github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-17 09:06:55 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
b8107aeda0c3b6da2eff4dc13613f0edcd3850b7
DependencyCheck/dependency-check-maven/check-mojo.html
Jeremy Long b8107aeda0 version 1.0.7
2013-12-03 06:05:11 -05:00

638 lines
19 KiB
HTML
Raw Blame History

<!DOCTYPE html>
<!--
| Generated by Apache Maven Doxia at 2013-12-02
| Rendered using Apache Maven Fluido Skin 1.3.0
-->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta name="Date-Revision-yyyymmdd" content="20131202" />
<meta http-equiv="Content-Language" content="en" />
<title>dependency-check-maven -
dependency-check:check</title>
<link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" />
<link rel="stylesheet" href="./css/site.css" />
<link rel="stylesheet" href="./css/print.css" media="print" />
<script type="text/javascript" src="./js/apache-maven-fluido-1.3.0.min.js"></script>
<style type="text/css">#bannerLeft { margin-top:50px !important }</style>
</head>
<body class="topBarDisabled">
<a href="http://github.com/jeremylong/DependencyCheck">
<img style="position: absolute; top: 0; right: 0; border: 0; z-index: 10000;"
src="https://s3.amazonaws.com/github/ribbons/forkme_right_gray_6d6d6d.png"
alt="Fork me on GitHub">
</a>
<div class="container-fluid">
<div id="banner">
<div class="pull-left">
<div id="bannerLeft">
<h2>dependency-check-maven</h2>
</div>
</div>
<div class="pull-right"> </div>
<div class="clear"><hr/></div>
</div>
<div id="breadcrumbs">
<ul class="breadcrumb">
<li class="">
<a href="../../../../../../../../../../../../c:/Users/jeremy/Documents/NetBeansProjects/DependencyCheck/target/site/1.0.7/#" title="">
</a>
</li>
<li class="divider ">/</li>
<li class="">
<a href="../index.html" title="dependency-check">
dependency-check</a>
</li>
<li class="divider ">/</li>
<li class="">
dependency-check:check</li>
<li id="publishDate" class="pull-right">Last Published: 2013-12-02</li> <li class="divider pull-right">|</li>
<li id="projectVersion" class="pull-right">Version: 1.0.7</li>
</ul>
</div>
<div class="row-fluid">
<div id="leftColumn" class="span3">
<div class="well sidebar-nav">
<ul class="nav nav-list">
<li class="nav-header">Getting Started</li>
<li>
<a href="usage.html" title="Usage">
<i class="none"></i>
Usage</a>
</li>
<li>
<a href="configuration.html" title="Configuration">
<i class="none"></i>
Configuration</a>
</li>
<li class="nav-header">Project Documentation</li>
<li>
<a href="project-info.html" title="Project Information">
<i class="icon-chevron-right"></i>
Project Information</a>
</li>
<li>
<a href="project-reports.html" title="Project Reports">
<i class="icon-chevron-right"></i>
Project Reports</a>
</li>
</ul>
<hr class="divider" />
<div id="poweredBy">
<div class="clear"></div>
<div class="clear"></div>
<div id="twitter">
<a href="https://twitter.com/ctxt" class="twitter-follow-button" data-show-count="true" data-align="left" data-size="medium" data-show-screen-name="true" data-lang="en">Follow ctxt</a>
<script type="text/javascript">!function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0];if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src="//platform.twitter.com/widgets.js";fjs.parentNode.insertBefore(js,fjs);}}(document,"script","twitter-wjs");</script>
</div>
<div class="clear"></div>
<a href="http://maven.apache.org/" title="Built by Maven" class="poweredBy">
<img class="builtBy" alt="Built by Maven" src="./images/logos/maven-feather.png" />
</a>
</div>
</div>
</div>
<div id="bodyColumn" class="span9" >
<div class="section">
<h2>dependency-check:check<a name="dependency-check:check"></a></h2>
<p><b>Note</b>:This goal should be used as a Maven report.</p>
<p><b>Full name</b>:</p>
<p>org.owasp:dependency-check-maven:1.0.7:check</p>
<p><b>Description</b>:</p>
<div>Maven Plugin that checks project dependencies to see if they have
any known published vulnerabilities.</div>
<p><b>Attributes</b>:</p>
<ul>
<li>Requires a Maven project to be executed.</li>
<li>Requires dependency resolution of artifacts in scope: <tt>runtime+system</tt>.</li>
<li>The goal is thread-safe and supports parallel builds.</li>
<li>Binds by default to the <a class="externalLink" href="http://maven.apache.org/ref/current/maven-core/lifecycles.html">lifecycle phase</a>: <tt>compile</tt>.</li>
<li>Requires that Maven runs in online mode.</li>
</ul>
<div class="section">
<h3>Required Parameters<a name="Required_Parameters"></a></h3>
<table class="table table-striped" border="0">
<tr class="a">
<th>Name</th>
<th>Type</th>
<th>Since</th>
<th>Description</th>
</tr>
<tr class="b">
<td><b><a href="#autoUpdate">autoUpdate</a></b></td>
<td><tt>boolean</tt></td>
<td><tt>-</tt></td>
<td>Sets whether auto-updating of the NVD CVE/CPE data is enabled. It
is not recommended that this be turned to false. Default is true.<br /><b>Default value is</b>: <tt>true</tt>.<br /><b>User property is</b>: <tt>autoupdate</tt>.</td>
</tr>
<tr class="a">
<td><b><a href="#externalReport">externalReport</a></b></td>
<td><tt>boolean</tt></td>
<td><tt>-</tt></td>
<td>Sets whether or not the external report format should be used.<br /><b>Default value is</b>: <tt>false</tt>.<br /><b>User property is</b>: <tt>externalReport</tt>.</td>
</tr>
<tr class="b">
<td><b><a href="#failBuildOnCVSS">failBuildOnCVSS</a></b></td>
<td><tt>float</tt></td>
<td><tt>-</tt></td>
<td>Specifies if the build should be failed if a CVSS score above a
specified level is identified. The default is 11 which means since
the CVSS scores are 0-10, by default the build will never fail.<br /><b>Default value is</b>: <tt>11</tt>.<br /><b>User property is</b>: <tt>failBuildOnCVSS</tt>.</td>
</tr>
<tr class="a">
<td><b><a href="#format">format</a></b></td>
<td><tt>String</tt></td>
<td><tt>-</tt></td>
<td>The report format to be generated (HTML, XML, VULN, ALL). This
configuration option has no affect if using this within the Site
plugin unless the externalReport is set to true. Default is HTML.<br /><b>Default value is</b>: <tt>HTML</tt>.<br /><b>User property is</b>: <tt>format</tt>.</td>
</tr>
<tr class="b">
<td><b><a href="#outputDirectory">outputDirectory</a></b></td>
<td><tt>File</tt></td>
<td><tt>-</tt></td>
<td>The output directory.<br /><b>Default value is</b>: <tt>${project.build.directory}</tt>.<br /></td>
</tr>
<tr class="a">
<td><b><a href="#reportOutputDirectory">reportOutputDirectory</a></b></td>
<td><tt>File</tt></td>
<td><tt>-</tt></td>
<td>Specifies the destination directory for the generated
Dependency-Check report.<br /><b>Default value is</b>: <tt>${project.reporting.outputDirectory}</tt>.<br /><b>User property is</b>: <tt>reportOutputDirectory</tt>.</td>
</tr>
</table>
</div>
<div class="section">
<h3>Optional Parameters<a name="Optional_Parameters"></a></h3>
<table class="table table-striped" border="0">
<tr class="a">
<th>Name</th>
<th>Type</th>
<th>Since</th>
<th>Description</th>
</tr>
<tr class="b">
<td><b><a href="#connectionTimeout">connectionTimeout</a></b></td>
<td><tt>String</tt></td>
<td><tt>-</tt></td>
<td>The Connection Timeout.<br /><b>User property is</b>: <tt>connectionTimeout</tt>.</td>
</tr>
<tr class="a">
<td><b><a href="#description">description</a></b></td>
<td><tt>String</tt></td>
<td><tt>-</tt></td>
<td>The description of the Dependency-Check report to be displayed in
the Maven Generated Reports page<br /><b>Default value is</b>: <tt>A report providing details on any published vulnerabilities within project dependencies. This report is a best effort but may contain false positives and false negatives.</tt>.<br /><b>User property is</b>: <tt>description</tt>.</td>
</tr>
<tr class="b">
<td><b><a href="#logFile">logFile</a></b></td>
<td><tt>String</tt></td>
<td><tt>-</tt></td>
<td>The path to the verbose log<br /><b>User property is</b>: <tt>logfile</tt>.</td>
</tr>
<tr class="a">
<td><b><a href="#name">name</a></b></td>
<td><tt>String</tt></td>
<td><tt>-</tt></td>
<td>The name of the report to be displayed in the Maven Generated
Reports page<br /><b>Default value is</b>: <tt>Dependency-Check</tt>.<br /><b>User property is</b>: <tt>name</tt>.</td>
</tr>
<tr class="b">
<td><b><a href="#proxyPassword">proxyPassword</a></b></td>
<td><tt>String</tt></td>
<td><tt>-</tt></td>
<td>The Proxy password.<br /><b>User property is</b>: <tt>proxyPassword</tt>.</td>
</tr>
<tr class="a">
<td><b><a href="#proxyPort">proxyPort</a></b></td>
<td><tt>String</tt></td>
<td><tt>-</tt></td>
<td>The Proxy Port.<br /><b>User property is</b>: <tt>proxyPort</tt>.</td>
</tr>
<tr class="b">
<td><b><a href="#proxyUrl">proxyUrl</a></b></td>
<td><tt>String</tt></td>
<td><tt>-</tt></td>
<td>The Proxy URL.<br /><b>User property is</b>: <tt>proxyUrl</tt>.</td>
</tr>
<tr class="a">
<td><b><a href="#proxyUsername">proxyUsername</a></b></td>
<td><tt>String</tt></td>
<td><tt>-</tt></td>
<td>The Proxy username.<br /><b>User property is</b>: <tt>proxyUsername</tt>.</td>
</tr>
<tr class="b">
<td><b><a href="#reportName">reportName</a></b></td>
<td><tt>String</tt></td>
<td><tt>-</tt></td>
<td>The name of the site report destination.<br /><b>Default value is</b>: <tt>dependency-check-report</tt>.<br /><b>User property is</b>: <tt>report-name</tt>.</td>
</tr>
<tr class="a">
<td><b><a href="#suppressionFile">suppressionFile</a></b></td>
<td><tt>String</tt></td>
<td><tt>-</tt></td>
<td>The Connection Timeout.<br /><b>User property is</b>: <tt>suppressionFile</tt>.</td>
</tr>
</table>
</div>
<div class="section">
<h3>Parameter Details<a name="Parameter_Details"></a></h3>
<p><b><a name="autoUpdate">autoUpdate</a>:</b></p>
<div>Sets whether auto-updating of the NVD CVE/CPE data is enabled. It
is not recommended that this be turned to false. Default is true.</div>
<ul>
<li><b>Type</b>: <tt>boolean</tt></li>
<li><b>Required</b>: <tt>Yes</tt></li>
<li><b>User Property</b>: <tt>autoupdate</tt></li>
<li><b>Default</b>: <tt>true</tt></li>
</ul><hr />
<p><b><a name="connectionTimeout">connectionTimeout</a>:</b></p>
<div>The Connection Timeout.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.String</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>connectionTimeout</tt></li>
</ul><hr />
<p><b><a name="description">description</a>:</b></p>
<div>The description of the Dependency-Check report to be displayed in
the Maven Generated Reports page</div>
<ul>
<li><b>Type</b>: <tt>java.lang.String</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>description</tt></li>
<li><b>Default</b>: <tt>A report providing details on any published vulnerabilities within project dependencies. This report is a best effort but may contain false positives and false negatives.</tt></li>
</ul><hr />
<p><b><a name="externalReport">externalReport</a>:</b></p>
<div>Sets whether or not the external report format should be used.</div>
<ul>
<li><b>Type</b>: <tt>boolean</tt></li>
<li><b>Required</b>: <tt>Yes</tt></li>
<li><b>User Property</b>: <tt>externalReport</tt></li>
<li><b>Default</b>: <tt>false</tt></li>
</ul><hr />
<p><b><a name="failBuildOnCVSS">failBuildOnCVSS</a>:</b></p>
<div>Specifies if the build should be failed if a CVSS score above a
specified level is identified. The default is 11 which means since
the CVSS scores are 0-10, by default the build will never fail.</div>
<ul>
<li><b>Type</b>: <tt>float</tt></li>
<li><b>Required</b>: <tt>Yes</tt></li>
<li><b>User Property</b>: <tt>failBuildOnCVSS</tt></li>
<li><b>Default</b>: <tt>11</tt></li>
</ul><hr />
<p><b><a name="format">format</a>:</b></p>
<div>The report format to be generated (HTML, XML, VULN, ALL). This
configuration option has no affect if using this within the Site
plugin unless the externalReport is set to true. Default is HTML.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.String</tt></li>
<li><b>Required</b>: <tt>Yes</tt></li>
<li><b>User Property</b>: <tt>format</tt></li>
<li><b>Default</b>: <tt>HTML</tt></li>
</ul><hr />
<p><b><a name="logFile">logFile</a>:</b></p>
<div>The path to the verbose log</div>
<ul>
<li><b>Type</b>: <tt>java.lang.String</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>logfile</tt></li>
</ul><hr />
<p><b><a name="name">name</a>:</b></p>
<div>The name of the report to be displayed in the Maven Generated
Reports page</div>
<ul>
<li><b>Type</b>: <tt>java.lang.String</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>name</tt></li>
<li><b>Default</b>: <tt>Dependency-Check</tt></li>
</ul><hr />
<p><b><a name="outputDirectory">outputDirectory</a>:</b></p>
<div>The output directory.</div>
<ul>
<li><b>Type</b>: <tt>java.io.File</tt></li>
<li><b>Required</b>: <tt>Yes</tt></li>
<li><b>Default</b>: <tt>${project.build.directory}</tt></li>
</ul><hr />
<p><b><a name="proxyPassword">proxyPassword</a>:</b></p>
<div>The Proxy password.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.String</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>proxyPassword</tt></li>
</ul><hr />
<p><b><a name="proxyPort">proxyPort</a>:</b></p>
<div>The Proxy Port.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.String</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>proxyPort</tt></li>
</ul><hr />
<p><b><a name="proxyUrl">proxyUrl</a>:</b></p>
<div>The Proxy URL.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.String</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>proxyUrl</tt></li>
</ul><hr />
<p><b><a name="proxyUsername">proxyUsername</a>:</b></p>
<div>The Proxy username.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.String</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>proxyUsername</tt></li>
</ul><hr />
<p><b><a name="reportName">reportName</a>:</b></p>
<div>The name of the site report destination.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.String</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>report-name</tt></li>
<li><b>Default</b>: <tt>dependency-check-report</tt></li>
</ul><hr />
<p><b><a name="reportOutputDirectory">reportOutputDirectory</a>:</b></p>
<div>Specifies the destination directory for the generated
Dependency-Check report.</div>
<ul>
<li><b>Type</b>: <tt>java.io.File</tt></li>
<li><b>Required</b>: <tt>Yes</tt></li>
<li><b>User Property</b>: <tt>reportOutputDirectory</tt></li>
<li><b>Default</b>: <tt>${project.reporting.outputDirectory}</tt></li>
</ul><hr />
<p><b><a name="suppressionFile">suppressionFile</a>:</b></p>
<div>The Connection Timeout.</div>
<ul>
<li><b>Type</b>: <tt>java.lang.String</tt></li>
<li><b>Required</b>: <tt>No</tt></li>
<li><b>User Property</b>: <tt>suppressionFile</tt></li>
</ul>
</div>
</div>
</div>
</div>
</div>
<hr/>
<footer>
<div class="container-fluid">
<div class="row span12">Copyright &copy; 2013
<a href="http://www.owasp.org">OWASP</a>.
All Rights Reserved.
</div>
</div>
</footer>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink