Merge pull request #62 from dependency-check/develop

Cross Platform v6.0

.gitignore

@@ -29,7 +29,11 @@ node_modules
 .vscode
 *.vsix
 
+.taskkey
+
 # Dep check data directory files
-src/Tasks/dependency-check-build-task/dependency-check/data/*.json
-src/Tasks/dependency-check-build-task/dependency-check/data/*.db
-src/Tasks/dependency-check-build-task/dependency-check-*.zip
+src/Tasks/dependency-check-build-task/dependency-check/*
+src/Tasks/dependency-check-build-task/dependency-check/data/*
+src/Tasks/dependency-check-build-task/dependency-check-build-task.js
+!src/Tasks/dependency-check-build-task/dependency-check/data
+!src/Tasks/dependency-check-build-task/dependency-check/data/README.md

CODEOWNERS

@@ -0,0 +1,2 @@
+# Default administrators group
+*           @dependency-check/administrators

build/build.sh

@@ -4,6 +4,14 @@
 # Unfortunately can't include cached data in the VSIX, exceeds max size for package upload (booooo).
 #./src/Tasks/dependency-check-build-task/dependency-check/bin/dependency-check.sh --updateonly
 
+srcPath=`pwd`
+
+# build the task
+cd ./src/Tasks/dependency-check-build-task/
+npm install
+npm run build
+
 # build the extension
+cd $srcPath
 npm install
-npm run build
+npm run build

overview.md

@@ -4,12 +4,16 @@ Dependency-Check is a software composition analysis utility that identifies proj
 
 The OWASP Dependency Check Azure DevOps Extension enables the following features in an Azure Build Pipeline:
 
-- Software composition analysis runs against package references during each build
+- Software composition analysis runs against package references during build on both Windows and Linux build agents.
 
 - Export vulnerability data to HTML, JSON, XML, CSV, JUnit formatted reports
 
 - Download vulnerability reports from the build's artifacts
 
+## GitHub Repository
+
+The extension maintainers do not monitor the Marketplace Question & Answers. please use the [Azure DevOps Dependency Check](https://github.com/dependency-check/azuredevops) repository for questions, issues, or enhancements.
+
 ## Installation and Configuration
 
 - Install the [OWASP Dependency Check](https://marketplace.visualstudio.com/items?itemName=dependency-check.dependencycheck) extension into your Azure DevOps Organization.
@@ -20,53 +24,53 @@ The OWASP Dependency Check Azure DevOps Extension enables the following features
 
 - Press the **+** icon to add a new **OWASP Dependency Check** build task.
 
-    <img src="https://raw.githubusercontent.com/dependency-check/azuredevops/master/screenshots/buildtask-new.png">
+    <img src="https://raw.githubusercontent.com/dependency-check/azuredevops/main/screenshots/buildtask-new.png">
 
 - Search for the **OWASP Dependency Check** task and press the **Add** button.
 
-    <img src="https://raw.githubusercontent.com/dependency-check/azuredevops/master/screenshots/buildtask-add.png">
+    <img src="https://raw.githubusercontent.com/dependency-check/azuredevops/main/screenshots/buildtask-add.png">
 
 - Configure the build task with the appropriate [Dependency Check Command Line Arguments](https://jeremylong.github.io/DependencyCheck/dependency-check-cli/arguments.html).
 
-    <img src="https://raw.githubusercontent.com/dependency-check/azuredevops/master/screenshots/buildtask-configure.png">
+    <img src="https://raw.githubusercontent.com/dependency-check/azuredevops/main/screenshots/buildtask-configure.png">
 
 ## Executing Dependency Check
 
 - Execute the pipeline and wait for the build to complete.
 
 - Review the build logs and ensure the the Dependency Check task successfully completed.
 
-    <img src="https://raw.githubusercontent.com/dependency-check/azuredevops/master/screenshots/build-success.png">
+    <img src="https://raw.githubusercontent.com/dependency-check/azuredevops/main/screenshots/build-success.png">
 
 - Click on the Dependency Check build task to view the build output.
 
-    <img src="https://raw.githubusercontent.com/dependency-check/azuredevops/master/screenshots/build-output.png">
+    <img src="https://raw.githubusercontent.com/dependency-check/azuredevops/main/screenshots/build-output.png">
 
 ## Dependency Check Reports
 
 - Each of the selected report formats are uploaded to the **Artifacts** for downloading.
 
-    <img src="https://raw.githubusercontent.com/dependency-check/azuredevops/master/screenshots/build-artifacts.png">
+    <img src="https://raw.githubusercontent.com/dependency-check/azuredevops/main/screenshots/build-artifacts.png">
 
 - Select **Dependency Check** to open the **Artifact Explorer** and download the Dependency Check reports.
 
-    <img src="https://raw.githubusercontent.com/dependency-check/azuredevops/master/screenshots/build-artifacts-explorer.png">
+    <img src="https://raw.githubusercontent.com/dependency-check/azuredevops/main/screenshots/build-artifacts-explorer.png">
 
 - Dependency Check supports exporting the results to JUNIT formatted test results. To parse the JUNIT test results, create a new **Publish Test Results** build task with the following configuration.
 
-    <img src="https://raw.githubusercontent.com/dependency-check/azuredevops/master/screenshots/buildtask-tests.png">
+    <img src="https://raw.githubusercontent.com/dependency-check/azuredevops/main/screenshots/buildtask-tests.png">
 
 - View the **Tests** screen to view the passing and failing Dependency Check tests.
 
-    <img src="https://raw.githubusercontent.com/dependency-check/azuredevops/master/screenshots/build-tests.png">
+    <img src="https://raw.githubusercontent.com/dependency-check/azuredevops/main/screenshots/build-tests.png">
 
 ## Learn More
 
 More details on configuring and running Dependency Check can be found at [https://jeremylong.github.io/DependencyCheck/](https://jeremylong.github.io/DependencyCheck/).
 
 ## Supported Environments
 
-- Azure DevOps Agents must be running a Windows agent with Powershell to execute the build task.
+- The Dependency Check Azure DevOps extension has been converted to TypeScript as of version 6.0. With this update, both Linux and Windows build agents are supported.
 
 ## Contributors
 
@@ -77,3 +81,5 @@ The following contributor(s) help maintain the Azure DevOps extension:
 - Eric Johnson ([@emjohn20](https://twitter.com/emjohn20)) - Principal Security Engineer, Puma Security
 
 - Even Schjølberg, Upheads
+
+- [Alain Croisetiere](https://github.com/alaincroisetiere)