Running dependency-check cli offline
103 views
Skip to first unread message
Terry
Sep 25, 2022, 7:29:55 AM9/25/22
to Dependency Check
Hi,
I have installed dependency-check to a linux RedHat system which is unable to connect to the internet.
I have mapped a windows drive containing all the nvdcve files to the linux server to /mnt/owasp. So the files I am referring to are nvdcve-1.1-%d.json.gz where %d is 2002 to 2022. I also have nvdcve-1.1-modified.json.gz and nvdcve-1.1-recent.json.gz in that same folder.
I have tried the following command:
dependency-check.sh --propertiesfile dependency-check.properties --scan testapp
where dependency-check.properties is:
cve.url-1.1.modified=file://mnt/owasp/nvdcve-1.1-modified.json.gz
cve.url-1.1.base=file://mnt/owasp/nvdcve-1.1-%d.json.gz
And also:
dependency-check.sh --cveUrlModified /mnt/owasp/nvdcve-1.1-modified.json.gz --cveUrlBase /mnt/owasp/nvdcve-1.1-%d.json.gz --scan testapp
but in each case I receive:
[ERROR] One or more fatal errors occurred
[ERROR] Unable to connect to the dependency-check database
Please can someone advise what I am doing wrong?
Thank you
Terry
Zierer, Thomas
Sep 26, 2022, 2:22:18 AM9/26/22
to Dependency Check
Hi,
did you try to map the retireJs URL also? Something like
dependency-check.sh --cveUrlModified /mnt/owasp/nvdcve-1.1-modified.json.gz --cveUrlBase /mnt/owasp/nvdcve-1.1-%d.json.gz –retireJsUrl /mnt/owasp/jsrepository.json --scan testapp
Best regards
Tom
--
You received this message because you are subscribed to the Google Groups "Dependency Check" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
dependency-che...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/dependency-check/e818c06c-a239-46dd-95b6-5e55cb99f26en%40googlegroups.com.
Informationen zur Datenverarbeitung im Rahmen unserer Geschäftstätigkeit gemäß EU Datenschutz-Grundverordnung finden Sie auf unserer Homepage unter www.bayernlb.de/datenschutz.
For general information on how we process data in the course of our business operations, in accordance with the EU General Data Protection Regulation, please visit our homepage www.bayernlb.com/data_protection.
For general information on how we process data in the course of our business operations, in accordance with the EU General Data Protection Regulation, please visit our homepage www.bayernlb.com/data_protection.
Terry
Sep 26, 2022, 6:53:58 AM9/26/22
to Dependency Check
Hi Tom,
I didn't as hadn't appreciated I had to. At the moment I don't seem to have a copy of the data for that so I have had to disable along with the OSSIndexAnalyzer and the Central Analyzer.
Thank you very much for your help
Reply all
Reply to author
Forward
0 new messages