.1/#" title="">
<a href="../#" title="">
</a>
<span class="divider">/</span>
</li>
<li class="">
<a href="../index.html" title="dependency-check">
dependency-check</a>
<span class="divider">/</span>
</li>
<li class="active ">Dependency-Check Gradle Plugin</li>
<li class="active ">Usage</li>
<li id="publishDate" class="pull-right"><span class="divider">|</span> Last Published: 2015-09-20</li>
<li id="publishDate" class="pull-right"><span class="divider">|</span> Last Published: 2015-11-28</li>
<li id="projectVersion" class="pull-right">
Version: 0.0.6
Version: 1.3.2
</li>
</ul>
@@ -82,18 +77,177 @@
<ul class="nav nav-list">
<li class="nav-header">Project Documentation</li>
<li class="nav-header">OWASP dependency-check</li>
<li>
<a href="project-info.html" title="Project Information">
<a href="../index.html" title="General">
<span class="icon-chevron-down"></span>
General</a>
<ul class="nav nav-list">
<li>
<a href="../general/internals.html" title="How it Works">
<span class="none"></span>
How it Works</a>
</li>
<li>
<a href="../general/thereport.html" title="Reading the Report">
<span class="none"></span>
Reading the Report</a>
</li>
<li>
<a href="../general/suppression.html" title="False Positives">
<span class="none"></span>
False Positives</a>
</li>
<li>
<a href="../data/index.html" title="Internet Access Required">
<span class="icon-chevron-right"></span>
Internet Access Required</a>
</li>
<li>
<a href="../related.html" title="Related Work">
<span class="none"></span>
Related Work</a>
</li>
<li>
<a href="../general/dependency-check.pptx" title="Project Presentation (pptx)">
<span class="none"></span>
Project Presentation (pptx)</a>
</li>
<li>
<a href="../general/dependency-check.pdf" title="Project Presentation (pdf)">
<span class="none"></span>
Project Presentation (pdf)</a>
</li>
<li>
<a href="../general/SampleReport.html" title="Sample Report">
<span class="none"></span>
Sample Report</a>
</li>
<li>
<a href="../general/scan_iso.html" title="How to Scan an ISO Image">
<span class="none"></span>
How to Scan an ISO Image</a>
</li>
</ul>
</li>
<li>
<a href="../analyzers/index.html" title="File Type Analyzers">
<span class="icon-chevron-right"></span>
File Type Analyzers</a>
</li>
<li>
<a href="../modules.html" title="Modules">
<span class="icon-chevron-down"></span>
Modules</a>
<ul class="nav nav-list">
<li>
<a href="../dependency-check-cli/index.html" title="CLI">
<span class="none"></span>
CLI</a>
</li>
<li>
<a href="../dependency-check-ant/index.html" title="Ant Task">
<span class="none"></span>
Ant Task</a>
</li>
<li>
<a href="../dependency-check-maven/index.html" title="Maven Plugin">
<span class="none"></span>
Maven Plugin</a>
</li>
<li class="active">
<a href="#"><span class="icon-chevron-down"></span>Gradle Plugin</a>
<ul class="nav nav-list">
<li>
<a href="../dependency-check-gradle/configuration.html" title="dependencyCheck">
<span class="none"></span>
dependencyCheck</a>
</li>
<li>
<a href="../dependency-check-gradle/configuration-update.html" title="dependencyCheckUpdate">
<span class="none"></span>
dependencyCheckUpdate</a>
</li>
<li>
<a href="../dependency-check-gradle/configuration-purge.html" title="dependencyCheckPurge">
<span class="none"></span>
dependencyCheckPurge</a>
</li>
</ul>
</li>
<li>
<a href="../dependency-check-jenkins/index.html" title="Jenkins Plugin">
<span class="none"></span>
Jenkins Plugin</a>
</li>
<li>
<a href="../dependency-check-core/index.html" title="Core">
<span class="none"></span>
Core</a>
</li>
<li>
<a href="../dependency-check-utils/index.html" title="Utils">
<span class="none"></span>
Utils</a>
</li>
</ul>
</li>
<li class="nav-header">Project Documentation</li>
<li>
<a href="../project-info.html" title="Project Information">
<span class="icon-chevron-right"></span>
Project Information</a>
</li>
<li>
<a href="project-reports.html" title="Project Reports">
<a href="../project-reports.html" title="Project Reports">
<span class="icon-chevron-right"></span>
Project Reports</a>
</li>
@@ -108,7 +262,7 @@
<script type="text/javascript" src="https://apis.google.com/js/plusone.js"></script>
<div class="g-plusone" data-href="http://maven.apache.org" data-size="tall" ></div>
<div class="g-plusone" data-href="https://github.com/jeremylong/DependencyCheck.git" data-size="tall" ></div>
<div class="clear"></div>
<div class="clear"></div>
@@ -123,7 +277,7 @@
</div>
<div class="clear"></div>
<div class="clear"></div>
<a href="./" title="Maven" class="builtBy">
<a href="http://maven.apache.org/" title="Maven" class="builtBy">
<img class="builtBy" alt="built with maven" src="http://jeremylong.github.io/DependencyCheck/images/logos/maven-feather.png" />
</a>
<a href="http://www.jetbrains.com/idea/" title="IntelliJ" class="builtBy">
@@ -139,9 +293,35 @@
<div id="bodyColumn" class="span10" >
<h1>Dependency-Check Gradle Plugin</h1>
<p>Dependency-Check is a utility that identifies project dependencies and checks if there are any known, publicly disclosed, vulnerabilities. This tool can be part of the solution to the OWASP Top 10 2013: A9 - Using Components with Known Vulnerabilities.</p>
<p>The Gradle Plugin is still a work in progress. The core dependency-check functionality works; however, the configuration options available in the other plugins still need to be completed. For more information about the plugin, including usage, please see the github repo&#x2019;s <a class="externalLink" href="https://github.com/jeremylong/DependencyCheck/blob/master/dependency-check-gradle/README.md">readme</a>.</p>
<h1>Usage</h1>
<p>The OWASP dependency-check-gradle plugin provides monitoring of the projects dependent libraries; creating a report of known vulnerable components that are included in the build.</p>
<p>It is important to understand that the first time this task is executed it may take 5-20 minutes as it downloads and processes the data from the National Vulnerability Database (NVD) hosted by NIST: <a class="externalLink" href="https://nvd.nist.gov">https://nvd.nist.gov</a></p>
<p>After the first batch download, as long as the plugin is executed at least once every seven days the update will only take a few seconds.</p>
<div class="section">
<div class="section">
<h3><a name="Step_1_Apply_dependency-check-gradle_plugin"></a>Step 1, Apply dependency-check-gradle plugin</h3>
<p>Install from Maven central repo</p>
<div class="source">
<div class="source"><pre class="prettyprint linenums">buildscript {
repositories {
mavenCentral()
}
dependencies {
classpath 'org.owasp:dependency-check-gradle:1.3.2'
}
}
apply plugin: 'dependencyCheck'
</pre></div></div></div>
<div class="section">
<h3><a name="Step_2_Run_the_dependencyCheck_task"></a>Step 2, Run the dependencyCheck task</h3>
<p>Once gradle plugin applied, run following gradle task to check dependencies:</p>
<div class="source">
<div class="source"><pre class="prettyprint linenums">gradle dependencyCheck --info
</pre></div></div>
<p>The reports will be generated automatically under <tt>buildDir/reports</tt> folder.</p></div></div>
<div class="section">
<h2><a name="Mailing_List"></a>Mailing List</h2>
<p>Subscribe: <a class="externalLink" href="mailto:dependency-check+subscribe@googlegroups.com">dependency-check+subscribe@googlegroups.com</a></p>
@@ -159,7 +339,7 @@
<footer>
<div class="container-fluid">
<div class="row-fluid">
<p >Copyright &copy; 2015
<p >Copyright &copy; 2012&#x2013;2015
<a href="http://www.owasp.org">OWASP</a>.
All rights reserved.