Skip to content

Commit 8c7df99

Browse files
committed
update dependency check usage to include nvd api key examples
1 parent aa6a655 commit 8c7df99

1 file changed

Lines changed: 15 additions & 3 deletions

File tree

README.md

Lines changed: 15 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -53,17 +53,29 @@ It only scans runtime configurations by default. This can be overridden in proj
5353

5454
### Usage
5555

56-
`./gradlew dependencyCheckAggregate`
56+
You can request a [NVD API key](https://nvd.nist.gov/developers/request-an-api-key) to improve Dependency Check performance and avoid NVD rate limiting.
57+
58+
It can be provided via an environment variable:
59+
60+
```bash
61+
export NVD_API_KEY=YOUR_KEY
62+
```
63+
64+
Or via a Gradle property:
65+
66+
```bash
67+
./gradlew dependencyCheckAggregate -PdependencyCheck.nvd.apiKey=YOUR_KEY
68+
```
5769

5870
### Suppressions
5971

60-
Due to the way the dependency checker works, false positives are an [expected occurence.](https://jeremylong.github.io/DependencyCheck/general/suppression.html)
72+
Due to the way the dependency checker works, false positives are an [expected occurrence.](https://jeremylong.github.io/DependencyCheck/general/suppression.html)
6173

6274
Provide the dependency checker with the path to your [suppression file](https://jeremylong.github.io/DependencyCheck/general/suppression.html):
6375

6476
```groovy
6577
dependencyCheck {
66-
suppressionFile = 'path/to/supression.xml'
78+
suppressionFile = 'path/to/suppressions.xml'
6779
}
6880
```
6981

0 commit comments

Comments
 (0)