About
====================
OWASP dependency-check-ant is an Ant Task that uses dependency-check-core to detect publicly
disclosed vulnerabilities associated with the project's dependencies. The task will
generate a report listing the dependency, any identified Common Platform Enumeration (CPE)
identifiers, and the associated Common Vulnerability and Exposure (CVE) entries.

Installation
====================
Download dependency-check-ant from [bintray here](http://dl.bintray.com/jeremy-long/owasp/dependency-check-ant-${project.version}.jar).
To install dependency-check-ant place the dependency-check-ant-${project.version}.jar into
the lib directory of your Ant instalation directory. Once installed you can add
the taskdef to you build.xml and add the task to a new or existing target:

```xml
<taskdef name="dependency-check" classname="org.owasp.dependencycheck.taskdefs.DependencyCheckTask"/>
```

If you do not want to install dependency-check-ant into your ant's lib directory when you define the task def you
must add the classpath to the taskdef:

```xml
<taskdef name="dependency-check" classname="org.owasp.dependencycheck.taskdefs.DependencyCheckTask">
    <classpath path="[path]/[to]/dependency-check-ant-${project.version}.jar"/>
</taskdef>
```

It is important to understand that the first time this task is executed it may
take 10 minutes or more as it downloads and processes the data from the National
Vulnerability Database (NVD) hosted by NIST: https://nvd.nist.gov

After the first batch download, as long as the task is executed at least once every
seven days the update will only take a few seconds.