github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-03-17 23:04:07 +01:00
Code Issues Packages Projects Releases Wiki Activity

spelling fixes

Browse Source 
Former-commit-id: 1909bc5b30b2dfd4ece5c880aace9ca4fd830b48
This commit is contained in:
Jeremy Long
2013-05-09 19:49:25 -04:00
parent a70cbcc9d3
commit a1c7612a85
10 changed files with 13 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@@ -1,7 +1,7 @@
DependencyCheck DependencyCheck
========= =========
DependencyCheck is a utility that attempts to detect publically disclosed vulnerabilities contained within project dependencies. It does this by determining if there is a Common Platform Enumeration (CPE) identifier for a given dependency. If found, it will generate a report linking to the associated CVE entries. DependencyCheck is a utility that attempts to detect publicly disclosed vulnerabilities contained within project dependencies. It does this by determining if there is a Common Platform Enumeration (CPE) identifier for a given dependency. If found, it will generate a report linking to the associated CVE entries..
More information can be found on the [wiki]. More information can be found on the [wiki].

2
pom.xml
View File

@@ -27,7 +27,7 @@ along with DependencyCheck. If not, see <http://www.gnu.org/licenses />.
<name>DependencyCheck</name> <name>DependencyCheck</name>
<url>https://github.com/jeremylong/DependencyCheck.git</url> <url>https://github.com/jeremylong/DependencyCheck.git</url>
<description>Dependency-Check is a utility that attempts to detect publically disclosed vulnerabilities contained within project dependencies. It does this by determining if there is a Common Platform Enumeration (CPE) identifier for a given dependency. If found, it will generate a report linking to the associated CVE entries.</description> <description>Dependency-Check is a utility that attempts to detect publicly disclosed vulnerabilities contained within project dependencies. It does this by determining if there is a Common Platform Enumeration (CPE) identifier for a given dependency. If found, it will generate a report linking to the associated CVE entries.</description>
<inceptionYear>2012</inceptionYear> <inceptionYear>2012</inceptionYear>
<organization> <organization>
<name>owasp</name> <name>owasp</name>

2
src/main/java/org/owasp/dependencycheck/analyzer/DependencyBundlingAnalyzer.java
View File

@@ -195,7 +195,7 @@ public class DependencyBundlingAnalyzer extends AbstractAnalyzer implements Anal
* This is likely a very broken attempt at determining if the 'left' * This is likely a very broken attempt at determining if the 'left'
* dependency is the 'core' library in comparison to the 'right' library. * dependency is the 'core' library in comparison to the 'right' library.
* *
* TODO - consider spliting on /\._-\s/ and checking if all of one side is fully contained in the other * TODO - consider splitting on /\._-\s/ and checking if all of one side is fully contained in the other
* With the exception of the word "core". This might work even on groups when we don't have a CVE. * With the exception of the word "core". This might work even on groups when we don't have a CVE.
* *
* @param left the dependency to test * @param left the dependency to test

2
src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java
View File

@@ -367,7 +367,7 @@ public class JarAnalyzer extends AbstractAnalyzer implements Analyzer {
* @param dependency A reference to the dependency. * @param dependency A reference to the dependency.
* @param addPackagesAsEvidence a flag indicating whether or not package * @param addPackagesAsEvidence a flag indicating whether or not package
* names should be added as evidence. * names should be added as evidence.
* @return returns true or false depending on whether classses were identified in the JAR * @return returns true or false depending on whether classes were identified in the JAR
* @throws IOException is thrown if there is an error reading the JAR file. * @throws IOException is thrown if there is an error reading the JAR file.
*/ */
protected boolean analyzePackageNames(Dependency dependency, boolean addPackagesAsEvidence) protected boolean analyzePackageNames(Dependency dependency, boolean addPackagesAsEvidence)

6
src/main/java/org/owasp/dependencycheck/data/cwe/CweDB.java
View File

@@ -38,14 +38,14 @@ public final class CweDB {
//empty //empty
} }
/** /**
* A hashmap of the CWE data. * A HashMap of the CWE data.
*/ */
private static final HashMap<String, String> CWE = loadData(); private static final HashMap<String, String> CWE = loadData();
/** /**
* Loads a hashmap containing the CWE data from a resource found in the jar. * Loads a HashMap containing the CWE data from a resource found in the jar.
* *
* @return a hashmap of CWE data * @return a HashMap of CWE data
*/ */
private static HashMap<String, String> loadData() { private static HashMap<String, String> loadData() {
ObjectInputStream oin = null; ObjectInputStream oin = null;

2
src/main/java/org/owasp/dependencycheck/data/cwe/CweHandler.java
View File

@@ -31,7 +31,7 @@ import org.xml.sax.helpers.DefaultHandler;
public class CweHandler extends DefaultHandler { public class CweHandler extends DefaultHandler {
/** /**
* a hashmap containing the CWE data. * a HashMap containing the CWE data.
*/ */
private HashMap<String, String> cwe = new HashMap<String, String>(); private HashMap<String, String> cwe = new HashMap<String, String>();

3
src/main/java/org/owasp/dependencycheck/data/nvdcve/xml/DatabaseUpdater.java
View File

@@ -165,8 +165,7 @@ public class DatabaseUpdater implements CachedWebDataSource {
* *
* @param file the file containing the NVD CVE XML * @param file the file containing the NVD CVE XML
* @param oldVersion contains the file containing the NVD CVE XML 1.2 * @param oldVersion contains the file containing the NVD CVE XML 1.2
* @throws ParserConfigurationException is thrown if there is a * @throws ParserConfigurationException is thrown if there is a parser configuration exception
* parserconfigurationexception
* @throws SAXException is thrown if there is a saxexception * @throws SAXException is thrown if there is a saxexception
* @throws IOException is thrown if there is a ioexception * @throws IOException is thrown if there is a ioexception
* @throws SQLException is thrown if there is a sql exception * @throws SQLException is thrown if there is a sql exception

2
src/main/java/org/owasp/dependencycheck/dependency/Dependency.java
View File

@@ -474,7 +474,7 @@ public class Dependency implements Comparable<Dependency> {
relatedDependencies.add(dependency); relatedDependencies.add(dependency);
} }
/** /**
* Implemenation of the Comparable<Dependency> interface. The comparison * Implementation of the Comparable<Dependency> interface. The comparison
* is solely based on the file name. * is solely based on the file name.
* @param o a dependency to compare * @param o a dependency to compare
* @return an integer representing the natural ordering * @return an integer representing the natural ordering

2
src/main/java/org/owasp/dependencycheck/dependency/EvidenceCollection.java
View File

@@ -96,7 +96,7 @@ public class EvidenceCollection implements Iterable<Evidence> {
*/ */
private Set<Evidence> list; private Set<Evidence> list;
/** /**
* A collection of strings used to adjust lucene's term weighting. * A collection of strings used to adjust Lucene's term weighting.
*/ */
private Set<String> weightedStrings; private Set<String> weightedStrings;

4
src/main/java/org/owasp/dependencycheck/utils/DependencyVersion.java
View File

@@ -33,7 +33,7 @@ import org.apache.commons.lang.StringUtils;
* versionParts[2] = 3; * versionParts[2] = 3;
* </code></p> * </code></p>
* <p>Note, the parser contained in this class expects the version numbers to be * <p>Note, the parser contained in this class expects the version numbers to be
* seperated by periods. If a different seperator is used the parser will likely * separated by periods. If a different seperator is used the parser will likely
* fail.</p> * fail.</p>
* @author Jeremy Long (jeremy.long@gmail.com) * @author Jeremy Long (jeremy.long@gmail.com)
*/ */
@@ -105,7 +105,7 @@ public class DependencyVersion implements Iterable {
/** /**
* Reconstructs the version string from the split version parts. * Reconstructs the version string from the split version parts.
* @return a string reprenting the version. * @return a string representing the version.
*/ */
@Override @Override
public String toString() { public String toString() {