From ccb03f2763e1ee7964842f2f9398576665bd359f Mon Sep 17 00:00:00 2001
From: Anthony Whitford <anthony@whitford.com>
Date: Wed, 21 Oct 2015 23:25:18 -0700
Subject: [PATCH] Added cveValidForHours parameter that can suppress redundant
 and repetitive checks for NVD CVE changes.

---
 .../dependencycheck/maven/BaseDependencyCheckMojo.java    | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java b/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java
index 1f67556cb..b5e05bd13 100644
--- a/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java
+++ b/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java
@@ -289,6 +289,11 @@ public abstract class BaseDependencyCheckMojo extends AbstractMojo implements Ma
      */
     @Parameter(property = "cveUrl20Base", defaultValue = "", required = false)
     private String cveUrl20Base;
+    /**
+     * Optionally skip excessive CVE update checks for a designated duration in hours.
+     */
+    @Parameter(property = "cveValidForHours", defaultValue = "", required = false)
+    private String cveValidForHours;
 
     /**
      * The path to mono for .NET Assembly analysis on non-windows systems.
@@ -678,6 +683,9 @@ public abstract class BaseDependencyCheckMojo extends AbstractMojo implements Ma
         if (cveUrl20Base != null && !cveUrl20Base.isEmpty()) {
             Settings.setString(Settings.KEYS.CVE_SCHEMA_2_0, cveUrl20Base);
         }
+        if (cveValidForHours != null && !cveValidForHours.isEmpty()) {
+            Settings.setString(Settings.KEYS.CVE_CHECK_VALID_FOR_HOURS, cveValidForHours);
+        }
     }
 
     /**