added documentation for issue #139

Former-commit-id: 95fdcf4d95cbe50ba884be561fbec0e9977578a0
2026-03-19 15:54:52 +01:00 · 2014-08-05 09:23:47 -04:00
parent f49a134a3d
commit 8132ee651a
2 changed files with 10 additions and 5 deletions
--- a/src/site/markdown/index.md
+++ b/src/site/markdown/index.md
@@ -12,11 +12,10 @@ The gist of the paper is that we as a development community include third party
 libraries in our applications that contain well known published vulnerabilities
 \(such as those at the [National Vulnerability Database](http://web.nvd.nist.gov/view/vuln/search)\).

-Dependency-check scans directories and files and if it contains an Analyzer that
-can scan a particular file type then information from the file is collected. This
-information is then used to identify the [Common Platform Enumeration](http://nvd.nist.gov/cpe.cfm) \(CPE\). If a
-CPE is identified a listing of associated [Common Vulnerability and Exposure](http://cve.mitre.org/) \(CVE\)
-entries are listed in a report.
+More information about dependency-check can be found here:
+
+* (How does dependency-check work)[internals.html]
+* (How to read the report)[thereport.html]

 **IMPORTANT NOTE**: Dependency-check automatically updates itself using the NVD Data Feeds hosted by
 NIST. **The initial download of the data may take fifteen minutes