Java

Prerequisites

  • Install CLI

  • Java 1.8 or higher

  • Maven projects

    • install Maven

    • mvn install should be run on the project before running the tool.

  • Gradle projects

    • Install Gradle

    • gradle build should be run on the project before running the tool.

Command line

Run the following from command line. Recommended to provideproject-name else it will be picked up from your maven project's pom.xml.

cdefense scan --lang=java --api-key=<YOUR_API_KEY> \
--path=/d/temp/java-goof --project-name="My Java Project"

Gitlab Integration

Example .gitlab-ci.yml

image: maven:3-jdk-8
variables:
API_KEY: <YOUR_API_KEY>
cache:
paths:
- .m2/repository/
- target/
stages:
- test
run_scan:
stage: test
script:
- mvn web3j:generate-sources
- mvn clean install
- curl https://raw.githubusercontent.com/CloudDefenseAI/cd/master/latest/cd-latest-linux-x64.tar.gz > /tmp/cd-latest-linux-x64.tar.gz \
&& tar -C /usr/local/bin -xzf /tmp/cd-latest-linux-x64.tar.gz && chmod +x /usr/local/bin/cdefense
- cdefense scan --lang=java --project-name=java-mvn-sample --api-key=$API_KEY --path=$PWD
- echo $?

The output looks something like below:

│─────────────────────────────────────────────────────────────────│───────────│────────────────│───────────│─────────│───────────────│
│ PACKAGE NAME (14) │ ID │ VERSION │ PARENT ID │ LICENSE │ NEXT VERSIONS │
│─────────────────────────────────────────────────────────────────│───────────│────────────────│───────────│─────────│───────────────│
│ org.cysecurity:JavaVulnerableLab │ friaoZkcs │ 0.0.1-SNAPSHOT │ │ │ none │
│ javax.servlet:jstl │ ZvtYTYytU │ 1.2 │ │ │ none │
│ org.jboss.spec.javax.transaction:jboss-transaction-api_1.1_spec │ aPwMLkBjK │ 1.0.0.Final │ │ │ none │
│ org.hibernate.javax.persistence:hibernate-jpa-2.0-api │ OODyxFmUv │ 1.0.1.Final │ │ │ none │
│ org.hibernate.common:hibernate-commons-annotations │ kVLUGcJBp │ 4.0.1.Final │ │ │ none │
│ org.hibernate:hibernate-core │ xTkcjKvHt │ 4.0.1.Final │ │ │ none │
│ xml-apis:xml-apis │ zonxORNNG │ 1.0.b2 │ │ │ none │
│ org.jboss.logging:jboss-logging │ WvxHQWIlY │ 3.1.0.CR2 │ │ │ none │
│ org.javassist:javassist │ ehpGYytzw │ 3.15.0-GA │ │ │ none │
│ org.zenframework.z8.dependencies.commons:dom4j-1.6.1 │ bYpFdnJtF │ 2.0 │ │ │ none │
│ commons-collections:commons-collections │ nPLyJuElU │ 3.2.1 │ │ │ none │
│ org.json:json │ BWMDWUfHX │ 20090211 │ │ │ none │
│ mysql:mysql-connector-java │ AInCsSDKr │ 5.1.26 │ │ │ none │
│ antlr:antlr │ qVyyUywQt │ 2.7.7 │ │ │ none │
│─────────────────────────────────────────────────────────────────│───────────│────────────────│───────────│─────────│───────────────│
Secrets Scan Results
│────────────────│───────────────│──────────────────────────────────────────────────────│───────────────────────────────│
│ RULE (12) │ FILE │ LINE │ DATE │
│────────────────│───────────────│──────────────────────────────────────────────────────│───────────────────────────────│
│ AWS Manager ID │ prod-test.yml │ password:REDACTEDU │ 2020-05-29 19:34:30 -0700 PDT │
│ AWS Manager ID │ prod.yml │ password:REDACTEDU2 │ 2020-05-29 19:34:30 -0700 PDT │
│ AWS Manager ID │ prod.yml │ aws_access_key_id:REDACTEDU │ 2020-05-26 19:07:28 -0700 PDT │
│ AWS Manager ID │ secrets.yml │ aws_access_key_id:REDACTED │ 2020-05-26 16:38:07 -0700 PDT │
│ AWS Secret Key │ secrets.yml │ REDACTED │ 2020-05-26 16:38:07 -0700 PDT │
│────────────────│───────────────│──────────────────────────────────────────────────────│───────────────────────────────│