From fd4072023ab46ab1f135daf29ba78d51bdf1c28a Mon Sep 17 00:00:00 2001 From: Jeremy Long Date: Mon, 9 Sep 2013 10:01:00 -0400 Subject: [PATCH] updated info Former-commit-id: d06e878e1f6e8d1cb510f0c0ac5ffdea6c13b48d --- README.md | 68 +++++++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 66 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index f8e519e0e..a9fbaecf7 100644 --- a/README.md +++ b/README.md @@ -5,8 +5,70 @@ Dependency-Check is a utility that attempts to detect publicly disclosed vulnera Documentation and links to production binary releases can be found on the [github pages](http://jeremylong.github.io/DependencyCheck/). Additionally, more information about the architecture and ways to extend dependency-check can be found on the [wiki]. -Initial Usage +Current Releases ------------- +### Jenkins Plugin + +For instructions on the use of the Jenkins plugin please see the [Jenkins dependency-check page](http://wiki.jenkins-ci.org/x/CwDgAQ). + +### Command Line + +More detailed instructions can be found on the [dependency-check github pages](https://jeremylong.github.io/DependencyCheck/dependency-check-cli/installation.html). +The latest CLI can be downloaded from bintray's (dependency-check page](https://bintray.com/jeremy-long/owasp/dependency-check). + +On *nix +``` +$ ./bin/dependency-check.sh -h +$ ./bin/dependency-check.sh --app Testing --out . --scan [path to jar files to be scanned] +``` +On Windows +``` +> dependency-check-cli/target/release/bin/dependency-check.bat -h +> dependency-check-cli/target/release/bin/dependency-check.bat --app Testing --out . --scan ./src/test/resources +``` + +### Maven Plugin + +More detailed instructions can be found on the [dependency-check-maven github pages](https://jeremylong.github.io/DependencyCheck/dependency-check-maven/installation.html). +The plugin can be configured using the following: + +```xml + + + + ... + + org.owasp + dependency-check-maven + 1.0.2 + + + + check + + + + + ... + + ... + + ... + +``` + +### Ant Task + +For instructions on the use of the Ant Task, please see the [dependency-check-ant github page](https://jeremylong.github.io/DependencyCheck/dependency-check-maven/installation.html). + +Development Usage +------------- +The following instructions outline how to compile and use the current snapshot. While every intention is to maintain a stable snapshot it is recommended +that the release versions listed above be used. + +Note, currently the install goal may take a long time to execute the integration tests. However, if this takes more then 30 minutes it is likely that the +download of data from the NVD is having an issue. This issue is still being researched and a solution should be published soon. + On *nix ``` $ mvn install @@ -20,7 +82,7 @@ On Windows > dependency-check-cli/target/release/bin/dependency-check.bat --app Testing --out . --scan ./src/test/resources ``` -Then load the resulting 'DependencyCheck-Report.html' into your favorite browser. +Then load the resulting 'DependencyCheck-Report.html' into your favourite browser. Mailing List ------------ @@ -29,6 +91,8 @@ Subscribe: [dependency-check+subscribe@googlegroups.com] [subscribe] Post: [dependency-check@googlegroups.com] [post] +Archive: [google group](https://groups.google.com/forum/#!forum/dependency-check) + Copyright & License -