github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-14 07:43:40 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'upstream/master'

Browse Source 
Syncing with master project
This commit is contained in:
Bob Loihl
2016-09-19 11:36:47 -07:00
parent 22cae71999 5960ba919d
commit 1ae3457ee6
11 changed files with 112 additions and 535 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
dependency-check-core/src/main/java/org/owasp/dependencycheck/utils/DependencyVersion.java
View File

@@ -26,14 +26,15 @@ import org.apache.commons.lang3.StringUtils;
/**
* <p>
* Simple object to track the parts of a version number. The parts are contained in a List such that version 1.2.3 will
* be stored as: <code>versionParts[0] = 1;
* Simple object to track the parts of a version number. The parts are contained
* in a List such that version 1.2.3 will be stored as: <code>versionParts[0] = 1;
* versionParts[1] = 2;
* versionParts[2] = 3;
* </code></p>
* <p>
* Note, the parser contained in this class expects the version numbers to be separated by periods. If a different
* separator is used the parser will likely fail.</p>
* Note, the parser contained in this class expects the version numbers to be
* separated by periods. If a different separator is used the parser will likely
* fail.</p>
*
* @author Jeremy Long
*/
@@ -47,8 +48,9 @@ public class DependencyVersion implements Iterable<String>, Comparable<Dependenc
/**
* Constructor for a DependencyVersion that will parse a version string.
* <b>Note</b>, this should only be used when the version passed in is already known to be a well formatted version
* number. Otherwise, DependencyVersionUtil.parseVersion() should be used instead.
* <b>Note</b>, this should only be used when the version passed in is
* already known to be a well formatted version number. Otherwise,
* DependencyVersionUtil.parseVersion() should be used instead.
*
* @param version the well formatted version number to parse
*/
@@ -57,8 +59,9 @@ public class DependencyVersion implements Iterable<String>, Comparable<Dependenc
}
/**
* Parses a version string into its sub parts: major, minor, revision, build, etc. <b>Note</b>, this should only be
* used to parse something that is already known to be a version number.
* Parses a version string into its sub parts: major, minor, revision,
* build, etc. <b>Note</b>, this should only be used to parse something that
* is already known to be a version number.
*
* @param version the version string to parse
*/
@@ -133,26 +136,33 @@ public class DependencyVersion implements Iterable<String>, Comparable<Dependenc
return false;
}
final DependencyVersion other = (DependencyVersion) obj;
final int max = (this.versionParts.size() < other.versionParts.size())
final int minVersionMatchLength = (this.versionParts.size() < other.versionParts.size())
? this.versionParts.size() : other.versionParts.size();
final int maxVersionMatchLength = (this.versionParts.size() > other.versionParts.size())
? this.versionParts.size() : other.versionParts.size();
if (minVersionMatchLength==1 && maxVersionMatchLength>=3) {
return false;
}
//TODO steal better version of code from compareTo
for (int i = 0; i < max; i++) {
for (int i = 0; i < minVersionMatchLength; i++) {
final String thisPart = this.versionParts.get(i);
final String otherPart = other.versionParts.get(i);
if (!thisPart.equals(otherPart)) {
return false;
}
}
if (this.versionParts.size() > max) {
for (int i = max; i < this.versionParts.size(); i++) {
if (this.versionParts.size() > minVersionMatchLength) {
for (int i = minVersionMatchLength; i < this.versionParts.size(); i++) {
if (!"0".equals(this.versionParts.get(i))) {
return false;
}
}
}
if (other.versionParts.size() > max) {
for (int i = max; i < other.versionParts.size(); i++) {
if (other.versionParts.size() > minVersionMatchLength) {
for (int i = minVersionMatchLength; i < other.versionParts.size(); i++) {
if (!"0".equals(other.versionParts.get(i))) {
return false;
}
@@ -180,8 +190,9 @@ public class DependencyVersion implements Iterable<String>, Comparable<Dependenc
}
/**
* Determines if the three most major major version parts are identical. For instances, if version 1.2.3.4 was
* compared to 1.2.3 this function would return true.
* Determines if the three most major major version parts are identical. For
* instances, if version 1.2.3.4 was compared to 1.2.3 this function would
* return true.
*
* @param version the version number to compare
* @return true if the first three major parts of the version are identical

7
dependency-check-core/src/main/resources/dependencycheck-base-suppression.xml
View File

@@ -427,4 +427,11 @@
<gav regex="true">com\.offbytwo\.jenkins:jenkins-client:.*</gav>
<cpe>cpe:/a:jenkins:jenkins</cpe>
</suppress>
<suppress base="true">
<notes><![CDATA[
xstream false positives
]]></notes>
<gav regex="true">^(?!com.thoughtworks).*xstream.*$</gav>
<cpe>cpe:/a:x-stream:xstream</cpe>
</suppress>
</suppressions>

67
dependency-check-core/src/main/resources/templates/HtmlReport.vsl
View File

@@ -83,16 +83,50 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
xml += $("#modal-text").text().replace(/\n/g,'\n ');
xml += '\n</suppressions>';
$('#modal-text').text(xml).focus().select();
$('#modal-add-header').toggleClass('active');
});
});
function copyText(name, sha1, type, val) {
function suppressSwitchTo(switchTo) {
$('#modal-suppress-change-to-sha1').toggleClass('active');
$('#modal-suppress-change-to-gav').toggleClass('active');
setCopyText($('#suppress-name').val(),
switchTo,
$('#suppress-'+switchTo).val(),
$('#suppress-type').val(),
$('#suppress-val').val());
}
function copyText(name, sha1, gav, type, val) {
$('#suppress-name').val(name);
$('#suppress-type').val(type);
$('#suppress-val').val(val);
$('#suppress-sha1').val(sha1);
$('#suppress-gav').val(gav);
if (gav=='') {
if ($('#modal-suppress-change-to-gav').hasClass('active')) {
$('#modal-suppress-change-to-gav').toggleClass('active');
}
if ($('#modal-suppress-change-to-sha1').hasClass('active')) {
$('#modal-suppress-change-to-sha1').toggleClass('active');
}
setCopyText(name, 'sha1', sha1, type, val);
} else {
if ($('#modal-suppress-change-to-gav').hasClass('active')) {
$('#modal-suppress-change-to-gav').toggleClass('active');
}
if (!$('#modal-suppress-change-to-sha1').hasClass('active')) {
$('#modal-suppress-change-to-sha1').toggleClass('active');
}
setCopyText(name, 'gav', gav, type, val);
}
}
function setCopyText(name, matchType, matchValue, suppressType, suppressVal) {
xml = '<suppress>\n';
xml += ' <notes><!'+'[CDATA[\n file name: ' + name + '\n ]]'+'></notes>\n';
xml += ' <sha1>' + sha1 + '</sha1>\n';
xml += ' <'+type+'>' + val + '</'+type+'>\n';
xml += ' <'+matchType+'>' + matchValue + '</'+matchType+'>\n';
xml += ' <'+suppressType+'>' + suppressVal + '</'+suppressType+'>\n';
xml += '</suppress>';
$('#modal-text').text(xml);
$('#modal-content,#modal-background').toggleClass('active');
$('#modal-content,#modal-background').addClass('active');
$('#modal-text').focus();
$('#modal-text').select();
}
@@ -150,6 +184,12 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
#modal-text:focus {
outline: none;
}
.suppresstype {
display: none;
}
.suppresstype.active {
display: block;
}
.suppressedLabel {
cursor: default;
padding:1px;
@@ -504,6 +544,11 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
<div id="modal-background"></div>
<div id="modal-content">
<div>Press CTR-C to copy XML&nbsp;<a href="http://jeremylong.github.io/DependencyCheck/general/suppression.html" class="infolink" target="_blank" title="Help with suppressing false positives">[help]</a></div>
<button onclick="suppressSwitchTo('gav')" id="modal-suppress-change-to-gav" class="modal-button suppresstype" title="Supress by Maven Group Artifact Version">Suppress By GAV</button>
<button onclick="suppressSwitchTo('sha1')" id="modal-suppress-change-to-sha1" class="modal-button suppresstype" title="Supress by SHA1 hash">Suppress By SHA1</button><br/>
<input type="hidden" id="suppress-name"/>
<input type="hidden" id="suppress-type"/><input type="hidden" id="suppress-val"/>
<input type="hidden" id="suppress-sha1"/><input type="hidden" id="suppress-gav"/>
<textarea id="modal-text" cols="50" rows="10" readonly></textarea><br/>
<button id="modal-add-header" title="Add the parent XML nodes to create the complete XML file that can be used to suppress this finding" class="modal-button">Complete XML Doc</button><button id="modal-close" class="modal-button-right">Close</button>
</div>
@@ -515,6 +560,10 @@ the reporting provided constitutes acceptance for use in an AS IS condition, and
implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided
is at the users risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever
arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.</p>
<h3><a href="http://jeremylong.github.io/DependencyCheck/general/thereport.html" target="_bank">How&nbsp;to&nbsp;read&nbsp;the&nbsp;report</a> |
<a href="http://jeremylong.github.io/DependencyCheck/general/suppression.html" target="_bank">Suppressing false positives</a> |
Getting Help: <a href="https://groups.google.com/forum/#!forum/dependency-check" target="_blank">google group</a> |
<a href="https://github.com/jeremylong/DependencyCheck/issues" target="_blank">github issues</a></h3>
]]#
<h2 class="">Project:&nbsp;$enc.html($applicationName)</h2>
<div class="">
@@ -725,6 +774,12 @@ arising out of or in connection with the use of this tool, the analysis performe
<ul><li><b>None</b></li></ul>
#else ## ($dependency.getIdentifiers().size()>0)
<ul>
#set($suppressGav='')
#foreach($id in $dependency.getIdentifiers())
#if ($id.type=="maven")
#set($suppressGav=$id.value)
#end
#end
#foreach($id in $dependency.getIdentifiers())
#if( $id.url )
##yes, we are HTML Encoding the href. this is okay. We can't URL encode as we have to trust the analyzer here...
@@ -737,7 +792,7 @@ arising out of or in connection with the use of this tool, the analysis performe
#end
#if ($id.type=="cpe")
##yes, we are HTML Encoding into JavaScript... the escape utils don't have a JS Encode and I haven't written one yet
&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('$enc.html($dependency.FileNameForJavaScript)', '$enc.html($dependency.Sha1sum)', 'cpe', '$enc.html($id.value)')">suppress</button>
&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CPE for this file" onclick="copyText('$enc.html($dependency.FileNameForJavaScript)', '$enc.html($dependency.Sha1sum)', '$enc.html($suppressGav)', 'cpe', '$enc.html($id.value)')">suppress</button>
#end
#if ($id.description)
<br/>$enc.html($id.description)
@@ -753,7 +808,7 @@ arising out of or in connection with the use of this tool, the analysis performe
<div id="content$cnt" class="subsectioncontent standardsubsection">
#foreach($vuln in $dependency.getVulnerabilities())
#set($vsctr=$vsctr+1)
<p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=$enc.url($vuln.name)">$enc.html($vuln.name)</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('$enc.html($dependency.FileNameForJavaScript)', '$enc.html($dependency.Sha1sum)', 'cve', '$enc.html($vuln.name)')">suppress</button></p>
<p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=$enc.url($vuln.name)">$enc.html($vuln.name)</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CCE for this file" onclick="copyText('$enc.html($dependency.FileNameForJavaScript)', '$enc.html($dependency.Sha1sum)', '$enc.html($suppressGav)', 'cve', '$enc.html($vuln.name)')">suppress</button></p>
<p>Severity:
#if ($vuln.cvssScore<4.0)
Low

13
dependency-check-core/src/test/java/org/owasp/dependencycheck/utils/DependencyVersionTest.java
View File

@@ -96,6 +96,19 @@ public class DependencyVersionTest extends BaseTest {
expResult = true;
result = instance.equals(obj);
assertEquals(expResult, result);
instance = new DependencyVersion("2.0.0");
obj = new DependencyVersion("2");
expResult = false;
result = instance.equals(obj);
assertEquals(expResult, result);
obj = new DependencyVersion("2.0");
expResult = true;
result = instance.equals(obj);
assertEquals(expResult, result);
}
/**

3
dependency-check-maven/pom.xml
View File

@@ -40,6 +40,9 @@ Copyright (c) 2013 Jeremy Long. All Rights Reserved.
<properties>
<version.maven-plugin-plugin>3.4</version.maven-plugin-plugin>
</properties>
<prerequisites>
<maven>3.1</maven>
</prerequisites>
<build>
<resources>
<resource>

335
dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/slf4j/MavenLoggerAdapter.java
View File

@@ -1,335 +0,0 @@
/*
* This file is part of dependency-check-ant.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* Copyright (c) 2015 The OWASP Foundation. All Rights Reserved.
*/
package org.owasp.dependencycheck.maven.slf4j;
import org.apache.maven.plugin.logging.Log;
import org.slf4j.helpers.MarkerIgnoringBase;
import org.slf4j.helpers.MessageFormatter;
/**
* Created on 6/14/15.
*
* @author colezlaw
*/
public class MavenLoggerAdapter extends MarkerIgnoringBase {
/**
* A reference to the Maven log.
*/
private final Log log;
/**
* Creates a new Maven Logger Adapter.
*
* @param log the Maven log
*/
public MavenLoggerAdapter(Log log) {
super();
this.log = log;
}
/**
* Returns true if trace is enabled.
*
* @return whether or not trace is enabled
*/
@Override
public boolean isTraceEnabled() {
if (log != null) {
return log.isDebugEnabled();
}
return true;
}
@Override
public void trace(String msg) {
if (log != null) {
log.debug(msg);
} else {
System.out.println(msg);
}
}
@Override
public void trace(String format, Object arg) {
final String message = MessageFormatter.format(format, arg).getMessage();
if (log != null) {
log.debug(message);
} else {
System.out.println(message);
}
}
@Override
public void trace(String format, Object arg1, Object arg2) {
final String message = MessageFormatter.format(format, arg1, arg2).getMessage();
if (log != null) {
log.debug(message);
} else {
System.out.println(message);
}
}
@Override
public void trace(String format, Object... arguments) {
final String message = MessageFormatter.format(format, arguments).getMessage();
if (log != null) {
log.debug(message);
} else {
System.out.println(message);
}
}
@Override
public void trace(String msg, Throwable t) {
if (log != null) {
log.debug(msg, t);
} else {
System.out.println(msg);
t.printStackTrace();
}
}
@Override
public boolean isDebugEnabled() {
if (log != null) {
return log.isDebugEnabled();
}
return true;
}
@Override
public void debug(String msg) {
if (log != null) {
log.debug(msg);
} else {
System.out.println(msg);
}
}
@Override
public void debug(String format, Object arg) {
final String message = MessageFormatter.format(format, arg).getMessage();
if (log != null) {
log.debug(message);
} else {
System.out.println(message);
}
}
@Override
public void debug(String format, Object arg1, Object arg2) {
final String message = MessageFormatter.format(format, arg1, arg2).getMessage();
if (log != null) {
log.debug(message);
} else {
System.out.println(message);
}
}
@Override
public void debug(String format, Object... arguments) {
final String message = MessageFormatter.format(format, arguments).getMessage();
if (log != null) {
log.debug(message);
} else {
System.out.println(message);
}
}
@Override
public void debug(String msg, Throwable t) {
if (log != null) {
log.debug(msg, t);
} else {
System.out.println(msg);
t.printStackTrace();
}
}
@Override
public boolean isInfoEnabled() {
if (log != null) {
return log.isInfoEnabled();
}
return true;
}
@Override
public void info(String msg) {
if (log != null) {
log.info(msg);
} else {
System.out.println(msg);
}
}
@Override
public void info(String format, Object arg) {
final String message = MessageFormatter.format(format, arg).getMessage();
if (log != null) {
log.info(message);
} else {
System.out.println(message);
}
}
@Override
public void info(String format, Object arg1, Object arg2) {
final String message = MessageFormatter.format(format, arg1, arg2).getMessage();
if (log != null) {
log.info(message);
} else {
System.out.println(message);
}
}
@Override
public void info(String format, Object... arguments) {
final String message = MessageFormatter.format(format, arguments).getMessage();
if (log != null) {
log.info(message);
} else {
System.out.println(message);
}
}
@Override
public void info(String msg, Throwable t) {
if (log != null) {
log.info(msg, t);
} else {
System.out.println(msg);
t.printStackTrace();
}
}
@Override
public boolean isWarnEnabled() {
if (log != null) {
return log.isWarnEnabled();
}
return true;
}
@Override
public void warn(String msg) {
if (log != null) {
log.warn(msg);
} else {
System.out.println(msg);
}
}
@Override
public void warn(String format, Object arg) {
final String message = MessageFormatter.format(format, arg).getMessage();
if (log != null) {
log.warn(message);
} else {
System.out.println(message);
}
}
@Override
public void warn(String format, Object arg1, Object arg2) {
final String message = MessageFormatter.format(format, arg1, arg2).getMessage();
if (log != null) {
log.warn(message);
} else {
System.out.println(message);
}
}
@Override
public void warn(String format, Object... arguments) {
final String message = MessageFormatter.format(format, arguments).getMessage();
if (log != null) {
log.warn(message);
} else {
System.out.println(message);
}
}
@Override
public void warn(String msg, Throwable t) {
if (log != null) {
log.warn(msg, t);
} else {
System.out.println(msg);
t.printStackTrace();
}
}
@Override
public boolean isErrorEnabled() {
if (log != null) {
return log.isErrorEnabled();
}
return true;
}
@Override
public void error(String msg) {
if (log != null) {
log.error(msg);
} else {
System.out.println(msg);
}
}
@Override
public void error(String format, Object arg) {
final String message = MessageFormatter.format(format, arg).getMessage();
if (log != null) {
log.error(message);
} else {
System.out.println(message);
}
}
@Override
public void error(String format, Object arg1, Object arg2) {
final String message = MessageFormatter.format(format, arg1, arg2).getMessage();
if (log != null) {
log.error(message);
} else {
System.out.println(message);
}
}
@Override
public void error(String format, Object... arguments) {
final String message = MessageFormatter.format(format, arguments).getMessage();
if (log != null) {
log.error(message);
} else {
System.out.println(message);
}
}
@Override
public void error(String msg, Throwable t) {
if (log != null) {
log.error(msg, t);
} else {
System.out.println(msg);
t.printStackTrace();
}
}
}

56
dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/slf4j/MavenLoggerFactory.java
View File

@@ -1,56 +0,0 @@
/*
* This file is part of dependency-check-ant.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* Copyright (c) 2015 The OWASP Foundation. All Rights Reserved.
*/
package org.owasp.dependencycheck.maven.slf4j;
import org.apache.maven.plugin.logging.Log;
import org.slf4j.ILoggerFactory;
import org.slf4j.Logger;
/**
* Created on 6/14/15.
*
* @author colezlaw
*/
public class MavenLoggerFactory implements ILoggerFactory {
/**
* A reference to the Maven log adapter.
*/
private final MavenLoggerAdapter mavenLoggerAdapter;
/**
* Constructs a new logger factory.
*
* @param log a reference to the Maven log
*/
public MavenLoggerFactory(Log log) {
super();
this.mavenLoggerAdapter = new MavenLoggerAdapter(log);
}
/**
* Returns the Maven Logger Adapter.
*
* @param name ignored in this implementation
* @return the maven logger adapter
*/
@Override
public Logger getLogger(String name) {
return mavenLoggerAdapter;
}
}

4
dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/slf4j/package-info.java
View File

@@ -1,4 +0,0 @@
/**
* This package contains the the slf4j adapter that wraps the maven logger.
*/
package org.owasp.dependencycheck.maven.slf4j;

113
dependency-check-maven/src/main/java/org/slf4j/impl/StaticLoggerBinder.java
View File

@@ -1,113 +0,0 @@
/*
* This file is part of dependency-check-ant.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* Copyright (c) 2015 The OWASP Foundation. All Rights Reserved.
*/
package org.slf4j.impl;
import org.apache.maven.plugin.logging.Log;
import org.owasp.dependencycheck.maven.slf4j.MavenLoggerFactory;
import org.slf4j.ILoggerFactory;
import org.slf4j.spi.LoggerFactoryBinder;
/**
* The binding of org.slf4j.LoggerFactory class with an actual instance of
* org.slf4j.ILoggerFactory is performed using information returned by this
* class.
*
* @author colezlaw
*/
//CSOFF: FinalClass
public class StaticLoggerBinder implements LoggerFactoryBinder {
//CSON: FinalClass
/**
* The unique instance of this class
*/
private static final StaticLoggerBinder SINGLETON = new StaticLoggerBinder();
/**
* Return the singleton of this class.
*
* @return the StaticLoggerBinder singleton
*/
public static final StaticLoggerBinder getSingleton() {
return SINGLETON;
}
/**
* Maven mojos have their own logger, so we'll use one of those.
*/
private Log log = null;
/**
* Set the Task which will this is to log through.
*
* @param log the task through which to log
*/
public void setLog(Log log) {
this.log = log;
loggerFactory = new MavenLoggerFactory(log);
}
/**
* Declare the version of the SLF4J API this implementation is compiled
* against. The value of this filed is usually modified with each release.
*/
// to avoid constant folding by the compiler, this field must *not* be final
//CSOFF: StaticVariableName
//CSOFF: VisibilityModifier
public static String REQUESTED_API_VERSION = "1.7.12"; // final
//CSON: VisibilityModifier
//CSON: StaticVariableName
/**
* The logger factory class string.
*/
private static final String LOGGER_FACTORY_CLASS = MavenLoggerFactory.class.getName();
/**
* The ILoggerFactory instance returned by the {@link #getLoggerFactory}
* method should always be the same object
*/
private ILoggerFactory loggerFactory;
/**
* Constructs the static logger factory.
*/
private StaticLoggerBinder() {
loggerFactory = new MavenLoggerFactory(log);
}
/**
* Returns the logger factory.
*
* @return the logger factory
*/
@Override
public ILoggerFactory getLoggerFactory() {
return loggerFactory;
}
/**
* Returns the logger factory class string.
*
* @return the logger factory class string
*/
@Override
public String getLoggerFactoryClassStr() {
return LOGGER_FACTORY_CLASS;
}
}

4
dependency-check-maven/src/main/java/org/slf4j/impl/package-info.java
View File

@@ -1,4 +0,0 @@
/**
* This package contains the static binder for the slf4j-maven logger.
*/
package org.slf4j.impl;

2
pom.xml
View File

@@ -149,7 +149,7 @@ Copyright (c) 2012 - Jeremy Long
</site>
</distributionManagement>
<prerequisites>
<maven>3.0</maven>
<maven>3.1</maven>
</prerequisites>
<build>
<pluginManagement>