diff options
-rw-r--r-- | .SRCINFO | 14 | ||||
-rw-r--r-- | PKGBUILD | 24 | ||||
-rw-r--r-- | dependency-check-cli.install | 16 |
3 files changed, 54 insertions, 0 deletions
diff --git a/.SRCINFO b/.SRCINFO new file mode 100644 index 000000000000..361383fddf4e --- /dev/null +++ b/.SRCINFO @@ -0,0 +1,14 @@ +pkgbase = dependency-check-cli + pkgdesc = Dependency-Check is a Software Composition Analysis (SCA) tool that attempts to detect publicly disclosed vulnerabilities contained within a project's dependencies. + pkgver = 5.3.2 + pkgrel = 1 + url = https://github.com/jeremylong/DependencyCheck + install = dependency-check-cli.install + arch = any + license = Apache + depends = java-runtime + source = https://bintray.com/jeremy-long/owasp/download_file?file_path=dependency-check-5.3.2-release.zip + sha256sums = 4c6f40cb596e335fd0cd816bd6c25773e1e029c3109979ce4c429f3b49850252 + +pkgname = dependency-check-cli + diff --git a/PKGBUILD b/PKGBUILD new file mode 100644 index 000000000000..877923a90bc9 --- /dev/null +++ b/PKGBUILD @@ -0,0 +1,24 @@ +# Maintainer: François-Xavier Bru <francoisxavier.bru at orange dot com> +pkgname=dependency-check-cli +_pkgname=dependency-check +pkgver=5.3.2 +pkgrel=1 +pkgdesc="Dependency-Check is a Software Composition Analysis (SCA) tool that attempts to detect publicly disclosed vulnerabilities contained within a project's dependencies." +arch=('any') +depends=('java-runtime') +url="https://github.com/jeremylong/DependencyCheck" +license=('Apache') +source=("https://bintray.com/jeremy-long/owasp/download_file?file_path=${_pkgname}-${pkgver}-release.zip") +sha256sums=('4c6f40cb596e335fd0cd816bd6c25773e1e029c3109979ce4c429f3b49850252') +install=${pkgname}.install + +package() { + + install -d "${pkgdir}/usr/bin" + install -d "${pkgdir}/opt/${_pkgname}" + + cp -r "${srcdir}/${_pkgname}/"* "${pkgdir}/opt/${_pkgname}" + chmod +x ${pkgdir}/opt/${_pkgname}/bin/dependency-check.sh + ln -s /opt/${_pkgname}/bin/dependency-check.sh "${pkgdir}"/usr/bin/dependency-check +} + diff --git a/dependency-check-cli.install b/dependency-check-cli.install new file mode 100644 index 000000000000..847811504b28 --- /dev/null +++ b/dependency-check-cli.install @@ -0,0 +1,16 @@ +post_install() { + groupadd dependencycheck + chown -R root:dependencycheck /opt/dependency-check/data + chmod -R g+w /opt/dependency-check/data + echo " Users should be added to the 'dependencycheck' group to be able to perform vulnerability database updates." + echo " $ sudo gpasswd -a <username> dependencycheck" +} + +post_upgrade() { + chown -R root:dependencycheck /opt/dependency-check/data + chmod -R g+w /opt/dependency-check/data +} + +post_remove() { + groupdel dependencycheck +} |