OWASP dependency-check-ant is an Ant Task that uses dependency-check-core to detect publicly disclosed vulnerabilities associated with the project’s dependencies. The task will generate a report listing the dependency, any identified Common Platform Enumeration (CPE) identifiers, and the associated Common Vulnerability and Exposure (CVE) entries.
gpg --keyserver hkp://keys.gnupg.net --recv-keys F9514E84AE3708288374BBBE097586CFEA37F9A6
.gpg --verify dependency-check-ant-6.1.1-release.zip.asc
.<!-- Set the value to the installation directory's path --> <property name="dependency-check.home" value="C:/tools/dependency-check-ant"/> <path id="dependency-check.path"> <pathelement location="${dependency-check.home}/dependency-check-ant.jar"/> <fileset dir="${dependency-check.home}/lib"> <include name="*.jar"/> </fileset> </path> <taskdef resource="dependency-check-taskdefs.properties"> <classpath refid="dependency-check.path" /> </taskdef>
It is important to understand that the first time this task is executed it may take 10 minutes or more as it downloads and processes the data from the National Vulnerability Database (NVD) hosted by NIST: https://nvd.nist.gov
After the first batch download, as long as the task is executed at least once every seven days the update will only take a few seconds.