OWASP dependency-check for codecommit repositories
Project description
@cloudcomponents/cdk-dependency-check
OWASP dependency-check for codecommit repositories
Install
TypeScript/JavaScript:
npm i @cloudcomponents/cdk-dependency-check
Python:
pip install cloudcomponents.cdk-dependency-check
How to use
import { CodeCommitDependencyCheck } from '@cloudcomponents/cdk-dependency-check';
import { Stack, StackProps } from 'aws-cdk-lib';
import { Repository } from 'aws-cdk-lib/aws-codecommit';
import { Schedule } from 'aws-cdk-lib/aws-events';
import { SnsTopic } from 'aws-cdk-lib/aws-events-targets';
import { Bucket } from 'aws-cdk-lib/aws-s3';
import { Topic } from 'aws-cdk-lib/aws-sns';
import { EmailSubscription } from 'aws-cdk-lib/aws-sns-subscriptions';
import { Construct } from 'constructs';
export class DependencyCheckStack extends Stack {
constructor(scope: Construct, id: string, props?: StackProps) {
super(scope, id, props);
if (typeof process.env.REPOSITORY_NAME === 'undefined') {
throw new Error('environment variable REPOSITORY_NAME undefined');
}
const repository = Repository.fromRepositoryName(this, 'Repository', process.env.REPOSITORY_NAME);
const reportsBucket = new Bucket(this, 'Bucket');
// The following example runs a task every day at 4am
const check = new CodeCommitDependencyCheck(this, 'CodeCommitDependencyCheck', {
repository,
reportsBucket,
preCheckCommand: 'npm i',
schedule: Schedule.cron({
minute: '0',
hour: '4',
}),
});
const checkTopic = new Topic(this, 'CheckTopic');
if (process.env.DEVSECOPS_TEAM_EMAIL) {
checkTopic.addSubscription(new EmailSubscription(process.env.DEVSECOPS_TEAM_EMAIL));
}
check.onCheckStarted('started', {
target: new SnsTopic(checkTopic),
});
check.onCheckSucceeded('succeeded', {
target: new SnsTopic(checkTopic),
});
check.onCheckFailed('failed', {
target: new SnsTopic(checkTopic),
});
}
}
Upload HTML Reports
const reportsBucket = new Bucket(this, 'Bucket');
// The following example runs a task every day at 4am
const check = new CodeCommitDependencyCheck(this, 'CodeCommitDependencyCheck', {
repository,
reportsBucket,
preCheckCommand: 'npm i',
schedule: Schedule.cron({
minute: '0',
hour: '4',
}),
});
API Reference
See API.md.
Example
See more complete examples.
License
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file cloudcomponents.cdk-dependency-check-2.3.0.tar.gz.
File metadata
- Download URL: cloudcomponents.cdk-dependency-check-2.3.0.tar.gz
- Upload date:
- Size: 84.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.0.0 CPython/3.12.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | e262756848c67e82967d19f6eaa4fc2d302973a633c4a8e944b6ca8c13dadfa1 |
|
| MD5 | 0488966190a0c718d63bd7e4c9e16421 |
|
| BLAKE2b-256 | ec9dc01c1135f30be9c8409352da97b1cc6da9bc14bdaced4034dab69d4107b1 |
File details
Details for the file cloudcomponents.cdk_dependency_check-2.3.0-py3-none-any.whl.
File metadata
- Download URL: cloudcomponents.cdk_dependency_check-2.3.0-py3-none-any.whl
- Upload date:
- Size: 82.9 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.0.0 CPython/3.12.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 760f29b68e95d7e23c1f06b509a24bf3775bf78a06913c3c50536cd8f26f0ffd |
|
| MD5 | e3fbb894fcc21125b56d41247daa0b83 |
|
| BLAKE2b-256 | 5e92e8a62c2bc7affe9a3a7b1af2be5f03236a16aa35f70a1bea17cc7c338801 |
