github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-13 15:23:40 +01:00
Code Issues Packages Projects Releases Wiki Activity

version 0.2.5.0

Browse Source 
Former-commit-id: 88eaccdc6e83a8c3c3061e38186bb45fb9ba5a3d
This commit is contained in:
Jeremy Long
2013-01-06 12:13:08 -05:00
parent 4861b1befe
commit 4b07b59bbc
3 changed files with 10 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
NOTICES.txt
View File

@@ -3,6 +3,9 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
This product includes software developed by
The Apache Software Foundation (http://www.apache.org/).
This product includes software developed by
Jquery.com (http://jquery.com/).
Jquery.com (http://jquery.com/).
This product includes software developed by
H2 (http://www.h2database.com).

8
README.txt
View File

@@ -1,14 +1,14 @@
About:
DependencyCheck is a utility that attempts to detect publically disclosed
vulnerabilities contained within project dependencies. It does this by determining
if there is a Common Platform Enumeration (CPE) identifier for a given dependency.
If found, it will generate a report linking to the associated CVE entries.
if there is a Common Platform Enumeration (CPE) identifier for a given dependency.
If found, it will generate a report linking to the associated CVE entries.
Usage:
$ mvn package
$ cd target
$ java -jar DependencyCheck-0.2.4.0.jar -h
$ java -jar DependencyCheck-0.2.4.0.jar -a Testing -out . -scan ./test-classes/org.mortbay.jetty.jar -scan ./test-classes/struts2-core-2.1.2.jar -scan ./lib
$ java -jar DependencyCheck-0.2.5.0.jar -h
$ java -jar DependencyCheck-0.2.5.0.jar -a Testing -out . -scan ./test-classes/org.mortbay.jetty.jar -scan ./test-classes/struts2-core-2.1.2.jar -scan ./lib
Then load the resulting 'DependencyCheck-Report.html' into your favorite browser.

8
pom.xml
View File

@@ -23,7 +23,7 @@ along with DependencyCheck. If not, see <http://www.gnu.org/licenses/>.
<groupId>org.codesecure</groupId>
<artifactId>DependencyCheck</artifactId>
<version>0.2.4.0</version>
<version>0.2.5.0</version>
<packaging>jar</packaging>
<name>DependencyCheck</name>
@@ -459,12 +459,6 @@ along with DependencyCheck. If not, see <http://www.gnu.org/licenses/>.
<artifactId>h2</artifactId>
<version>1.3.170</version>
</dependency>
<!--
<dependency>
<groupId>org.fusesource.hawtdb</groupId>
<artifactId>hawtdb</artifactId>
<version>1.6</version>
</dependency>-->
<!-- The following dependencies are only scanned during integration testing -->
<!--<dependency>