Skip to content

Latest commit

 

History

History
24 lines (20 loc) · 1.47 KB

README.md

File metadata and controls

24 lines (20 loc) · 1.47 KB

In this project, there will be always exactly one release, containing the OWASP Dependency Check database. This database is updated every three hours.

To use it to speed up your run of of OWASP Dependency Check, please download the release to a directory on your system and point the checker using the --data flag: path/to/dependency-check.sh --data path/to/extracted-release --scan path/to/scan.

As part of an Azure Pipeline, that could look like this:

  - task: DownloadGitHubRelease@0
    displayName: 'Download OWASP cache from release on GitHub'
    inputs:
      connection: GitHub # A service connection to GitHub with this name has to exist in your project.
      userRepository: 'mvdbos/owasp-dep-check-cache-builder'
      defaultVersionType: 'specificTag'
      version: 'latest'
      downloadPath: '$(Pipeline.Workspace)/owasp-cache/'

  - script: |
      curl -sfL -o $(system.defaultWorkingDirectory)/dependency-check.zip https://dl.bintray.com/jeremy-long/owasp/dependency-check-5.1.0-release.zip
      unzip $(system.defaultWorkingDirectory)/dependency-check.zip -d $(system.defaultWorkingDirectory)
      $(system.defaultWorkingDirectory)/dependency-check/bin/dependency-check.sh --suppress .owasp-deps-suppress.xml --cveValidForHours 4 --data $(Pipeline.Workspace)/owasp-cache --enableExperimental --scan $(modulePath) --format HTML --out $(Build.ArtifactStagingDirectory)/dependency-check
    workingDirectory: '$(modulePath)'
    displayName: 'OWASP Dependency Check'