github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-05-06 23:23:56 +02:00
Code Issues Packages Projects Releases Wiki Activity

documentation v1.3.1

Browse Source
This commit is contained in:
Jeremy Long
2015-09-20 07:41:29 -04:00
parent 4fd8873223
commit 191c5fae56
1456 changed files with 125936 additions and 63077 deletions
Download Patch File Download Diff File Expand all files Collapse all files

328
analyzers/index.html
View File

@@ -1,21 +1,21 @@
<!DOCTYPE html>
<!--
| Generated by Apache Maven Doxia at 2015-08-04
| Rendered using Apache Maven Fluido Skin 1.3.1
| Generated by Apache Maven Doxia at 2015-09-20
| Rendered using Apache Maven Fluido Skin 1.4
-->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta name="Date-Revision-yyyymmdd" content="20150804" />
<meta name="Date-Revision-yyyymmdd" content="20150920" />
<meta http-equiv="Content-Language" content="en" />
<title>dependency-check - File Type Analyzers</title>
<link rel="stylesheet" href="../css/apache-maven-fluido-1.3.1.min.css" />
<title>dependency-check &#x2013; File Type Analyzers</title>
<link rel="stylesheet" href="../css/apache-maven-fluido-1.4.min.css" />
<link rel="stylesheet" href="../css/site.css" />
<link rel="stylesheet" href="../css/print.css" media="print" />
<script type="text/javascript" src="../js/apache-maven-fluido-1.3.1.min.js"></script>
<script type="text/javascript" src="../js/apache-maven-fluido-1.4.min.js"></script>
@@ -29,7 +29,7 @@
<a href="http://github.com/jeremylong/DependencyCheck">
<a href="https://github.com/jeremylong/DependencyCheck">
<img style="position: absolute; top: 0; right: 0; border: 0; z-index: 10000;"
src="https://s3.amazonaws.com/github/ribbons/forkme_right_gray_6d6d6d.png"
alt="Fork me on GitHub">
@@ -62,9 +62,9 @@
<li id="publishDate" class="pull-right"><span class="divider">|</span> Last Published: 2015-08-04</li>
<li id="publishDate" class="pull-right"><span class="divider">|</span> Last Published: 2015-09-20</li>
<li id="projectVersion" class="pull-right">
Version: 1.3.0
Version: 1.3.1
</li>
</ul>
@@ -72,162 +72,197 @@
<div class="row-fluid">
<div id="leftColumn" class="span3">
<div id="leftColumn" class="span2">
<div class="well sidebar-nav">
<ul class="nav nav-list">
<li class="nav-header">OWASP dependency-check</li>
<li>
<a href="../index.html" title="General">
<i class="icon-chevron-down"></i>
<span class="icon-chevron-down"></span>
General</a>
<ul class="nav nav-list">
<li>
<a href="../general/internals.html" title="How it Works">
<i class="none"></i>
<span class="none"></span>
How it Works</a>
</li>
<li>
<a href="../general/thereport.html" title="Reading the Report">
<i class="none"></i>
<span class="none"></span>
Reading the Report</a>
</li>
<li>
<a href="../general/suppression.html" title="False Positives">
<i class="none"></i>
<span class="none"></span>
False Positives</a>
</li>
<li>
<a href="../data/index.html" title="Internet Access Required">
<i class="icon-chevron-right"></i>
<span class="icon-chevron-right"></span>
Internet Access Required</a>
</li>
<li>
<a href="../related.html" title="Related Work">
<i class="none"></i>
<span class="none"></span>
Related Work</a>
</li>
<li>
<a href="../general/dependency-check.pptx" title="Project Presentation (pptx)">
<i class="none"></i>
<span class="none"></span>
Project Presentation (pptx)</a>
</li>
<li>
<a href="../general/dependency-check.pdf" title="Project Presentation (pdf)">
<i class="none"></i>
<span class="none"></span>
Project Presentation (pdf)</a>
</li>
<li>
<a href="../general/SampleReport.html" title="Sample Report">
<i class="none"></i>
<span class="none"></span>
Sample Report</a>
</li>
<li>
<a href="../general/scan_iso.html" title="How to Scan an ISO Image">
<span class="none"></span>
How to Scan an ISO Image</a>
</li>
</ul>
</li>
<li class="active">
<a href="#"><i class="icon-chevron-down"></i>File Type Analyzers</a>
<a href="#"><span class="icon-chevron-down"></span>File Type Analyzers</a>
<ul class="nav nav-list">
<li>
<a href="../analyzers/archive-analyzer.html" title="Archive Analyzer">
<i class="none"></i>
<span class="none"></span>
Archive Analyzer</a>
</li>
<li>
<a href="../analyzers/jar-analyzer.html" title="Jar Analyzer">
<i class="none"></i>
Jar Analyzer</a>
</li>
<li>
<a href="../analyzers/python-analyzer.html" title="Python Analyzer">
<i class="none"></i>
Python Analyzer</a>
</li>
<li>
<a href="../analyzers/central-analyzer.html" title="Central Analyzer">
<i class="none"></i>
Central Analyzer</a>
</li>
<li>
<a href="../analyzers/nexus-analyzer.html" title="Nexus Analyzer">
<i class="none"></i>
Nexus Analyzer</a>
</li>
<li>
<a href="../analyzers/assembly-analyzer.html" title="Assembly Analyzer">
<i class="none"></i>
<span class="none"></span>
Assembly Analyzer</a>
</li>
<li>
<a href="../analyzers/nuspec-analyzer.html" title="Nuspec Analyzer">
<i class="none"></i>
Nuspec Analyzer</a>
</li>
<li>
<a href="../analyzers/autoconf-analyzer.html" title="Autoconf Analyzer">
<i class="none"></i>
<a href="../analyzers/autoconf.html" title="Autoconf Analyzer">
<span class="none"></span>
Autoconf Analyzer</a>
</li>
<li>
<a href="../analyzers/openssl-analyzer.html" title="OpenSSL Analyzer">
<i class="none"></i>
<a href="../analyzers/central-analyzer.html" title="Central Analyzer">
<span class="none"></span>
Central Analyzer</a>
</li>
<li>
<a href="../analyzers/cmake.html" title="CMake Analyzer">
<span class="none"></span>
CMake Analyzer</a>
</li>
<li>
<a href="../analyzers/jar-analyzer.html" title="Jar Analyzer">
<span class="none"></span>
Jar Analyzer</a>
</li>
<li>
<a href="../analyzers/nexus-analyzer.html" title="Nexus Analyzer">
<span class="none"></span>
Nexus Analyzer</a>
</li>
<li>
<a href="../analyzers/nodejs.html" title="Node.js Analyzer">
<span class="none"></span>
Node.js Analyzer</a>
</li>
<li>
<a href="../analyzers/nuspec-analyzer.html" title="Nuspec Analyzer">
<span class="none"></span>
Nuspec Analyzer</a>
</li>
<li>
<a href="../analyzers/openssl.html" title="OpenSSL Analyzer">
<span class="none"></span>
OpenSSL Analyzer</a>
</li>
<li>
<a href="../analyzers/python.html" title="Python Analyzer">
<span class="none"></span>
Python Analyzer</a>
</li>
<li>
<a href="../analyzers/ruby-gemspec.html" title="Ruby Gemspec Analyzer">
<span class="none"></span>
Ruby Gemspec Analyzer</a>
</li>
</ul>
</li>
<li>
<a href="../modules.html" title="Modules">
<i class="icon-chevron-right"></i>
<span class="icon-chevron-right"></span>
Modules</a>
</li>
<li class="nav-header">Project Documentation</li>
<li>
<a href="../project-info.html" title="Project Information">
<i class="icon-chevron-right"></i>
<span class="icon-chevron-right"></span>
Project Information</a>
</li>
<li>
<a href="../project-reports.html" title="Project Reports">
<span class="icon-chevron-right"></span>
Project Reports</a>
</li>
</ul>
@@ -268,31 +303,143 @@
</div>
<div id="bodyColumn" class="span9" >
<div id="bodyColumn" class="span10" >
<h1>File Type Analyzers</h1>
<p>OWASP dependency-check contains several file type analyzers that are used to extract identification information from the files analyzed.</p>
<ul>
<li><a href="./archive-analyzer.html">Archive Analyzer</a></li>
<li><a href="./assembly-analyzer.html">Assembly Analyzer</a></li>
<li><a href="./autoconf-analyzer.html">Autoconf Analyzer</a></li>
<li><a href="./central-analyzer.html">Central Analyzer</a></li>
<li><a href="./jar-analyzer.html">Jar Analyzer</a></li>
<li><a href="./nexus-analyzer.html">Nexus Analyzer</a></li>
<li><a href="./nuspec-analyzer.html">Nuspec Analyzer</a></li>
<li><a href="./openssl-analyzer.html">OpenSSL Analyzer</a></li>
<li><a href="./python-analyzer.html">Python Analyzer</a></li>
</ul>
<table border="0" class="table table-striped">
<thead>
<tr class="a">
<th>Analyzer </th>
<th>File Types Scanned </th>
<th>Analysis Method </th>
</tr>
</thead>
<tbody>
<tr class="b">
<td><a href="./archive-analyzer.html">Archive</a> </td>
<td>Zip archive format (*.zip, *.ear, *.war, *.jar, *.sar, *.apk, *.nupkg); Tape Archive Format (*.tar); Gzip format (*.gz, *.tgz); Bzip2 format (*.bz2, *.tbz2) </td>
<td>Extracts archive contents, then scans contents with all available analyzers. </td>
</tr>
<tr class="a">
<td><a href="./assembly-analyzer.html">Assembly</a> </td>
<td>.NET Assemblies (*.exe, *.dll) </td>
<td>Uses <a class="externalLink" href="https://github.com/colezlaw/GrokAssembly">GrokAssembly.exe</a>, which requires .NET Framework or Mono runtime to be installed. </td>
</tr>
<tr class="b">
<td><a href="./autoconf.html">Autoconf</a> </td>
<td>Autoconf project configuration files (configure, configure.in, configure.ac) </td>
<td><a class="externalLink" href="https://en.wikipedia.org/wiki/Regular_expression">Regex</a> scan for AC_INIT metadata, including in generated configuration script. </td>
</tr>
<tr class="a">
<td><a href="./central-analyzer.html">Central</a> </td>
<td>Java archive files (*.jar) </td>
<td>Searches Maven Central or a configured Nexus repository for the file&#x2019;s SHA1 hash. </td>
</tr>
<tr class="b">
<td><a href="./cmake.html">CMake</a> </td>
<td>CMake project files (CMakeLists.txt) and scripts (*.cmake) </td>
<td>Regex scan for project initialization and version setting commands. </td>
</tr>
<tr class="a">
<td><a href="./composer-lock.html">Composer Lock</a> </td>
<td>PHP <a class="externalLink" href="http://getcomposer.org">Composer</a> Lock files (composer.lock) </td>
<td>Parses PHP <a class="externalLink" href="http://getcomposer.org">Composer</a> lock files for exact versions of dependencies. </td>
</tr>
<tr class="b">
<td><a href="./jar-analyzer.html">Jar</a> </td>
<td>Java archive files (*.jar); Web application archive (*.war) </td>
<td>Examines archive manifest metadata, and Maven Project Object Model files (pom.xml). </td>
</tr>
<tr class="a">
<td><a href="./nexus-analyzer.html">Nexus</a> </td>
<td>Java archive files (*.jar) </td>
<td>Searches Sonatype or a configured Nexus repository for the file&#x2019;s SHA1 hash. In most cases, superceded by Central . </td>
</tr>
<tr class="b">
<td><a href="./nodejs.html">Node.js</a> </td>
<td>NPM package specification files (package.json) </td>
<td>Parse JSON format for metadata. </td>
</tr>
<tr class="a">
<td><a href="./nuspec-analyzer.html">Nuspec</a> </td>
<td>Nuget package specification file (*.nuspec) </td>
<td>Uses XPath to parse specification XML. </td>
</tr>
<tr class="b">
<td><a href="./openssl.html">OpenSSL</a> </td>
<td>OpenSSL Version Source Header File (opensslv.h) </td>
<td>Regex parse of the OPENSSL_VERSION_NUMBER macro definition. </td>
</tr>
<tr class="a">
<td><a href="./python.html">Python</a> </td>
<td>Python source files (*.py); Package metadata files (PKG-INFO, METADATA); Package Distribution Files (*.whl, *.egg, *.zip) </td>
<td>Regex scan of Python source files for setuptools metadata; Parse RFC822 header format for metadata in all other artifacts. </td>
</tr>
<tr class="b">
<td><a href="./ruby-gemspec.html">Ruby Gemspec</a> </td>
<td>Ruby makefiles (Rakefile); Ruby Gemspec files (*.gemspec) </td>
<td>Regex scan Gemspec initialization blocks for metadata. </td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
@@ -302,15 +449,14 @@
<footer>
<div class="container-fluid">
<div class="row-fluid">
<p >Copyright &copy; 2012&#x2013;2015
<p >Copyright &copy; 2012&#x2013;2015
<a href="http://www.owasp.org">OWASP</a>.
All rights reserved.
</p>
</div>
</div>
</div>
</footer>
</body>