content
Variables
env | version |
---|---|
VM virtualbox | Ubuntu 24.04 |
How to install OWASP Dependency-Check
JAVA Installation
same and simpile as ussuall
$ sudo apt update
$ sudo apt install default-jre
$ java -version
openjdk version "21.0.4" 2024-07-16
OpenJDK Runtime Environment (build 21.0.4+7-Ubuntu-1ubuntu224.04)
OpenJDK 64-Bit Server VM (build 21.0.4+7-Ubuntu-1ubuntu224.04, mixed mode, sharing)
$ sudo apt install default-jdk
$ javac -version
javac 21.0.4
yarn Installation
$ sudo apt update
$ sudo apt install curl
Import Yarn GPG keys and enable Yarn repo
$ curl -sL https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add -
$ echo "deb https://dl.yarnpkg.com/debian/ stable main" | sudo tee /etc/apt/sources.list.d/yarn.list
$ sudo apt install yarn
npm
$ sudo apt install npm
$ sudo npm install -g n
// install NodeJs 14.21.3
$ sudo n 14.21.3
NET 8.0 Installation
$ sudo apt-get update && sudo apt-get install -y dotnet-sdk-8.0
Download Dependency-check and install
github: DependencyCheck Version 10.0.3
all usage
$ sudo unzip dependency-check
$ cd dependency-check/bin
$ sudo update-alternatives --install /usr/bin/dependency-check.sh dependency-check dependency-check/bin/dependency-check.sh 1
How to run dependency-check
dependency-check can be used Before Compilation and After Compilation
Generate Report
$ dependency-check.sh -s <Source code Path> -o <Report_Output_Path> --project <Report_Name> --zipExtensions "rpm,gz,zip,tgz,tar"