diff --git a/CHANGELOG.md b/CHANGELOG.md index 80a5260..5668573 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,16 @@ All noticeable changes to this project will be documented in this file. The format is based on [changelog][keepachangelog], and this project adheres to [semantic versioning][semver]. +## [0.1.2][] `2023-12-27` + +### Changed + +* Update dependency check 9.0.7 +* Update sonar scanner cli 5.0.1.3006 +* Update dotnet-sonarscanner 6.0 +* Update postgres driver 42.7.0 +* Update mysql driver 8.2.0 + ## [0.1.1][] `2023-11-16` ### Fixed @@ -25,5 +35,6 @@ to [semantic versioning][semver]. +[0.1.2]: https://github.com/sentoz/multi-sonarqube-scanner-cli/tree/0.1.2 [0.1.1]: https://github.com/sentoz/multi-sonarqube-scanner-cli/tree/0.1.1 [0.1.0]: https://github.com/sentoz/multi-sonarqube-scanner-cli/tree/0.1.0 diff --git a/Dockerfile.base-focal b/Dockerfile.base-focal index d517042..89bff16 100644 --- a/Dockerfile.base-focal +++ b/Dockerfile.base-focal @@ -4,15 +4,15 @@ FROM eclipse-temurin:17-jdk-focal LABEL org.opencontainers.image.authors="Dmitriy Okladin " LABEL org.opencontainers.image.source="https://github.com/sentoz/multi-sonarqube-scanner-cli" -ARG POSTGRES_DRIVER_VERSION=42.2.19 -ARG MYSQL_DRIVER_VERSION=8.0.23 -ARG DEPENDENCY_CHECK_VERSION=8.1.2 +ARG POSTGRES_DRIVER_VERSION=42.7.0 +ARG MYSQL_DRIVER_VERSION=8.2.0 +ARG DEPENDENCY_CHECK_VERSION=9.0.7 ARG DEPENDENCY_CHECK_HOME=/opt/dependency-check ARG SONARQUBE_TOKEN ARG SONARQUBE_URL -ARG SONAR_SCANNER_VERSION=4.8.0.2856 +ARG SONAR_SCANNER_VERSION=5.0.1.3006 ARG SONAR_SCANNER_HOME=/opt/sonar-scanner @@ -47,10 +47,10 @@ RUN set -eux; \ unzip dependency-check.zip; \ rm dependency-check.zip; \ wget -U "scannercli" -q -O "$DEPENDENCY_CHECK_HOME/plugins/postgresql-$POSTGRES_DRIVER_VERSION.jar" https://jdbc.postgresql.org/download/postgresql-$POSTGRES_DRIVER_VERSION.jar; \ - wget -U "scannercli" -q -O /opt/mysql-connector-java-$MYSQL_DRIVER_VERSION.zip https://dev.mysql.com/get/Downloads/Connector-J/mysql-connector-java-$MYSQL_DRIVER_VERSION.zip; \ - unzip mysql-connector-java-$MYSQL_DRIVER_VERSION.zip; \ - mv mysql-connector-java-$MYSQL_DRIVER_VERSION/mysql-connector-java-$MYSQL_DRIVER_VERSION.jar $DEPENDENCY_CHECK_HOME/plugins/mysql-connector-java-$MYSQL_DRIVER_VERSION.jar; \ - rm -rf mysql-connector-java-$MYSQL_DRIVER_VERSION.zip mysql-connector-java-$MYSQL_DRIVER_VERSION; \ + wget -U "scannercli" -q -O /opt/mysql-connector-j-$MYSQL_DRIVER_VERSION.zip https://dev.mysql.com/get/Downloads/Connector-J/mysql-connector-j-$MYSQL_DRIVER_VERSION.zip; \ + unzip mysql-connector-j-$MYSQL_DRIVER_VERSION.zip; \ + mv mysql-connector-j-$MYSQL_DRIVER_VERSION/mysql-connector-j-$MYSQL_DRIVER_VERSION.jar $DEPENDENCY_CHECK_HOME/plugins/mysql-connector-j-$MYSQL_DRIVER_VERSION.jar; \ + rm -rf mysql-connector-j-$MYSQL_DRIVER_VERSION.zip mysql-connector-j-$MYSQL_DRIVER_VERSION; \ unzip sonar-scanner-cli.zip; \ rm sonar-scanner-cli.zip sonar-scanner-cli.zip.asc; \ mv "sonar-scanner-$SONAR_SCANNER_VERSION" "$SONAR_SCANNER_HOME"; diff --git a/Dockerfile.base-jammy b/Dockerfile.base-jammy index 341106f..72b0537 100644 --- a/Dockerfile.base-jammy +++ b/Dockerfile.base-jammy @@ -4,15 +4,15 @@ FROM eclipse-temurin:17-jdk LABEL org.opencontainers.image.authors="Dmitriy Okladin " LABEL org.opencontainers.image.source="https://github.com/sentoz/multi-sonarqube-scanner-cli" -ARG POSTGRES_DRIVER_VERSION=42.2.19 -ARG MYSQL_DRIVER_VERSION=8.0.23 -ARG DEPENDENCY_CHECK_VERSION=8.1.2 +ARG POSTGRES_DRIVER_VERSION=42.7.0 +ARG MYSQL_DRIVER_VERSION=8.2.0 +ARG DEPENDENCY_CHECK_VERSION=9.0.7 ARG DEPENDENCY_CHECK_HOME=/opt/dependency-check ARG SONARQUBE_TOKEN ARG SONARQUBE_URL -ARG SONAR_SCANNER_VERSION=4.8.0.2856 +ARG SONAR_SCANNER_VERSION=5.0.1.3006 ARG SONAR_SCANNER_HOME=/opt/sonar-scanner @@ -47,10 +47,10 @@ RUN set -eux; \ unzip dependency-check.zip; \ rm dependency-check.zip; \ wget -U "scannercli" -q -O "$DEPENDENCY_CHECK_HOME/plugins/postgresql-$POSTGRES_DRIVER_VERSION.jar" https://jdbc.postgresql.org/download/postgresql-$POSTGRES_DRIVER_VERSION.jar; \ - wget -U "scannercli" -q -O /opt/mysql-connector-java-$MYSQL_DRIVER_VERSION.zip https://dev.mysql.com/get/Downloads/Connector-J/mysql-connector-java-$MYSQL_DRIVER_VERSION.zip; \ - unzip mysql-connector-java-$MYSQL_DRIVER_VERSION.zip; \ - mv mysql-connector-java-$MYSQL_DRIVER_VERSION/mysql-connector-java-$MYSQL_DRIVER_VERSION.jar $DEPENDENCY_CHECK_HOME/plugins/mysql-connector-java-$MYSQL_DRIVER_VERSION.jar; \ - rm -rf mysql-connector-java-$MYSQL_DRIVER_VERSION.zip mysql-connector-java-$MYSQL_DRIVER_VERSION; \ + wget -U "scannercli" -q -O /opt/mysql-connector-j-$MYSQL_DRIVER_VERSION.zip https://dev.mysql.com/get/Downloads/Connector-J/mysql-connector-j-$MYSQL_DRIVER_VERSION.zip; \ + unzip mysql-connector-j-$MYSQL_DRIVER_VERSION.zip; \ + mv mysql-connector-j-$MYSQL_DRIVER_VERSION/mysql-connector-j-$MYSQL_DRIVER_VERSION.jar $DEPENDENCY_CHECK_HOME/plugins/mysql-connector-j-$MYSQL_DRIVER_VERSION.jar; \ + rm -rf mysql-connector-j-$MYSQL_DRIVER_VERSION.zip mysql-connector-j-$MYSQL_DRIVER_VERSION; \ unzip sonar-scanner-cli.zip; \ rm sonar-scanner-cli.zip sonar-scanner-cli.zip.asc; \ mv "sonar-scanner-$SONAR_SCANNER_VERSION" "$SONAR_SCANNER_HOME"; diff --git a/Dockerfile.dotnet-3.1 b/Dockerfile.dotnet-3.1 index d5d206a..9e8a99c 100644 --- a/Dockerfile.dotnet-3.1 +++ b/Dockerfile.dotnet-3.1 @@ -10,7 +10,7 @@ ARG SONARQUBE_URL ARG SONAR_SCANNER_HOME=/opt/sonar-scanner -ARG DOTNET_SONARSCANNER_VERSION=5.5.3 +ARG DOTNET_SONARSCANNER_VERSION=6.0 ENV HOME=/tmp ENV XDG_CONFIG_HOME=/tmp diff --git a/Dockerfile.dotnet-5.0 b/Dockerfile.dotnet-5.0 index 87aab8e..d501aad 100644 --- a/Dockerfile.dotnet-5.0 +++ b/Dockerfile.dotnet-5.0 @@ -10,7 +10,7 @@ ARG SONARQUBE_URL ARG SONAR_SCANNER_HOME=/opt/sonar-scanner -ARG DOTNET_SONARSCANNER_VERSION=5.5.3 +ARG DOTNET_SONARSCANNER_VERSION=6.0 ENV HOME=/tmp ENV XDG_CONFIG_HOME=/tmp diff --git a/Dockerfile.dotnet-6.0 b/Dockerfile.dotnet-6.0 index 22f5d07..06c2076 100644 --- a/Dockerfile.dotnet-6.0 +++ b/Dockerfile.dotnet-6.0 @@ -10,7 +10,7 @@ ARG SONARQUBE_URL ARG SONAR_SCANNER_HOME=/opt/sonar-scanner -ARG DOTNET_SONARSCANNER_VERSION=5.11 +ARG DOTNET_SONARSCANNER_VERSION=6.0 ENV HOME=/tmp ENV XDG_CONFIG_HOME=/tmp diff --git a/Dockerfile.dotnet-7.0 b/Dockerfile.dotnet-7.0 index d06128c..efb4af4 100644 --- a/Dockerfile.dotnet-7.0 +++ b/Dockerfile.dotnet-7.0 @@ -10,7 +10,7 @@ ARG SONARQUBE_URL ARG SONAR_SCANNER_HOME=/opt/sonar-scanner -ARG DOTNET_SONARSCANNER_VERSION=5.11 +ARG DOTNET_SONARSCANNER_VERSION=6.0 ENV HOME=/tmp ENV XDG_CONFIG_HOME=/tmp diff --git a/README.md b/README.md index c2fd547..93209af 100644 --- a/README.md +++ b/README.md @@ -55,13 +55,13 @@ Special thanks to [WoozyMasta][] for the utility [guassp][]. You need to pass arguments to build.: -* **`SONAR_SCANNER_VERSION`**=`4.8.0.2856` - version of the scanner, you can +* **`SONAR_SCANNER_VERSION`**=`5.0.1.3006` - version of the scanner, you can take in project repositories [sonar-scanner-cli][] -* **`DOTNET_SONARSCANNER_VERSION`**=`5.11` - dotnet-sonarscanner version +* **`DOTNET_SONARSCANNER_VERSION`**=`6.0` - dotnet-sonarscanner version * **`GRADLE_VERSION`**=`8.1.1` - gradle version -* **`POSTGRES_DRIVER_VERSION`**=`42.2.19` - postgres driver version -* **`MYSQL_DRIVER_VERSION`**=`8.0.23` - mysql driver version -* **`DEPENDENCY_CHECK_VERSION`**=`8.1.2` - [DependencyCheck][] version +* **`POSTGRES_DRIVER_VERSION`**=`42.7.0` - postgres driver version +* **`MYSQL_DRIVER_VERSION`**=`8.2.0` - mysql driver version +* **`DEPENDENCY_CHECK_VERSION`**=`9.0.7` - [DependencyCheck][] version ### Building an Image with a Plugin Cache @@ -198,7 +198,7 @@ data from it, and not download it from the Internet at each start. * **`OWASP_DEPENDENCY_CHECK_DB_STRING`** - database connection string * **`OWASP_DEPENDENCY_CHECK_DB_PASSWORD`** - database connection password * **`OWASP_DEPENDENCY_CHECK_DB_USER`** - username to connect to the database -* **`OWASP_DEPENDENCY_CHECK_CVE_VALID_HOURS`** - `24` - The number of hours +* **`OWASP_DEPENDENCY_CHECK_NVD_VALID_HOURS`** - `24` - The number of hours after which the NVD will check for a database update. #### Criteria for evaluation diff --git a/README_RU.md b/README_RU.md index 04de9a7..92d2030 100644 --- a/README_RU.md +++ b/README_RU.md @@ -55,13 +55,13 @@ Для сборки необходимо передать аргументы: -* **`SONAR_SCANNER_VERSION`**=`4.8.0.2856` - версия сканера, взять можно в +* **`SONAR_SCANNER_VERSION`**=`5.0.1.3006` - версия сканера, взять можно в репозитории проекта [sonar-scanner-cli][] -* **`DOTNET_SONARSCANNER_VERSION`**=`5.4.1` - версия dotnet-sonarscanner +* **`DOTNET_SONARSCANNER_VERSION`**=`6.0` - версия dotnet-sonarscanner * **`GRADLE_VERSION`**=`8.1.1` - версия gradle -* **`POSTGRES_DRIVER_VERSION`**=`42.2.19` - версия драйвера postgres -* **`MYSQL_DRIVER_VERSION`**=`8.0.23` - версия драйвера mysql -* **`DEPENDENCY_CHECK_VERSION`**=`8.1.2` - версия [DependencyCheck][] +* **`POSTGRES_DRIVER_VERSION`**=`42.7.0` - версия драйвера postgres +* **`MYSQL_DRIVER_VERSION`**=`8.3.0` - версия драйвера mysql +* **`DEPENDENCY_CHECK_VERSION`**=`9.0.7` - версия [DependencyCheck][] ### Сборка образа с кэшем плагинов @@ -200,7 +200,7 @@ данных * **`OWASP_DEPENDENCY_CHECK_DB_USER`** - имя пользователя для подключения к базе данных -* **`OWASP_DEPENDENCY_CHECK_CVE_VALID_HOURS`** - `24` - Кол-во часов через +* **`OWASP_DEPENDENCY_CHECK_NVD_VALID_HOURS`** - `24` - Кол-во часов через сколько будет выполняться проверка наличия обновления базы из NVD. #### Критерии оценки diff --git a/scripts/dependency_check_run.sh b/scripts/dependency_check_run.sh index e09deee..b820ab7 100755 --- a/scripts/dependency_check_run.sh +++ b/scripts/dependency_check_run.sh @@ -5,7 +5,7 @@ # OWASP Dependency Check : "${OWASP_DEPENDENCY_CHECK_SUPPRESSIONS_FILE_PATH:=$PROJECT_DIR/suppression.xml}" : "${OWASP_DEPENDENCY_CHECK_DISABLE_OSS_INDEX:=true}" -: "${OWASP_DEPENDENCY_CHECK_CVE_VALID_HOURS:=24}" +: "${OWASP_DEPENDENCY_CHECK_NVD_VALID_HOURS:=24}" : "${OWASP_DEPENDENCY_CHECK_DB_DRIVER:-}" # Version of analyzed project version="${REF_NAME:-MR-${MERGE_REQUEST_ID:-0}}" @@ -43,7 +43,7 @@ if [ -n "${OWASP_DEPENDENCY_CHECK_DB_DRIVER:-}" ] && --connectionString "$OWASP_DEPENDENCY_CHECK_DB_STRING" --dbPassword "$OWASP_DEPENDENCY_CHECK_DB_PASSWORD" --dbUser "$OWASP_DEPENDENCY_CHECK_DB_USER" - --cveValidForHours "$OWASP_DEPENDENCY_CHECK_CVE_VALID_HOURS" + --nvdValidForHours "$OWASP_DEPENDENCY_CHECK_NVD_VALID_HOURS" --noupdate ) else