Skip to content

Commit

Permalink
Merge pull request #598 from anddann/master
Browse files Browse the repository at this point in the history
Fix typos in Readme.md
  • Loading branch information
henrikplate authored Dec 4, 2023
2 parents a0e1e19 + 05ee197 commit 8c216f1
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -41,15 +41,15 @@ This section provides the bare minimum to setup Steady and to use its Maven plug

**Notes**:
- Tested with Docker 20.10.11 + Docker Compose 1.29.2 on Intel Macs with macOS 12.3.1, and Docker 20.10.15 + Docker Compose 1.29.0 on Ubuntu 20.04.4 and 18.04.6.
- During its first execution, triggered by the setup script or directly using `start-steady.sh -s ui`, the backend will be bootstrapped by downloading and processing code-level information of hundreds of vulnerabilities maintained in the open-source knowledge base [Project KB](https://github.com/sap/project-kb). While the bootstrapping can take up to two hours, later updates will import the delta on a daily basis. Run `start-steady.sh -s none` to shut down all Docker Compose services of the backend.
- During its first execution, triggered by the setup script by `setup-steady.sh` or directly using `start-steady.sh -s ui`, the backend will be bootstrapped by downloading and processing code-level information of hundreds of vulnerabilities maintained in the open-source knowledge base [Project KB](https://github.com/sap/project-kb). While the bootstrapping can take up to two hours, later updates will import the delta on a daily basis. Run `start-steady.sh -s none` to shut down all Docker Compose services of the backend.

2. A Steady **scan client**, e.g. the Maven plugin, analyzes the code of your application project and its dependencies. Being [available on Maven Central](https://search.maven.org/search?q=g:org.eclipse.steady), the clients do not require any installation. However, they need to be run whenever your application's code or dependencies change.

In case application scan and Steady backend run on different hosts, the scan clients must be configured accordingly. Just copy and adjust the file `~/.steady.properties`, which has been created in the user's home directory during the backend setup.

For Maven, `cd` into your project and run the `app` analysis goal as follows (see [here](https://eclipse.github.io/steady/user/manuals/analysis/) for more information about available goals):

`mvn org.eclipse.steady:plugin-maven:3.2.0:app`
`mvn org.eclipse.steady:plugin-maven:3.2.5:app`

**Note**: During application scans, a lot of information about its dependencies is uploaded to the backend, which makes that the first scan takes significantly more time than later scans of the same application.

Expand Down

0 comments on commit 8c216f1

Please sign in to comment.