github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-15 16:23:37 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
gh-pages
DependencyCheck/dependency-check-gradle/index.html
Jeremy Long 615f6e3750 documentation version 1.4.5
2017-01-22 17:22:46 -05:00

291 lines
13 KiB
HTML
Raw Permalink Blame History

<!DOCTYPE html>
<!--
| Generated by Apache Maven Doxia Site Renderer 1.7.1 at 2017-01-22
| Rendered using Apache Maven Fluido Skin 1.5
-->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta name="Date-Revision-yyyymmdd" content="20170122" />
<meta http-equiv="Content-Language" content="en" />
<title>dependency-check &#x2013; Usage</title>
<link rel="stylesheet" href="../css/apache-maven-fluido-1.5.min.css" />
<link rel="stylesheet" href="../css/site.css" />
<link rel="stylesheet" href="../css/print.css" media="print" />
<script type="text/javascript" src="../js/apache-maven-fluido-1.5.min.js"></script>
<style type="text/css">
#bannerLeft { margin-top:-20px;margin-bottom:5px !important }
</style>
</head>
<body class="topBarDisabled">
<a href="https://github.com/jeremylong/DependencyCheck">
<img style="position: absolute; top: 0; right: 0; border: 0; z-index: 10000;"
src="https://s3.amazonaws.com/github/ribbons/forkme_right_gray_6d6d6d.png"
alt="Fork me on GitHub">
</a>
<div class="container-fluid">
<div id="banner">
<div class="pull-left">
<div id="bannerLeft">
<img src="../images/dc.svg" alt="OWASP dependency-check"/>
</div>
</div>
<div class="pull-right"> </div>
<div class="clear"><hr/></div>
</div>
<div id="breadcrumbs">
<ul class="breadcrumb">
<li class="">
<a href="../#" title="">
</a>
<span class="divider">/</span>
</li>
<li class="active ">Usage</li>
<li id="publishDate" class="pull-right"><span class="divider">|</span> Last Published: 2017-01-22</li>
<li id="projectVersion" class="pull-right">
Version: 1.4.5
</li>
</ul>
</div>
<div class="row-fluid">
<div id="leftColumn" class="span2">
<div class="well sidebar-nav">
<ul class="nav nav-list">
<li class="nav-header">OWASP dependency-check</li>
<li>
<a href="../index.html" title="General">
<span class="icon-chevron-right"></span>
General</a>
</li>
<li>
<a href="../analyzers/index.html" title="File Type Analyzers">
<span class="icon-chevron-right"></span>
File Type Analyzers</a>
</li>
<li>
<a href="../modules.html" title="Modules">
<span class="icon-chevron-down"></span>
Modules</a>
<ul class="nav nav-list">
<li>
<a href="../dependency-check-cli/index.html" title="CLI">
<span class="none"></span>
CLI</a>
</li>
<li>
<a href="../dependency-check-ant/index.html" title="Ant Task">
<span class="none"></span>
Ant Task</a>
</li>
<li>
<a href="../dependency-check-maven/index.html" title="Maven Plugin">
<span class="none"></span>
Maven Plugin</a>
</li>
<li class="active">
<a href="#"><span class="icon-chevron-down"></span>Gradle Plugin</a>
<ul class="nav nav-list">
<li>
<a href="../dependency-check-gradle/configuration.html" title="Check Task">
<span class="none"></span>
Check Task</a>
</li>
<li>
<a href="../dependency-check-gradle/configuration-update.html" title="Update Task">
<span class="none"></span>
Update Task</a>
</li>
<li>
<a href="../dependency-check-gradle/configuration-purge.html" title="Purge Task">
<span class="none"></span>
Purge Task</a>
</li>
</ul>
</li>
<li>
<a href="../dependency-check-jenkins/index.html" title="Jenkins Plugin">
<span class="none"></span>
Jenkins Plugin</a>
</li>
<li>
<a href="../dependency-check-core/index.html" title="Core">
<span class="none"></span>
Core</a>
</li>
<li>
<a href="../dependency-check-utils/index.html" title="Utils">
<span class="none"></span>
Utils</a>
</li>
<li>
<a href="../dependency-check-plugin/index.html" title="Archetype">
<span class="none"></span>
Archetype</a>
</li>
</ul>
</li>
<li class="nav-header">Project Documentation</li>
<li>
<a href="../project-info.html" title="Project Information">
<span class="icon-chevron-right"></span>
Project Information</a>
</li>
<li>
<a href="../project-reports.html" title="Project Reports">
<span class="icon-chevron-right"></span>
Project Reports</a>
</li>
</ul>
<hr />
<div id="poweredBy">
<script type="text/javascript" src="https://apis.google.com/js/plusone.js"></script>
<div class="g-plusone" data-href="https://github.com/jeremylong/DependencyCheck.git" data-size="tall" ></div>
<div class="clear"></div>
<div class="clear"></div>
<div id="twitter">
<a href="https://twitter.com/ctxt" class="twitter-follow-button" data-show-count="true" data-align="left" data-size="medium" data-show-screen-name="true" data-lang="en">Follow ctxt</a>
<script type="text/javascript">!function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0];if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src="//platform.twitter.com/widgets.js";fjs.parentNode.insertBefore(js,fjs);}}(document,"script","twitter-wjs");</script>
</div>
<div class="clear"></div>
<div class="clear"></div>
<a href="http://maven.apache.org/" title="Maven" class="builtBy">
<img class="builtBy" alt="built with maven" src="http://jeremylong.github.io/DependencyCheck/images/logos/maven-feather.png" />
</a>
<a href="http://www.jetbrains.com/idea/" title="IntelliJ" class="builtBy">
<img class="builtBy" alt="developed using" src="http://jeremylong.github.io/DependencyCheck/images/logos/logo_intellij_idea.png" width="170px" />
</a>
</div>
</div>
</div>
<div id="bodyColumn" class="span10" >
<h1>Usage</h1>
<p>The OWASP dependency-check-gradle plugin provides monitoring of the projects dependent libraries; creating a report of known vulnerable components that are included in the build.</p>
<p>It is important to understand that the first time this task is executed it may take 5-20 minutes as it downloads and processes the data from the National Vulnerability Database (NVD) hosted by NIST: <a class="externalLink" href="https://nvd.nist.gov">https://nvd.nist.gov</a></p>
<p>After the first batch download, as long as the plugin is executed at least once every seven days the update will only take a few seconds.</p>
<div class="section">
<h2><a name="Quick_Start"></a>Quick Start</h2>
<div class="section">
<h3><a name="Step_1_Apply_dependency-check-gradle_plugin"></a>Step 1, Apply dependency-check-gradle plugin</h3>
<p>Install from Maven central repo</p>
<div class="source">
<div class="source"><pre class="prettyprint linenums">buildscript {
repositories {
mavenCentral()
}
dependencies {
classpath 'org.owasp:dependency-check-gradle:1.4.5'
}
}
apply plugin: 'org.owasp.dependencycheck'
</pre></div></div></div>
<div class="section">
<h3><a name="Step_2_Run_the_dependencyCheck_task"></a>Step 2, Run the dependencyCheck task</h3>
<p>Once the dependency-check plugin is applied, if the <a class="externalLink" href="https://docs.gradle.org/current/userguide/java_plugin.html">Java plugin</a> is being used dependency-check will automatically be added to the <tt>check</tt> task. Alternatively, you can run dependency-check directly:</p>
<div class="source">
<div class="source"><pre class="prettyprint linenums">gradle dependencyCheck --info
</pre></div></div>
<p>The reports will be generated automatically under <tt>build/reports</tt> folder.</p></div></div>
<div class="section">
<h2><a name="Task_Configuration"></a>Task Configuration</h2>
<p>The OWASP dependency-check-gradle plugin contains three tasks: <a href="configuration.html">dependencyCheck</a>, <a href="configuration-update.html">dependencyCheckUpdate</a>, and <a href="configuration-purge.html">dependencyCheckPurge</a>. Please see each tasks configuration page for more information.</p></div>
<div class="section">
<h2><a name="Mailing_List"></a>Mailing List</h2>
<p>Subscribe: <a class="externalLink" href="mailto:dependency-check+subscribe@googlegroups.com">dependency-check+subscribe@googlegroups.com</a></p>
<p>Post: <a class="externalLink" href="mailto:dependency-check@googlegroups.com">dependency-check@googlegroups.com</a></p></div>
<div class="section">
<h2><a name="License"></a>License</h2>
<p>Permission to modify and redistribute is granted under the terms of the Apache 2.0 license. See the <a class="externalLink" href="https://github.com/jeremylong/DependencyCheck/blob/master/dependency-check-gradle/LICENSE.txt">LICENSE.txt</a> file for the full license.</p>
<p>Dependency-Check makes use of several other open source libraries. Please see the <a class="externalLink" href="https://github.com/jeremylong/DependencyCheck/blob/master/dependency-check-gradle/NOTICE.txt">NOTICE.txt</a> file for more information.</p></div>
</div>
</div>
</div>
<hr/>
<footer>
<div class="container-fluid">
<div class="row-fluid">
<p >Copyright &copy; 2012&#x2013;2017
<a href="http://www.owasp.org">OWASP</a>.
All rights reserved.
</p>
</div>
</div>
</footer>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink