From af9a74d0ee167862f93b3b040d88aeeb0a6160cf Mon Sep 17 00:00:00 2001
From: cspicer <spicer_casey@bah.com>
Date: Fri, 12 Feb 2021 15:02:36 -0500
Subject: [PATCH 1/3] updated to version 6.1.0

---
 Dockerfile              |  4 ++--
 README.md               |  2 +-
 hardening_manifest.yaml | 10 +++++-----
 3 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 18e7754..6f8bf6c 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -21,8 +21,8 @@ RUN INSTALL_PKGS="ruby unzip" && \
 
 ### Arguments and Environment variables
 ENV user dependencycheck
-ARG SDP_BUILD_DEPENDENCY_VERSION="dcar-1.7"
-ENV OWASP_DEP_CHK_VERSION 6.0.3
+ARG SDP_BUILD_DEPENDENCY_VERSION="dcar-1.8"
+ENV OWASP_DEP_CHK_VERSION 6.1.0
 
 ### Fetch dependency bundle
 RUN mkdir /root/tmp
diff --git a/README.md b/README.md
index f32785c..b029f96 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,4 @@
-# OWASP Dependency Check  Container Version 6.0.3
+# OWASP Dependency Check  Container Version 6.1.0
 
 ## Introduction
 
diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml
index 1b478c4..5fe8345 100644
--- a/hardening_manifest.yaml
+++ b/hardening_manifest.yaml
@@ -8,7 +8,7 @@ name: "solutions-delivery-platform/dependency-check/dependency-check"
 # The most specific version should be the first tag and will be shown
 # on ironbank.dsop.io
 tags:
-- "6.0.3"
+- "6.1.0"
 - "latest"
 
 # Build args passed to Dockerfile ARGs
@@ -27,7 +27,7 @@ labels:
   org.opencontainers.image.url: "https://github.com/boozallen/sdp-images"
   ## Name of the distributing entity, organization or individual
   org.opencontainers.image.vendor: "Booz Allen Hamilton"
-  org.opencontainers.image.version: "6.0.3"
+  org.opencontainers.image.version: "6.1.0"
   ## Keywords to help with search (ex. "cicd,gitops,golang")
   mil.dso.ironbank.image.keywords: "OWASP, dependency, check, dependency-check, SDP, cve, scanner, scan"
   ## This value can be "opensource" or "commercial"
@@ -37,11 +37,11 @@ labels:
 
 # List of resources to make available to the offline build context
 resources:
-- filename: owasp-dep-check-dependencies-dcar-1.7.tar.gz
-  url: https://github.com/boozallen/sdp-images/releases/download/dcar-1.7/owasp-dep-check-dependencies-dcar-1.7.tar.gz
+- filename: owasp-dep-check-dependencies-dcar-1.8.tar.gz
+  url: https://github.com/boozallen/sdp-images/releases/download/dcar-1.8/owasp-dep-check-dependencies-dcar-1.8.tar.gz
   validation:
     type: sha256
-    value: 5149b91bbb24ea18da7e692e15aa1cd0c61262072125830d263ccc1be43f54ad
+    value: faf9679a50be32d2534cd931473730e064c3e4d7ce1cdc4635e1a9a7de806f04
 
 # List of project maintainers
 # FIXME: Fill in the following details for the current container owner in the whitelist
-- 
GitLab


From 366bd6b6a39cc3cd62c51f68704945639bd991be Mon Sep 17 00:00:00 2001
From: cspicer <spicer_casey@bah.com>
Date: Wed, 24 Feb 2021 12:44:56 -0500
Subject: [PATCH 2/3] updated dependencies

---
 Dockerfile              | 4 ----
 hardening_manifest.yaml | 2 +-
 2 files changed, 1 insertion(+), 5 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 6f8bf6c..ff112cb 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -2,8 +2,6 @@ ARG BASE_REGISTRY=registry1.dsop.io
 ARG BASE_IMAGE=redhat/openjdk/openjdk8
 ARG BASE_TAG=1.8.0
 FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG}
-
-
 USER root
 
 ### add licenses to this directory
@@ -17,8 +15,6 @@ RUN INSTALL_PKGS="ruby unzip" && \
     yum -y -v clean all && \
     [ ! -d /var/cache/yum ] || rm -rf /var/cache/yum
 
-
-
 ### Arguments and Environment variables
 ENV user dependencycheck
 ARG SDP_BUILD_DEPENDENCY_VERSION="dcar-1.8"
diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml
index 5fe8345..c975e58 100644
--- a/hardening_manifest.yaml
+++ b/hardening_manifest.yaml
@@ -41,7 +41,7 @@ resources:
   url: https://github.com/boozallen/sdp-images/releases/download/dcar-1.8/owasp-dep-check-dependencies-dcar-1.8.tar.gz
   validation:
     type: sha256
-    value: faf9679a50be32d2534cd931473730e064c3e4d7ce1cdc4635e1a9a7de806f04
+    value: 8a945dd350529d98df9d8c793f39452dfb8d98091278fb34e7814fa2939751d8
 
 # List of project maintainers
 # FIXME: Fill in the following details for the current container owner in the whitelist
-- 
GitLab


From d942a9eac23767617e71e22717d4c519714fc24f Mon Sep 17 00:00:00 2001
From: cspicer <spicer_casey@bah.com>
Date: Thu, 11 Mar 2021 16:25:14 -0500
Subject: [PATCH 3/3] updated dependency tarball for minor version 6.1.1

---
 Dockerfile              | 2 +-
 README.md               | 4 ++--
 hardening_manifest.yaml | 6 +++---
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index ff112cb..21c901e 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -18,7 +18,7 @@ RUN INSTALL_PKGS="ruby unzip" && \
 ### Arguments and Environment variables
 ENV user dependencycheck
 ARG SDP_BUILD_DEPENDENCY_VERSION="dcar-1.8"
-ENV OWASP_DEP_CHK_VERSION 6.1.0
+ENV OWASP_DEP_CHK_VERSION 6.1.1
 
 ### Fetch dependency bundle
 RUN mkdir /root/tmp
diff --git a/README.md b/README.md
index b029f96..7bfb7b5 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,4 @@
-# OWASP Dependency Check  Container Version 6.1.0
+# OWASP Dependency Check  Container Version 6.1.1
 
 ## Introduction
 
@@ -11,7 +11,7 @@ The following is a list of variables:
 ARG BASE_REGISTRY         = defines the registry portion of the OS image to be used in the FROM command.
 ARG BASE_IMAGE            = defines the image portion of the OS image to be used in the FROM command.
 ARG BASE_TAG              = defines the tag portion of the OS image to be used in the FROM command.
-ARG SDP_BUILD_DEPENDENCY_VERSION  = defines the release in https://github.com/boozallen/sdp-images/releases that the dependency bundle should be pulled from - default dcar-1.7
+ARG SDP_BUILD_DEPENDENCY_VERSION  = defines the release in https://github.com/boozallen/sdp-images/releases that the dependency bundle should be pulled from - default dcar-1.8
 ```
 
 Recommended resources for the image:
diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml
index c975e58..21aa9e6 100644
--- a/hardening_manifest.yaml
+++ b/hardening_manifest.yaml
@@ -8,7 +8,7 @@ name: "solutions-delivery-platform/dependency-check/dependency-check"
 # The most specific version should be the first tag and will be shown
 # on ironbank.dsop.io
 tags:
-- "6.1.0"
+- "6.1.1"
 - "latest"
 
 # Build args passed to Dockerfile ARGs
@@ -27,7 +27,7 @@ labels:
   org.opencontainers.image.url: "https://github.com/boozallen/sdp-images"
   ## Name of the distributing entity, organization or individual
   org.opencontainers.image.vendor: "Booz Allen Hamilton"
-  org.opencontainers.image.version: "6.1.0"
+  org.opencontainers.image.version: "6.1.1"
   ## Keywords to help with search (ex. "cicd,gitops,golang")
   mil.dso.ironbank.image.keywords: "OWASP, dependency, check, dependency-check, SDP, cve, scanner, scan"
   ## This value can be "opensource" or "commercial"
@@ -41,7 +41,7 @@ resources:
   url: https://github.com/boozallen/sdp-images/releases/download/dcar-1.8/owasp-dep-check-dependencies-dcar-1.8.tar.gz
   validation:
     type: sha256
-    value: 8a945dd350529d98df9d8c793f39452dfb8d98091278fb34e7814fa2939751d8
+    value: 70031abeaf417204a50333269c2c6cd51926bb4734c4fef9d62bcd4f4808c40d
 
 # List of project maintainers
 # FIXME: Fill in the following details for the current container owner in the whitelist
-- 
GitLab