Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enabled external database support in OWASP Dependency Check. #158

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Enabled external database support in OWASP Dependency Check. #158

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions docker/glue/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -71,6 +71,10 @@ WORKDIR /home/glue/tools/
RUN curl -L http://dl.bintray.com/jeremy-long/owasp/dependency-check-1.4.3-release.zip --output owasp-dep-check.zip
RUN unzip owasp-dep-check.zip

# PostgreSQL JDBC Plugin (for external database)
#
RUN curl -L https://jdbc.postgresql.org/download/postgresql-42.2.5.jar --output /home/glue/tools/dependency-check/plugins/postgresql.jar

# Maven
RUN sudo apt-get install -y maven

Expand Down
19 changes: 19 additions & 0 deletions lib/glue/options.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -258,6 +258,25 @@ def get_options args, destructive = false
options[:owasp_dep_check_suppression] = path
end

opts.on "--owasp-db-driver-name NAME", "The Java class name for the OWASP Dependency Check external database driver" do |driver_name|
Glue.debug "Setting OWASP DB Driver name to #{driver_name}"
options[:owasp_dep_check_db_driver_name] = driver_name
end

opts.on "--owasp-db-connection-string URL", "The connection string for the OWASP Dependency Check external database" do |db_conn_string|
Glue.debug "Setting OWASP DB connection string to #{db_conn_string}"
options[:owasp_dep_check_db_conn_string] = db_conn_string
end

opts.on "--owasp-db-user USER", "The user for the OWASP Dependency Check external database" do |db_user|
Glue.debug "Setting OWASP DB user to #{db_user}"
options[:owasp_dep_check_db_user] = db_user
end

opts.on "--owasp-db-password PASSWORD", "The password for the OWASP Dependency Check external database" do |db_password|
options[:owasp_dep_check_db_pass] = db_password
end

opts.on "--sbt-path PATH", "The full path to sbt (optional)" do |path|
options[:sbt_path] = path
end
Expand Down
16 changes: 16 additions & 0 deletions lib/glue/tasks/owasp-dep-check.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -128,6 +128,22 @@ def run
run_args << [ "--suppression", "#{@tracker.options[:owasp_dep_check_suppression]}" ]
end

if @tracker.options[:owasp_dep_check_db_driver_name]
run_args << [ "--dbDriverName", "#{@tracker.options[:owasp_dep_check_db_driver_name]}" ]
end

if @tracker.options[:owasp_dep_check_db_conn_string]
run_args << [ "--connectionString", "#{@tracker.options[:owasp_dep_check_db_conn_string]}" ]
end

if @tracker.options[:owasp_dep_check_db_user]
run_args << [ "--dbUser", "#{@tracker.options[:owasp_dep_check_db_user]}" ]
end

if @tracker.options[:owasp_dep_check_db_pass]
run_args << [ "--dbPassword", "#{@tracker.options[:owasp_dep_check_db_pass]}" ]
end

run_args << [ "-out", "#{rootpath}", "-s", "#{rootpath}" ] unless @scala_project || @gradle_project || @maven_project

initial_dir = Dir.pwd
Expand Down