github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-03-21 16:49:43 +01:00
Code Issues Packages Projects Releases Wiki Activity

performance enhancement for nvd cve import.

Browse Source 
Former-commit-id: e4e31424d682904da3f5369ea3e2192ac127a842
This commit is contained in:
Jeremy Long
2012-10-30 21:13:47 -04:00
parent 33b8da888b
commit d36398b608
10 changed files with 174 additions and 173 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
README.txt
View File

@@ -7,16 +7,11 @@ If found, it will generate a report linking to the associated CVE entries.
Usage:
$ mvn package
$ cd target
$ java -jar DependencyCheck-0.2.0.jar -h
$ java -jar DependencyCheck-0.2.0.jar -a Testing -out . -scan ./test-classes/org.mortbay.jetty.jar -scan ./test-classes/struts2-core-2.1.2.jar -scan ./lib
$ java -jar DependencyCheck-0.2.1.jar -h
$ java -jar DependencyCheck-0.2.1.jar -a Testing -out . -scan ./test-classes/org.mortbay.jetty.jar -scan ./test-classes/struts2-core-2.1.2.jar -scan ./lib
Then load the resulting 'Testing.html' into your favorite browser.
Important note - DependencyCheck should be run to analyze a project at least once every week.
The reason for this is that it downloads data from the National Vulnerability Database hosted
by NIST. If more then a week goes by without DependencyCheck updating the data, a full update
can take an 90 minutes or more (a lot of data needs to be downloaded and processed).
Author: Jeremy Long (jeremy.long@gmail.com)
Copyright (c) 2012 Jeremy Long. All Rights Reserved.