This repository was archived by the owner on Mar 22, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathsecurity_dependencycheck.sh
More file actions
44 lines (37 loc) · 1.47 KB
/
security_dependencycheck.sh
File metadata and controls
44 lines (37 loc) · 1.47 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
#!/bin/bash
# Example run: ./security_dependencycheck.sh /build/src /tmp/report
# Exclude format: --exclude \"**/myfolder/**\"
CUR_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
SOURCE_PATH="$1"
REPORT_PATH="$2"
DC_VERSION="latest"
DC_DIRECTORY=$HOME/OWASP-Dependency-Check
DATA_DIRECTORY="$DC_DIRECTORY/data"
CACHE_DIRECTORY="$DC_DIRECTORY/data/cache"
if [ ! -d "$DATA_DIRECTORY" ]; then
echo "Initially creating persistent directory: $DATA_DIRECTORY"
mkdir -p "$DATA_DIRECTORY"
fi
if [ ! -d "$CACHE_DIRECTORY" ]; then
echo "Initially creating persistent directory: $CACHE_DIRECTORY"
mkdir -p "$CACHE_DIRECTORY"
fi
if [ ! -d "$REPORT_PATH" ]; then
echo "Initially creating persistent directory: $REPORT_PATH"
mkdir -p "$REPORT_PATH"
fi
printf "Running security: Dependency Check\n"
docker pull owasp/dependency-check:$DC_VERSION
cp $CUR_DIR/suppression.xml $SOURCE_PATH/security/dependency-check-suppression.xml
docker run --rm \
-e user=$USER \
-u $(id -u ${USER}):$(id -g ${USER}) \
--volume $SOURCE_PATH:/src:z \
--volume $REPORT_PATH:/report:z \
--volume "$DATA_DIRECTORY":/usr/share/dependency-check/data:z \
owasp/dependency-check:$DC_VERSION \
--scan /src \
--format "ALL" \
--out /report \
# Use suppression like this: (where /src == $pwd)
# --suppression "/src/security/dependency-check-suppression.xml"