From 72ac61300d436c1e1a611e2e5bb887f233e42cbb Mon Sep 17 00:00:00 2001 From: Michael Hoennig Date: Tue, 8 Oct 2024 14:10:00 +0200 Subject: [PATCH] document OWASP_API_KEY --- README.md | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index e1d1515b..308d5c51 100644 --- a/README.md +++ b/README.md @@ -497,9 +497,19 @@ We'll see if this changes when the project progresses and more validations are a ### OWASP Security Vulnerability Check -An OWASP security vulnerability is configured and can be utilized by running: +An OWASP security vulnerability is configured, but you need an API key. +Fetch it from https://nvd.nist.gov/developers/request-an-api-key. + +Then add it to your `~/.gradle/gradle.properties` file: + +``` +OWASP_API_KEY=........-....-....-....-............ +``` + +Now you can run the dependency vulnerability check: ```shell +gw dependencyCheckUpdate gw dependencyCheckAnalyze ```