github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-15 16:23:37 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
694c3988f19e3d27bd3bfb1a09ca3c67d47c0607
DependencyCheck/dependency-check-maven/aggregate-mojo.html
Jeremy Long 694c3988f1 documentation version 1.3.6
2016-04-10 07:17:05 -04:00

1420 lines
42 KiB
HTML
Raw Blame History

<!DOCTYPE html>
<!--
| Generated by Apache Maven Doxia Site Renderer 1.7 at 2016-04-09
| Rendered using Apache Maven Fluido Skin 1.5
-->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta name="Date-Revision-yyyymmdd" content="20160409" />
<meta http-equiv="Content-Language" content="en" />
<title>dependency-check-maven &#x2013; dependency-check:aggregate</title>
<link rel="stylesheet" href="./css/apache-maven-fluido-1.5.min.css" />
<link rel="stylesheet" href="./css/site.css" />
<link rel="stylesheet" href="./css/print.css" media="print" />
<script type="text/javascript" src="./js/apache-maven-fluido-1.5.min.js"></script>
<style type="text/css">
#bannerLeft { margin-top:-20px;margin-bottom:5px !important }
</style>
</head>
<body class="topBarDisabled">
<a href="https://github.com/jeremylong/DependencyCheck">
<img style="position: absolute; top: 0; right: 0; border: 0; z-index: 10000;"
src="https://s3.amazonaws.com/github/ribbons/forkme_right_gray_6d6d6d.png"
alt="Fork me on GitHub">
</a>
<div class="container-fluid">
<div id="banner">
<div class="pull-left">
<div id="bannerLeft">
<img src="images/dc-maven.svg" alt="OWASP dependency-check-maven"/>
</div>
</div>
<div class="pull-right"> </div>
<div class="clear"><hr/></div>
</div>
<div id="breadcrumbs">
<ul class="breadcrumb">
<li class="">
<a href="../../../../../../target/site/1.3.6/#" title="">
</a>
<span class="divider">/</span>
</li>
<li class="">
<a href="../index.html" title="dependency-check">
dependency-check</a>
<span class="divider">/</span>
</li>
<li class="active ">dependency-check:aggregate</li>
<li id="publishDate" class="pull-right"><span class="divider">|</span> Last Published: 2016-04-09</li>
<li id="projectVersion" class="pull-right">
Version: 1.3.6
</li>
</ul>
</div>
<div class="row-fluid">
<div id="leftColumn" class="span2">
<div class="well sidebar-nav">
<ul class="nav nav-list">
<li class="nav-header">Getting Started</li>
<li>
<a href="index.html" title="Usage">
<span class="none"></span>
Usage</a>
</li>
<li>
<a href="configuration.html" title="Configuration">
<span class="none"></span>
Configuration</a>
</li>
<li class="nav-header">Project Documentation</li>
<li>
<a href="project-info.html" title="Project Information">
<span class="icon-chevron-right"></span>
Project Information</a>
</li>
<li>
<a href="project-reports.html" title="Project Reports">
<span class="icon-chevron-right"></span>
Project Reports</a>
</li>
</ul>
<hr />
<div id="poweredBy">
<script type="text/javascript" src="https://apis.google.com/js/plusone.js"></script>
<div class="g-plusone" data-href="https://github.com/jeremylong/DependencyCheck.git/dependency-check-maven" data-size="tall" ></div>
<div class="clear"></div>
<div class="clear"></div>
<div id="twitter">
<a href="https://twitter.com/ctxt" class="twitter-follow-button" data-show-count="true" data-align="left" data-size="medium" data-show-screen-name="true" data-lang="en">Follow ctxt</a>
<script type="text/javascript">!function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0];if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src="//platform.twitter.com/widgets.js";fjs.parentNode.insertBefore(js,fjs);}}(document,"script","twitter-wjs");</script>
</div>
<div class="clear"></div>
<div class="clear"></div>
<a href="http://maven.apache.org/" title="Maven" class="builtBy">
<img class="builtBy" alt="built with maven" src="http://jeremylong.github.io/DependencyCheck/images/logos/maven-feather.png" />
</a>
<a href="http://www.jetbrains.com/idea/" title="IntelliJ" class="builtBy">
<img class="builtBy" alt="developed using" src="http://jeremylong.github.io/DependencyCheck/images/logos/logo_intellij_idea.png" width="170px" />
</a>
<a href="http://www.cloudbees.com/" title="Cloudbees" class="builtBy">
<img class="builtBy" alt="built on cloudbees" src="http://jeremylong.github.io/DependencyCheck/images/logos/Button-Built-on-CB-1.png" />
</a>
</div>
</div>
</div>
<div id="bodyColumn" class="span10" >
<div class="section">
<h2><a name="dependency-check:aggregate"></a>dependency-check:aggregate</h2>
<p><b>Note</b>:This goal should be used as a Maven report.</p>
<p><b>Full name</b>:</p>
<p>org.owasp:dependency-check-maven:1.3.6:aggregate</p>
<p><b>Description</b>:</p>
<div>Maven Plugin that checks project dependencies and the dependencies
of all child modules to see if they have any known published
vulnerabilities.</div>
<p><b>Attributes</b>:</p>
<ul>
<li>Requires a Maven project to be executed.</li>
<li>Requires dependency resolution of artifacts in scope: <tt>compile+runtime</tt>.</li>
<li>Binds by default to the <a class="externalLink" href="http://maven.apache.org/ref/current/maven-core/lifecycles.html">lifecycle phase</a>: <tt>verify</tt>.</li>
<li>Requires that Maven runs in online mode.</li>
</ul>
<div class="section">
<h3><a name="Required_Parameters"></a>Required Parameters</h3>
<table class="table table-striped" border="0">
<tr class="a">
<th>Name</th>
<th>Type</th>
<th>Since</th>
<th>Description</th>
</tr>
<tr class="b">
<td><b><a href="#dataFileName">dataFileName</a></b></td>
<td><tt>String</tt></td>
<td><tt>-</tt></td>
<td>Sets whether or not the external report format should be used.<br /><b>Default value is</b>: <tt>dependency-check.ser</tt>.<br /><b>User property is</b>: <tt>metaFileName</tt>.</td>
</tr>
<tr class="a">
<td><b><a href="#failBuildOnCVSS">failBuildOnCVSS</a></b></td>
<td><tt>float</tt></td>
<td><tt>-</tt></td>
<td>Specifies if the build should be failed if a CVSS score above a
specified level is identified. The default is 11 which means since
the CVSS scores are 0-10, by default the build will never fail.<br /><b>Default value is</b>: <tt>11</tt>.<br /><b>User property is</b>: <tt>failBuildOnCVSS</tt>.</td>
</tr>
<tr class="b">
<td><b><a href="#format">format</a></b></td>
<td><tt>String</tt></td>
<td><tt>-</tt></td>
<td>The report format to be generated (HTML, XML, VULN, ALL). This
configuration option has no affect if using this within the Site
plug-in unless the externalReport is set to true. Default is HTML.<br /><b>Default value is</b>: <tt>HTML</tt>.<br /><b>User property is</b>: <tt>format</tt>.</td>
</tr>
<tr class="a">
<td><b><a href="#name">name</a></b></td>
<td><tt>String</tt></td>
<td><tt>-</tt></td>
<td>The name of the report in the site.<br /><b>Default value is</b>: <tt>dependency-check:aggregate</tt>.<br /><b>User property is</b>: <tt>name</tt>.</td>
</tr>
<tr class="b">
<td><b><a href="#outputDirectory">outputDirectory</a></b></td>
<td><tt>File</tt></td>
<td><tt>-</tt></td>
<td>The output directory. This generally maps to &quot;target&quot;.<br /><b>Default value is</b>: <tt>${project.build.directory}</tt>.<br /></td>
</tr>
<tr class="a">
<td><b><a href="#reportOutputDirectory">reportOutputDirectory</a></b></td>
<td><tt>File</tt></td>
<td><tt>-</tt></td>
<td>Specifies the destination directory for the generated
Dependency-Check report. This generally maps to &quot;target/site&quot;.<br /><b>User property is</b>: <tt>project.reporting.outputDirectory</tt>.</td>
</tr>
</table>
</div>
<div class="section">
<h3><a name="Optional_Parameters"></a>Optional Parameters</h3>
<table class="table table-striped" border="0">
<tr class="a">
<th>Name</th>
<th>Type</th>
<th>Since</th>
<th>Description</th>
</tr>
<tr class="b">
<td><b><a href="#aggregate">aggregate</a></b></td>
<td><tt>Boolean</tt></td>
<td><tt>-</tt></td>
<td><b>Deprecated.</b> use the aggregate goal instead<br /><b>User property is</b>: <tt>aggregate</tt>.</td>
</tr>
<tr class="a">
<td><b><a href="#archiveAnalyzerEnabled">archiveAnalyzerEnabled</a></b></td>
<td><tt>Boolean</tt></td>
<td><tt>-</tt></td>
<td>Whether or not the Archive Analyzer is enabled.<br /><b>User property is</b>: <tt>archiveAnalyzerEnabled</tt>.</td>
</tr>
<tr class="b">
<td><b><a href="#assemblyAnalyzerEnabled">assemblyAnalyzerEnabled</a></b></td>
<td><tt>Boolean</tt></td>
<td><tt>-</tt></td>
<td>Whether or not the .NET Assembly Analyzer is enabled.<br /><b>User property is</b>: <tt>assemblyAnalyzerEnabled</tt>.</td>
</tr>
<tr class="a">
<td><b><a href="#autoUpdate">autoUpdate</a></b></td>
<td><tt>Boolean</tt></td>
<td><tt>-</tt></td>
<td>Sets whether auto-updating of the NVD CVE/CPE data is enabled. It
is not recommended that this be turned to false. Default is true.<br /><b>User property is</b>: <tt>autoUpdate</tt>.</td>
</tr>
<tr class="b">
<td><b><a href="#autoconfAnalyzerEnabled">autoconfAnalyzerEnabled</a></b></td>
<td><tt>Boolean</tt></td>
<td><tt>-</tt></td>
<td>Sets whether or not the autoconf Analyzer should be used.<br /><b>User property is</b>: <tt>autoconfAnalyzerEnabled</tt>.</td>
</tr>
<tr class="a">
<td><b><a href="#centralAnalyzerEnabled">centralAnalyzerEnabled</a></b></td>
<td><tt>Boolean</tt></td>
<td><tt>-</tt></td>
<td>Whether or not the Central Analyzer is enabled.<br /><b>User property is</b>: <tt>centralAnalyzerEnabled</tt>.</td>
</tr>
<tr class="b">
<td><b><a href="#cmakeAnalyzerEnabled">cmakeAnalyzerEnabled</a></b></td>
<td><tt>Boolean</tt></td>
<td><tt>-</tt></td>
<td>Sets whether or not the CMake Analyzer should be used.<br /><b>User property is</b>: <tt>cmakeAnalyzerEnabled</tt>.</td>
</tr>
<tr class="a">
<td><b><a href="#composerAnalyzerEnabled">composerAnalyzerEnabled</a></b></td>
<td><tt>Boolean</tt></td>
<td><tt>-</tt></td>
<td>Sets whether or not the PHP Composer Lock File Analyzer should be
used.<br /><b>User property is</b>: <tt>composerAnalyzerEnabled</tt>.</td>
</tr>
<tr class="b">
<td><b><a href="#connectionString">connectionString</a></b></td>
<td><tt>String</tt></td>
<td><tt>-</tt></td>
<td>The database connection string.<br /><b>User property is</b>: <tt>connectionString</tt>.</td>
</tr>
<tr class="a">
<td><b><a href="#connectionTimeout">connectionTimeout</a></b></td>
<td><tt>String</tt></td>
<td><tt>-</tt></td>
<td>The Connection Timeout.<br /><b>User property is</b>: <tt>connectionTimeout</tt>.</td>
</tr>
<tr class="b">
<td><b><a href="#cveUrl12Base">cveUrl12Base</a></b></td>
<td><tt>String</tt></td>
<td><tt>-</tt></td>
<td>Base Data Mirror URL for CVE 1.2.<br /><b>User property is</b>: <tt>cveUrl12Base</tt>.</td>
</tr>
<tr class="a">
<td><b><a href="#cveUrl12Modified">cveUrl12Modified</a></b></td>
<td><tt>String</tt></td>
<td><tt>-</tt></td>
<td>Data Mirror URL for CVE 1.2.<br /><b>User property is</b>: <tt>cveUrl12Modified</tt>.</td>
</tr>
<tr class="b">
<td><b><a href="#cveUrl20Base">cveUrl20Base</a></b></td>
<td><tt>String</tt></td>
<td><tt>-</tt></td>
<td>Data Mirror URL for CVE 2.0.<br /><b>User property is</b>: <tt>cveUrl20Base</tt>.</td>
</tr>
<tr class="a">
<td><b><a href="#cveUrl20Modified">cveUrl20Modified</a></b></td>
<td><tt>String</tt></td>
<td><tt>-</tt></td>
<td>Data Mirror URL for CVE 2.0.<br /><b>User property is</b>: <tt>cveUrl20Modified</tt>.</td>
</tr>
<tr class="b">
<td><b><a href="#cveValidForHours">cveValidForHours</a></b></td>
<td><tt>Integer</tt></td>
<td><tt>-</tt></td>
<td>Optionally skip excessive CVE update checks for a designated
duration in hours.<br /><b>User property is</b>: <tt>cveValidForHours</tt>.</td>
</tr>
<tr class="a">
<td><b><a href="#dataDirectory">dataDirectory</a></b></td>
<td><tt>String</tt></td>
<td><tt>-</tt></td>
<td>The data directory, hold DC SQL DB.<br /><b>User property is</b>: <tt>dataDirectory</tt>.</td>
</tr>
<tr class="b">
<td><b><a href="#databaseDriverName">databaseDriverName</a></b></td>
<td><tt>String</tt></td>
<td><tt>-</tt></td>
<td>The database driver name. An example would be org.h2.Driver.<br /><b>User property is</b>: <tt>databaseDriverName</tt>.</td>
</tr>
<tr class="a">
<td><b><a href="#databaseDriverPath">databaseDriverPath</a></b></td>
<td><tt>String</tt></td>
<td><tt>-</tt></td>
<td>The path to the database driver if it is not on the class path.<br /><b>User property is</b>: <tt>databaseDriverPath</tt>.</td>
</tr>
<tr class="b">
<td><b><a href="#databasePassword">databasePassword</a></b></td>
<td><tt>String</tt></td>
<td><tt>-</tt></td>
<td>The password to use when connecting to the database.<br /><b>User property is</b>: <tt>databasePassword</tt>.</td>
</tr>
<tr class="a">
<td><b><a href="#databaseUser">databaseUser</a></b></td>
<td><tt>String</tt></td>
<td><tt>-</tt></td>
<td>The database user name.<br /><b>User property is</b>: <tt>databaseUser</tt>.</td>
</tr>
<tr class="b">
<td><b><a href="#externalReport">externalReport</a></b></td>
<td><tt>String</tt></td>
<td><tt>-</tt></td>
<td><b>Deprecated.</b> the internal report is no longer supported<br /><b>User property is</b>: <tt>externalReport</tt>.</td>
</tr>
<tr class="a">
<td><b><a href="#jarAnalyzerEnabled">jarAnalyzerEnabled</a></b></td>
<td><tt>Boolean</tt></td>
<td><tt>-</tt></td>
<td>Whether or not the Jar Analyzer is enabled.<br /><b>User property is</b>: <tt>jarAnalyzerEnabled</tt>.</td>
</tr>
<tr class="b">
<td><b><a href="#mavenSettings">mavenSettings</a></b></td>
<td><tt>Settings</tt></td>
<td><tt>-</tt></td>
<td>The Maven settings.<br /><b>Default value is</b>: <tt>${settings}</tt>.<br /><b>User property is</b>: <tt>mavenSettings</tt>.</td>
</tr>
<tr class="a">
<td><b><a href="#mavenSettingsProxyId">mavenSettingsProxyId</a></b></td>
<td><tt>String</tt></td>
<td><tt>-</tt></td>
<td>The maven settings proxy id.<br /><b>User property is</b>: <tt>mavenSettingsProxyId</tt>.</td>
</tr>
<tr class="b">
<td><b><a href="#nexusAnalyzerEnabled">nexusAnalyzerEnabled</a></b></td>
<td><tt>Boolean</tt></td>
<td><tt>-</tt></td>
<td>Whether or not the Nexus Analyzer is enabled.<br /><b>User property is</b>: <tt>nexusAnalyzerEnabled</tt>.</td>
</tr>
<tr class="a">
<td><b><a href="#nexusUrl">nexusUrl</a></b></td>
<td><tt>String</tt></td>
<td><tt>-</tt></td>
<td>The URL of a Nexus server's REST API end point
(http://domain/nexus/service/local).<br /><b>User property is</b>: <tt>nexusUrl</tt>.</td>
</tr>
<tr class="b">
<td><b><a href="#nexusUsesProxy">nexusUsesProxy</a></b></td>
<td><tt>Boolean</tt></td>
<td><tt>-</tt></td>
<td>Whether or not the configured proxy is used to connect to Nexus.<br /><b>User property is</b>: <tt>nexusUsesProxy</tt>.</td>
</tr>
<tr class="a">
<td><b><a href="#nodeAnalyzerEnabled">nodeAnalyzerEnabled</a></b></td>
<td><tt>Boolean</tt></td>
<td><tt>-</tt></td>
<td>Sets whether or not the Node.js Analyzer should be used.<br /><b>User property is</b>: <tt>nodeAnalyzerEnabled</tt>.</td>
</tr>
<tr class="b">
<td><b><a href="#nuspecAnalyzerEnabled">nuspecAnalyzerEnabled</a></b></td>
<td><tt>Boolean</tt></td>
<td><tt>-</tt></td>
<td>Whether or not the .NET Nuspec Analyzer is enabled.<br /><b>User property is</b>: <tt>nuspecAnalyzerEnabled</tt>.</td>
</tr>
<tr class="a">
<td><b><a href="#opensslAnalyzerEnabled">opensslAnalyzerEnabled</a></b></td>
<td><tt>Boolean</tt></td>
<td><tt>-</tt></td>
<td>Sets whether or not the openssl Analyzer should be used.<br /><b>User property is</b>: <tt>opensslAnalyzerEnabled</tt>.</td>
</tr>
<tr class="b">
<td><b><a href="#pathToMono">pathToMono</a></b></td>
<td><tt>String</tt></td>
<td><tt>-</tt></td>
<td>The path to mono for .NET Assembly analysis on non-windows systems.<br /><b>User property is</b>: <tt>pathToMono</tt>.</td>
</tr>
<tr class="a">
<td><b><a href="#proxyUrl">proxyUrl</a></b></td>
<td><tt>String</tt></td>
<td><tt>-</tt></td>
<td><b>Deprecated.</b> Please use mavenSettings instead<br /><b>User property is</b>: <tt>proxyUrl</tt>.</td>
</tr>
<tr class="b">
<td><b><a href="#pyDistributionAnalyzerEnabled">pyDistributionAnalyzerEnabled</a></b></td>
<td><tt>Boolean</tt></td>
<td><tt>-</tt></td>
<td>Sets whether the Python Distribution Analyzer will be used.<br /><b>User property is</b>: <tt>pyDistributionAnalyzerEnabled</tt>.</td>
</tr>
<tr class="a">
<td><b><a href="#pyPackageAnalyzerEnabled">pyPackageAnalyzerEnabled</a></b></td>
<td><tt>Boolean</tt></td>
<td><tt>-</tt></td>
<td>Sets whether the Python Package Analyzer will be used.<br /><b>User property is</b>: <tt>pyPackageAnalyzerEnabled</tt>.</td>
</tr>
<tr class="b">
<td><b><a href="#rubygemsAnalyzerEnabled">rubygemsAnalyzerEnabled</a></b></td>
<td><tt>Boolean</tt></td>
<td><tt>-</tt></td>
<td>Sets whether the Ruby Gemspec Analyzer will be used.<br /><b>User property is</b>: <tt>rubygemsAnalyzerEnabled</tt>.</td>
</tr>
<tr class="a">
<td><b><a href="#serverId">serverId</a></b></td>
<td><tt>String</tt></td>
<td><tt>-</tt></td>
<td>The server id in the settings.xml; used to retrieve encrypted
passwords from the settings.xml.<br /><b>User property is</b>: <tt>serverId</tt>.</td>
</tr>
<tr class="b">
<td><b><a href="#showSummary">showSummary</a></b></td>
<td><tt>boolean</tt></td>
<td><tt>-</tt></td>
<td>Flag indicating whether or not to show a summary in the output.<br /><b>Default value is</b>: <tt>true</tt>.<br /><b>User property is</b>: <tt>showSummary</tt>.</td>
</tr>
<tr class="a">
<td><b><a href="#skip">skip</a></b></td>
<td><tt>boolean</tt></td>
<td><tt>-</tt></td>
<td>Skip Dependency Check altogether.<br /><b>Default value is</b>: <tt>false</tt>.<br /><b>User property is</b>: <tt>dependency-check.skip</tt>.</td>
</tr>
<tr class="b">
<td><b><a href="#skipProvidedScope">skipProvidedScope</a></b></td>
<td><tt>boolean</tt></td>
<td><tt>-</tt></td>
<td>Skip Analysis for Provided Scope Dependencies.<br /><b>Default value is</b>: <tt>false</tt>.<br /><b>User property is</b>: <tt>skipProvidedScope</tt>.</td>
</tr>
<tr class="a">
<td><b><a href="#skipRuntimeScope">skipRuntimeScope</a></b></td>
<td><tt>boolean</tt></td>
<td><tt>-</tt></td>
<td>Skip Analysis for Runtime Scope Dependencies.<br /><b>Default value is</b>: <tt>false</tt>.<br /><b>User property is</b>: <tt>skipRuntimeScope</tt>.</td>
</tr>
<tr class="b">
<td><b><a href="#skipTestScope">skipTestScope</a></b></td>
<td><tt>boolean</tt></td>
<td><tt>-</tt></td>
<td>Skip Analysis for Test Scope Dependencies.<br /><b>Default value is</b>: <tt>true</tt>.<br /><b>User property is</b>: <tt>skipTestScope</tt>.</td>
</tr>
<tr class="a">
<td><b><a href="#suppressionFile">suppressionFile</a></b></td>
<td><tt>String</tt></td>
<td><tt>-</tt></td>
<td>The path to the suppression file.<br /><b>User property is</b>: <tt>suppressionFile</tt>.</td>
</tr>
<tr class="b">
<td><b><a href="#zipExtensions">zipExtensions</a></b></td>
<td><tt>String</tt></td>
<td><tt>-</tt></td>
<td>A comma-separated list of file extensions to add to analysis next
to jar, zip, ....<br /><b>User property is</b>: <tt>zipExtensions</tt>.</td>
</tr>
</table>
</div>
<div class="section">
<h3><a name="Parameter_Details"></a>Parameter Details</h3>
<p><b><a name="aggregate">aggregate</a>:</b></p>
<div><b>Deprecated.</b> use the aggregate goal instead</div>
<div>Generate aggregate reports in multi-module projects.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.Boolean</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>aggregate</tt></li>
</ul><hr />
<p><b><a name="archiveAnalyzerEnabled">archiveAnalyzerEnabled</a>:</b></p>
<div>Whether or not the Archive Analyzer is enabled.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.Boolean</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>archiveAnalyzerEnabled</tt></li>
</ul><hr />
<p><b><a name="assemblyAnalyzerEnabled">assemblyAnalyzerEnabled</a>:</b></p>
<div>Whether or not the .NET Assembly Analyzer is enabled.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.Boolean</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>assemblyAnalyzerEnabled</tt></li>
</ul><hr />
<p><b><a name="autoUpdate">autoUpdate</a>:</b></p>
<div>Sets whether auto-updating of the NVD CVE/CPE data is enabled. It
is not recommended that this be turned to false. Default is true.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.Boolean</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>autoUpdate</tt></li>
</ul><hr />
<p><b><a name="autoconfAnalyzerEnabled">autoconfAnalyzerEnabled</a>:</b></p>
<div>Sets whether or not the autoconf Analyzer should be used.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.Boolean</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>autoconfAnalyzerEnabled</tt></li>
</ul><hr />
<p><b><a name="centralAnalyzerEnabled">centralAnalyzerEnabled</a>:</b></p>
<div>Whether or not the Central Analyzer is enabled.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.Boolean</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>centralAnalyzerEnabled</tt></li>
</ul><hr />
<p><b><a name="cmakeAnalyzerEnabled">cmakeAnalyzerEnabled</a>:</b></p>
<div>Sets whether or not the CMake Analyzer should be used.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.Boolean</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>cmakeAnalyzerEnabled</tt></li>
</ul><hr />
<p><b><a name="composerAnalyzerEnabled">composerAnalyzerEnabled</a>:</b></p>
<div>Sets whether or not the PHP Composer Lock File Analyzer should be
used.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.Boolean</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>composerAnalyzerEnabled</tt></li>
</ul><hr />
<p><b><a name="connectionString">connectionString</a>:</b></p>
<div>The database connection string.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.String</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>connectionString</tt></li>
</ul><hr />
<p><b><a name="connectionTimeout">connectionTimeout</a>:</b></p>
<div>The Connection Timeout.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.String</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>connectionTimeout</tt></li>
</ul><hr />
<p><b><a name="cveUrl12Base">cveUrl12Base</a>:</b></p>
<div>Base Data Mirror URL for CVE 1.2.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.String</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>cveUrl12Base</tt></li>
</ul><hr />
<p><b><a name="cveUrl12Modified">cveUrl12Modified</a>:</b></p>
<div>Data Mirror URL for CVE 1.2.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.String</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>cveUrl12Modified</tt></li>
</ul><hr />
<p><b><a name="cveUrl20Base">cveUrl20Base</a>:</b></p>
<div>Data Mirror URL for CVE 2.0.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.String</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>cveUrl20Base</tt></li>
</ul><hr />
<p><b><a name="cveUrl20Modified">cveUrl20Modified</a>:</b></p>
<div>Data Mirror URL for CVE 2.0.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.String</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>cveUrl20Modified</tt></li>
</ul><hr />
<p><b><a name="cveValidForHours">cveValidForHours</a>:</b></p>
<div>Optionally skip excessive CVE update checks for a designated
duration in hours.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.Integer</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>cveValidForHours</tt></li>
</ul><hr />
<p><b><a name="dataDirectory">dataDirectory</a>:</b></p>
<div>The data directory, hold DC SQL DB.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.String</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>dataDirectory</tt></li>
</ul><hr />
<p><b><a name="dataFileName">dataFileName</a>:</b></p>
<div>Sets whether or not the external report format should be used.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.String</tt></li>
<li><b>Required</b>: <tt>Yes</tt></li>
<li><b>User Property</b>: <tt>metaFileName</tt></li>
<li><b>Default</b>: <tt>dependency-check.ser</tt></li>
</ul><hr />
<p><b><a name="databaseDriverName">databaseDriverName</a>:</b></p>
<div>The database driver name. An example would be org.h2.Driver.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.String</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>databaseDriverName</tt></li>
</ul><hr />
<p><b><a name="databaseDriverPath">databaseDriverPath</a>:</b></p>
<div>The path to the database driver if it is not on the class path.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.String</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>databaseDriverPath</tt></li>
</ul><hr />
<p><b><a name="databasePassword">databasePassword</a>:</b></p>
<div>The password to use when connecting to the database.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.String</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>databasePassword</tt></li>
</ul><hr />
<p><b><a name="databaseUser">databaseUser</a>:</b></p>
<div>The database user name.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.String</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>databaseUser</tt></li>
</ul><hr />
<p><b><a name="externalReport">externalReport</a>:</b></p>
<div><b>Deprecated.</b> the internal report is no longer supported</div>
<div>Sets whether or not the external report format should be used.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.String</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>externalReport</tt></li>
</ul><hr />
<p><b><a name="failBuildOnCVSS">failBuildOnCVSS</a>:</b></p>
<div>Specifies if the build should be failed if a CVSS score above a
specified level is identified. The default is 11 which means since
the CVSS scores are 0-10, by default the build will never fail.</div>
<ul>
<li><b>Type</b>: <tt>float</tt></li>
<li><b>Required</b>: <tt>Yes</tt></li>
<li><b>User Property</b>: <tt>failBuildOnCVSS</tt></li>
<li><b>Default</b>: <tt>11</tt></li>
</ul><hr />
<p><b><a name="format">format</a>:</b></p>
<div>The report format to be generated (HTML, XML, VULN, ALL). This
configuration option has no affect if using this within the Site
plug-in unless the externalReport is set to true. Default is HTML.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.String</tt></li>
<li><b>Required</b>: <tt>Yes</tt></li>
<li><b>User Property</b>: <tt>format</tt></li>
<li><b>Default</b>: <tt>HTML</tt></li>
</ul><hr />
<p><b><a name="jarAnalyzerEnabled">jarAnalyzerEnabled</a>:</b></p>
<div>Whether or not the Jar Analyzer is enabled.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.Boolean</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>jarAnalyzerEnabled</tt></li>
</ul><hr />
<p><b><a name="mavenSettings">mavenSettings</a>:</b></p>
<div>The Maven settings.</div>
<ul>
<li><b>Type</b>: <tt>org.apache.maven.settings.Settings</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>mavenSettings</tt></li>
<li><b>Default</b>: <tt>${settings}</tt></li>
</ul><hr />
<p><b><a name="mavenSettingsProxyId">mavenSettingsProxyId</a>:</b></p>
<div>The maven settings proxy id.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.String</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>mavenSettingsProxyId</tt></li>
</ul><hr />
<p><b><a name="name">name</a>:</b></p>
<div>The name of the report in the site.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.String</tt></li>
<li><b>Required</b>: <tt>Yes</tt></li>
<li><b>User Property</b>: <tt>name</tt></li>
<li><b>Default</b>: <tt>dependency-check:aggregate</tt></li>
</ul><hr />
<p><b><a name="nexusAnalyzerEnabled">nexusAnalyzerEnabled</a>:</b></p>
<div>Whether or not the Nexus Analyzer is enabled.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.Boolean</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>nexusAnalyzerEnabled</tt></li>
</ul><hr />
<p><b><a name="nexusUrl">nexusUrl</a>:</b></p>
<div>The URL of a Nexus server's REST API end point
(http://domain/nexus/service/local).</div>
<ul>
<li><b>Type</b>: <tt>java.lang.String</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>nexusUrl</tt></li>
</ul><hr />
<p><b><a name="nexusUsesProxy">nexusUsesProxy</a>:</b></p>
<div>Whether or not the configured proxy is used to connect to Nexus.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.Boolean</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>nexusUsesProxy</tt></li>
</ul><hr />
<p><b><a name="nodeAnalyzerEnabled">nodeAnalyzerEnabled</a>:</b></p>
<div>Sets whether or not the Node.js Analyzer should be used.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.Boolean</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>nodeAnalyzerEnabled</tt></li>
</ul><hr />
<p><b><a name="nuspecAnalyzerEnabled">nuspecAnalyzerEnabled</a>:</b></p>
<div>Whether or not the .NET Nuspec Analyzer is enabled.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.Boolean</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>nuspecAnalyzerEnabled</tt></li>
</ul><hr />
<p><b><a name="opensslAnalyzerEnabled">opensslAnalyzerEnabled</a>:</b></p>
<div>Sets whether or not the openssl Analyzer should be used.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.Boolean</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>opensslAnalyzerEnabled</tt></li>
</ul><hr />
<p><b><a name="outputDirectory">outputDirectory</a>:</b></p>
<div>The output directory. This generally maps to &quot;target&quot;.</div>
<ul>
<li><b>Type</b>: <tt>java.io.File</tt></li>
<li><b>Required</b>: <tt>Yes</tt></li>
<li><b>Default</b>: <tt>${project.build.directory}</tt></li>
</ul><hr />
<p><b><a name="pathToMono">pathToMono</a>:</b></p>
<div>The path to mono for .NET Assembly analysis on non-windows systems.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.String</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>pathToMono</tt></li>
</ul><hr />
<p><b><a name="proxyUrl">proxyUrl</a>:</b></p>
<div><b>Deprecated.</b> Please use mavenSettings instead</div>
<div>The Proxy URL.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.String</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>proxyUrl</tt></li>
</ul><hr />
<p><b><a name="pyDistributionAnalyzerEnabled">pyDistributionAnalyzerEnabled</a>:</b></p>
<div>Sets whether the Python Distribution Analyzer will be used.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.Boolean</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>pyDistributionAnalyzerEnabled</tt></li>
</ul><hr />
<p><b><a name="pyPackageAnalyzerEnabled">pyPackageAnalyzerEnabled</a>:</b></p>
<div>Sets whether the Python Package Analyzer will be used.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.Boolean</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>pyPackageAnalyzerEnabled</tt></li>
</ul><hr />
<p><b><a name="reportOutputDirectory">reportOutputDirectory</a>:</b></p>
<div>Specifies the destination directory for the generated
Dependency-Check report. This generally maps to &quot;target/site&quot;.</div>
<ul>
<li><b>Type</b>: <tt>java.io.File</tt></li>
<li><b>Required</b>: <tt>Yes</tt></li>
<li><b>User Property</b>: <tt>project.reporting.outputDirectory</tt></li>
</ul><hr />
<p><b><a name="rubygemsAnalyzerEnabled">rubygemsAnalyzerEnabled</a>:</b></p>
<div>Sets whether the Ruby Gemspec Analyzer will be used.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.Boolean</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>rubygemsAnalyzerEnabled</tt></li>
</ul><hr />
<p><b><a name="serverId">serverId</a>:</b></p>
<div>The server id in the settings.xml; used to retrieve encrypted
passwords from the settings.xml.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.String</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>serverId</tt></li>
</ul><hr />
<p><b><a name="showSummary">showSummary</a>:</b></p>
<div>Flag indicating whether or not to show a summary in the output.</div>
<ul>
<li><b>Type</b>: <tt>boolean</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>showSummary</tt></li>
<li><b>Default</b>: <tt>true</tt></li>
</ul><hr />
<p><b><a name="skip">skip</a>:</b></p>
<div>Skip Dependency Check altogether.</div>
<ul>
<li><b>Type</b>: <tt>boolean</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>dependency-check.skip</tt></li>
<li><b>Default</b>: <tt>false</tt></li>
</ul><hr />
<p><b><a name="skipProvidedScope">skipProvidedScope</a>:</b></p>
<div>Skip Analysis for Provided Scope Dependencies.</div>
<ul>
<li><b>Type</b>: <tt>boolean</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>skipProvidedScope</tt></li>
<li><b>Default</b>: <tt>false</tt></li>
</ul><hr />
<p><b><a name="skipRuntimeScope">skipRuntimeScope</a>:</b></p>
<div>Skip Analysis for Runtime Scope Dependencies.</div>
<ul>
<li><b>Type</b>: <tt>boolean</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>skipRuntimeScope</tt></li>
<li><b>Default</b>: <tt>false</tt></li>
</ul><hr />
<p><b><a name="skipTestScope">skipTestScope</a>:</b></p>
<div>Skip Analysis for Test Scope Dependencies.</div>
<ul>
<li><b>Type</b>: <tt>boolean</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>skipTestScope</tt></li>
<li><b>Default</b>: <tt>true</tt></li>
</ul><hr />
<p><b><a name="suppressionFile">suppressionFile</a>:</b></p>
<div>The path to the suppression file.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.String</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>suppressionFile</tt></li>
</ul><hr />
<p><b><a name="zipExtensions">zipExtensions</a>:</b></p>
<div>A comma-separated list of file extensions to add to analysis next
to jar, zip, ....</div>
<ul>
<li><b>Type</b>: <tt>java.lang.String</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>zipExtensions</tt></li>
</ul>
</div>
</div>
</div>
</div>
</div>
<hr/>
<footer>
<div class="container-fluid">
<div class="row-fluid">
<p >Copyright &copy; 2013&#x2013;2016
<a href="http://www.owasp.org">OWASP</a>.
All rights reserved.
</p>
</div>
</div>
</footer>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink