In this project, there will be always exactly one release, containing the OWASP Dependency Check database. This database is updated every three hours.
To use it to speed up your run of of OWASP Dependency Check, please download the release to a directory on your system and point the checker using the --data flag: path/to/dependency-check.sh --data path/to/extracted-release --scan path/to/scan.
As part of an Azure Pipeline, that could look like this:
- task: DownloadGitHubRelease@0
displayName: 'Download OWASP cache from release on GitHub'
inputs:
connection: GitHub # A service connection to GitHub with this name has to exist in your project.
userRepository: 'mvdbos/owasp-dep-check-cache-builder'
defaultVersionType: 'specificTag'
version: 'latest'
downloadPath: '$(Pipeline.Workspace)/owasp-cache/'
- script: |
curl -sfL -o $(system.defaultWorkingDirectory)/dependency-check.zip https://dl.bintray.com/jeremy-long/owasp/dependency-check-5.1.0-release.zip
unzip $(system.defaultWorkingDirectory)/dependency-check.zip -d $(system.defaultWorkingDirectory)
$(system.defaultWorkingDirectory)/dependency-check/bin/dependency-check.sh --suppress .owasp-deps-suppress.xml --cveValidForHours 4 --data $(Pipeline.Workspace)/owasp-cache --enableExperimental --scan $(modulePath) --format HTML --out $(Build.ArtifactStagingDirectory)/dependency-check
workingDirectory: '$(modulePath)'
displayName: 'OWASP Dependency Check'