github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-03-23 17:41:28 +01:00
Code Issues Packages Projects Releases Wiki Activity

Docs: Added node.js page, fixed typos in Python page.

Browse Source
This commit is contained in:
Dale Visser
2015-08-26 14:25:32 -04:00
parent 0fdf377d45
commit 62c05049a7
3 changed files with 24 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/site/markdown/analyzers/nodejs.md Normal file
View File

@@ -0,0 +1,14 @@
Node.js Analyzer
================
OWASP dependency-check includes an analyzer that will scan [Node Package Manager](https://www.npmjs.com/)
package specification files. The analyzer(s) will collect as much information
it can about the package. The information collected is internally referred to
as evidence and is grouped into vendor, product, and version buckets. Other
analyzers later use this evidence to identify any Common Platform Enumeration
(CPE) identifiers that apply.
__Note:__ Also consider using the Node Security Project auditing tool,
[nsp](https://nodesecurity.io/tools).
Files Types Scanned: [package.json](https://docs.npmjs.com/files/package.json)

13
src/site/markdown/analyzers/python.md
View File

@@ -1,10 +1,11 @@
Python Analyzer Python Analyzer
============== ==============
OWASP dependency-check includes an analyzer that will scan Python artifacts. The OWASP dependency-check includes an analyzer that will scan Python artifacts.
analyzer(s) will collect as much information it can about the python artifacts. The analyzer(s) will collect as much information it can about the Python
The information collected is internally referred to as evidence and is grouped into artifacts. The information collected is internally referred to as evidence and
vendor, product, and version buckets. Other analyzers later use this evidence to is grouped into vendor, product, and version buckets. Other analyzers later
identify any Common Platform Enumeration (CPE) identifiers that apply. use this evidence to identify any Common Platform Enumeration (CPE)
identifiers that apply.
Files Types Scanned: py, whl, egg, zip, PKG-INFO, and METADATA Files Types Scanned: py, whl, egg, zip, PKG-INFO, and METADATA

3
src/site/site.xml
View File

@@ -128,6 +128,9 @@ Copyright (c) 2013 Jeremy Long. All Rights Reserved.
<item name="Nexus Analyzer" href="./analyzers/nexus-analyzer.html"> <item name="Nexus Analyzer" href="./analyzers/nexus-analyzer.html">
<description>Nexus Analyzer</description> <description>Nexus Analyzer</description>
</item> </item>
<item name="Node.js Analyzer" href="./analyzers/nodejs.html">
<description>Node.js Analyzer</description>
</item>
<item name="Nuspec Analyzer" href="./analyzers/nuspec-analyzer.html"> <item name="Nuspec Analyzer" href="./analyzers/nuspec-analyzer.html">
<description>Nuspec Analyzer</description> <description>Nuspec Analyzer</description>
</item> </item>