mirror of
https://git.freebsd.org/ports.git
synced 2025-06-09 23:00:30 -04:00
Dependency-Check is a utility that attempts to detect publicly disclosed vulnerabilities contained within project dependencies. It does this by determining if there is a Common Platform Enumeration (CPE) identifier for a given dependency. If found, it will generate a report linking to the associated CVE entries. WWW: https://github.com/jeremylong/DependencyCheck WWW: https://www.owasp.org/index.php/OWASP_Dependency_Check WWW: https://jeremylong.github.io/DependencyCheck/dependency-check-cli/ WWW: https://jeremylong.github.io/DependencyCheck/dependency-check-cli/arguments.html PR: 226206 Submitted by: Andreas Sommer <andreas.sommer87@googlemail.com>
46 lines
1.4 KiB
Makefile
46 lines
1.4 KiB
Makefile
# $FreeBSD$
|
|
|
|
# Note to committers:
|
|
# With each version update, a new maven repository must be created and distributed
|
|
# so build is repeatable and cluster-safe.
|
|
|
|
PORTNAME= owasp-dependency-check
|
|
PORTVERSION= 3.1.1
|
|
DISTVERSIONPREFIX= v
|
|
CATEGORIES= security java
|
|
MASTER_SITES= LOCAL/pi/:source2
|
|
DISTFILES+= owasp-dependency-check-${PORTVERSION}-maven-repository.tar.gz:source2
|
|
|
|
MAINTAINER= andreas.sommer87@googlemail.com
|
|
COMMENT= Detects publicly disclosed vulnerabilities in project dependencies
|
|
|
|
LICENSE= APACHE20
|
|
|
|
BUILD_DEPENDS= ${LOCALBASE}/share/java/maven/bin/mvn:devel/maven
|
|
|
|
USE_GITHUB= yes
|
|
GH_ACCOUNT= jeremylong
|
|
GH_PROJECT= DependencyCheck
|
|
|
|
USE_JAVA= yes
|
|
JAVA_VERSION= 1.7+
|
|
|
|
NO_ARCH= yes
|
|
|
|
SUB_FILES= owasp-dependency-check
|
|
SUB_LIST= PORTVERSION=${PORTVERSION}
|
|
PLIST_DIRS= /var/cache/owasp-dependency-check
|
|
PLIST_FILES= bin/owasp-dependency-check \
|
|
${JAVAJARDIR}/owasp-dependency-check-${PORTVERSION}-jar-with-dependencies.jar
|
|
|
|
do-build:
|
|
cd ${WRKSRC} && ${SETENV} ${MAKE_ENV} ${LOCALBASE}/share/java/maven/bin/mvn \
|
|
--batch-mode -Dmaven.repo.local=${WRKDIR}/repository -DskipTests --offline package
|
|
|
|
do-install:
|
|
${INSTALL_DATA} ${WRKSRC}/dependency-check-cli/target/dependency-check-${PORTVERSION}-jar-with-dependencies.jar \
|
|
${STAGEDIR}${JAVAJARDIR}/owasp-dependency-check-${PORTVERSION}-jar-with-dependencies.jar
|
|
${INSTALL_SCRIPT} ${WRKDIR}/${PORTNAME} ${STAGEDIR}${PREFIX}/bin
|
|
${MKDIR} ${STAGEDIR}/var/cache/owasp-dependency-check
|
|
|
|
.include <bsd.port.mk>
|