summarylogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.SRCINFO14
-rw-r--r--PKGBUILD24
-rw-r--r--dependency-check-cli.install16
3 files changed, 54 insertions, 0 deletions
diff --git a/.SRCINFO b/.SRCINFO
new file mode 100644
index 000000000000..361383fddf4e
--- /dev/null
+++ b/.SRCINFO
@@ -0,0 +1,14 @@
+pkgbase = dependency-check-cli
+ pkgdesc = Dependency-Check is a Software Composition Analysis (SCA) tool that attempts to detect publicly disclosed vulnerabilities contained within a project's dependencies.
+ pkgver = 5.3.2
+ pkgrel = 1
+ url = https://github.com/jeremylong/DependencyCheck
+ install = dependency-check-cli.install
+ arch = any
+ license = Apache
+ depends = java-runtime
+ source = https://bintray.com/jeremy-long/owasp/download_file?file_path=dependency-check-5.3.2-release.zip
+ sha256sums = 4c6f40cb596e335fd0cd816bd6c25773e1e029c3109979ce4c429f3b49850252
+
+pkgname = dependency-check-cli
+
diff --git a/PKGBUILD b/PKGBUILD
new file mode 100644
index 000000000000..877923a90bc9
--- /dev/null
+++ b/PKGBUILD
@@ -0,0 +1,24 @@
+# Maintainer: François-Xavier Bru <francoisxavier.bru at orange dot com>
+pkgname=dependency-check-cli
+_pkgname=dependency-check
+pkgver=5.3.2
+pkgrel=1
+pkgdesc="Dependency-Check is a Software Composition Analysis (SCA) tool that attempts to detect publicly disclosed vulnerabilities contained within a project's dependencies."
+arch=('any')
+depends=('java-runtime')
+url="https://github.com/jeremylong/DependencyCheck"
+license=('Apache')
+source=("https://bintray.com/jeremy-long/owasp/download_file?file_path=${_pkgname}-${pkgver}-release.zip")
+sha256sums=('4c6f40cb596e335fd0cd816bd6c25773e1e029c3109979ce4c429f3b49850252')
+install=${pkgname}.install
+
+package() {
+
+ install -d "${pkgdir}/usr/bin"
+ install -d "${pkgdir}/opt/${_pkgname}"
+
+ cp -r "${srcdir}/${_pkgname}/"* "${pkgdir}/opt/${_pkgname}"
+ chmod +x ${pkgdir}/opt/${_pkgname}/bin/dependency-check.sh
+ ln -s /opt/${_pkgname}/bin/dependency-check.sh "${pkgdir}"/usr/bin/dependency-check
+}
+
diff --git a/dependency-check-cli.install b/dependency-check-cli.install
new file mode 100644
index 000000000000..847811504b28
--- /dev/null
+++ b/dependency-check-cli.install
@@ -0,0 +1,16 @@
+post_install() {
+ groupadd dependencycheck
+ chown -R root:dependencycheck /opt/dependency-check/data
+ chmod -R g+w /opt/dependency-check/data
+ echo " Users should be added to the 'dependencycheck' group to be able to perform vulnerability database updates."
+ echo " $ sudo gpasswd -a <username> dependencycheck"
+}
+
+post_upgrade() {
+ chown -R root:dependencycheck /opt/dependency-check/data
+ chmod -R g+w /opt/dependency-check/data
+}
+
+post_remove() {
+ groupdel dependencycheck
+}