From 2b04c6a7ddff2eba5e1f164fe5ddc69e5b898ea2 Mon Sep 17 00:00:00 2001
From: Prakhash <prakhashsiva21@gmail.com>
Date: Mon, 13 Mar 2017 15:52:50 +0530
Subject: [PATCH 1/5]  changed the coordinates according to the pom file
 details

---
 .../reporting/ReportGenerator.java            | 22 +++++++++++++++++++
 .../resources/schema/dependency-check.1.3.xsd |  3 +++
 .../resources/schema/dependency-check.1.4.xsd |  3 +++
 .../main/resources/templates/XmlReport.vsl    |  3 +++
 .../ReportGeneratorIntegrationTest.java       |  4 ++--
 .../maven/BaseDependencyCheckMojo.java        |  2 +-
 6 files changed, 34 insertions(+), 3 deletions(-)

diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/reporting/ReportGenerator.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/reporting/ReportGenerator.java
index a97aef3fa..539cbbc85 100644
--- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/reporting/ReportGenerator.java
+++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/reporting/ReportGenerator.java
@@ -125,6 +125,28 @@ public class ReportGenerator {
         context.put("version", Settings.getString(Settings.KEYS.APPLICATION_VERSION, "Unknown"));
     }
 
+    /**
+     * Constructs a new ReportGenerator.
+     *
+     * @param applicationName the application name being analyzed
+     * @param applicationVersion the application version being analyzed
+     * @param artifactID the application version being analyzed
+     * @param applicationVersion the application version being analyzed
+     * @param dependencies the list of dependencies
+     * @param analyzers the list of analyzers used
+     * @param properties the database properties (containing timestamps of the
+     * NVD CVE data)
+     */
+
+    public ReportGenerator(String applicationName,String applicationVersion,String artifactID,String groupID, List<Dependency> dependencies, List<Analyzer> analyzers, DatabaseProperties properties) {
+
+        this(applicationName,dependencies,analyzers,properties);
+        context.put("applicationVersion",applicationVersion);
+        context.put("artifactID",artifactID);
+        context.put("groupID",groupID);
+    }
+
+
     /**
      * Creates a new Velocity Engine.
      *
diff --git a/dependency-check-core/src/main/resources/schema/dependency-check.1.3.xsd b/dependency-check-core/src/main/resources/schema/dependency-check.1.3.xsd
index 023eb6f15..a41310151 100644
--- a/dependency-check-core/src/main/resources/schema/dependency-check.1.3.xsd
+++ b/dependency-check-core/src/main/resources/schema/dependency-check.1.3.xsd
@@ -24,6 +24,9 @@
                     <xs:complexType>
                         <xs:sequence>
                             <xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1" />
+                            <xs:element name="version" type="xs:string" minOccurs="1" maxOccurs="1" />
+                            <xs:element name="artifactID" type="xs:string" minOccurs="1" maxOccurs="1" />
+                            <xs:element name="groupID" type="xs:string" minOccurs="1" maxOccurs="1" />
                             <xs:element name="reportDate" type="xs:string" minOccurs="1" maxOccurs="1" />
                             <xs:element name="credits" type="xs:string" minOccurs="1" maxOccurs="1" />
                         </xs:sequence>
diff --git a/dependency-check-core/src/main/resources/schema/dependency-check.1.4.xsd b/dependency-check-core/src/main/resources/schema/dependency-check.1.4.xsd
index 01178fa7e..aa8a8547f 100644
--- a/dependency-check-core/src/main/resources/schema/dependency-check.1.4.xsd
+++ b/dependency-check-core/src/main/resources/schema/dependency-check.1.4.xsd
@@ -23,6 +23,9 @@
     <xs:complexType name="projectInfo">
         <xs:sequence>
             <xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1" />
+            <xs:element name="version" type="xs:string" minOccurs="1" maxOccurs="1" />
+            <xs:element name="artifactID" type="xs:string" minOccurs="1" maxOccurs="1" />
+            <xs:element name="groupID" type="xs:string" minOccurs="1" maxOccurs="1" />
             <xs:element name="reportDate" type="xs:string" minOccurs="1" maxOccurs="1" />
             <xs:element name="credits" type="xs:string" minOccurs="1" maxOccurs="1" />
         </xs:sequence>
diff --git a/dependency-check-core/src/main/resources/templates/XmlReport.vsl b/dependency-check-core/src/main/resources/templates/XmlReport.vsl
index 143826c57..166f5df14 100644
--- a/dependency-check-core/src/main/resources/templates/XmlReport.vsl
+++ b/dependency-check-core/src/main/resources/templates/XmlReport.vsl
@@ -31,6 +31,9 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
     </scanInfo>
     <projectInfo>
         <name>$enc.xml($applicationName)</name>
+        <version>$enc.xml($version)</version>
+        <artifactID>$enc.xml($artifactID)</artifactID>
+        <groupID>$enc.xml($groupID)</groupID>
         <reportDate>$scanDateXML</reportDate>
         <credits>This report contains data retrieved from the National Vulnerability Database: http://nvd.nist.gov</credits>
     </projectInfo>
diff --git a/dependency-check-core/src/test/java/org/owasp/dependencycheck/reporting/ReportGeneratorIntegrationTest.java b/dependency-check-core/src/test/java/org/owasp/dependencycheck/reporting/ReportGeneratorIntegrationTest.java
index f379d332d..a911a39dd 100644
--- a/dependency-check-core/src/test/java/org/owasp/dependencycheck/reporting/ReportGeneratorIntegrationTest.java
+++ b/dependency-check-core/src/test/java/org/owasp/dependencycheck/reporting/ReportGeneratorIntegrationTest.java
@@ -146,8 +146,8 @@ public class ReportGeneratorIntegrationTest extends BaseDBTestCase {
             
             CveDB cveDB = CveDB.getInstance();
             DatabaseProperties dbProp = cveDB.getDatabaseProperties();
-            
-            ReportGenerator generator = new ReportGenerator("Test Report", engine.getDependencies(), engine.getAnalyzers(), dbProp);
+
+            ReportGenerator generator = new ReportGenerator("Test Report","1.4.7","dependency-check-core","org.owasp", engine.getDependencies(), engine.getAnalyzers(), dbProp);
             generator.generateReport(templateName, writeTo);
             
             engine.cleanup();
diff --git a/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java b/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java
index d2e95260c..cc3c3c5d6 100644
--- a/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java
+++ b/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java
@@ -1016,7 +1016,7 @@ public abstract class BaseDependencyCheckMojo extends AbstractMojo implements Ma
                 getLog().debug("Unable to retrieve DB Properties", ex);
             }
         }
-        final ReportGenerator r = new ReportGenerator(p.getName(), engine.getDependencies(), engine.getAnalyzers(), prop);
+        final ReportGenerator r = new ReportGenerator(p.getName(),p.getVersion(),p.getArtifactId(),p.getGroupId(), engine.getDependencies(), engine.getAnalyzers(), prop);
         try {
             r.generateReports(outputDir.getAbsolutePath(), format);
         } catch (ReportException ex) {

From e3ca70ba0d4e44fef6af9dfc053f1bc3e29ad555 Mon Sep 17 00:00:00 2001
From: Jeremy Long <jeremy.long@gmail.com>
Date: Fri, 5 May 2017 14:13:35 -0400
Subject: [PATCH 2/5] reverted changes in PR to old schemas

---
 .../src/main/resources/schema/dependency-check.1.3.xsd         | 3 ---
 .../src/main/resources/schema/dependency-check.1.4.xsd         | 3 ---
 2 files changed, 6 deletions(-)

diff --git a/dependency-check-core/src/main/resources/schema/dependency-check.1.3.xsd b/dependency-check-core/src/main/resources/schema/dependency-check.1.3.xsd
index a41310151..023eb6f15 100644
--- a/dependency-check-core/src/main/resources/schema/dependency-check.1.3.xsd
+++ b/dependency-check-core/src/main/resources/schema/dependency-check.1.3.xsd
@@ -24,9 +24,6 @@
                     <xs:complexType>
                         <xs:sequence>
                             <xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1" />
-                            <xs:element name="version" type="xs:string" minOccurs="1" maxOccurs="1" />
-                            <xs:element name="artifactID" type="xs:string" minOccurs="1" maxOccurs="1" />
-                            <xs:element name="groupID" type="xs:string" minOccurs="1" maxOccurs="1" />
                             <xs:element name="reportDate" type="xs:string" minOccurs="1" maxOccurs="1" />
                             <xs:element name="credits" type="xs:string" minOccurs="1" maxOccurs="1" />
                         </xs:sequence>
diff --git a/dependency-check-core/src/main/resources/schema/dependency-check.1.4.xsd b/dependency-check-core/src/main/resources/schema/dependency-check.1.4.xsd
index aa8a8547f..01178fa7e 100644
--- a/dependency-check-core/src/main/resources/schema/dependency-check.1.4.xsd
+++ b/dependency-check-core/src/main/resources/schema/dependency-check.1.4.xsd
@@ -23,9 +23,6 @@
     <xs:complexType name="projectInfo">
         <xs:sequence>
             <xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1" />
-            <xs:element name="version" type="xs:string" minOccurs="1" maxOccurs="1" />
-            <xs:element name="artifactID" type="xs:string" minOccurs="1" maxOccurs="1" />
-            <xs:element name="groupID" type="xs:string" minOccurs="1" maxOccurs="1" />
             <xs:element name="reportDate" type="xs:string" minOccurs="1" maxOccurs="1" />
             <xs:element name="credits" type="xs:string" minOccurs="1" maxOccurs="1" />
         </xs:sequence>

From a4899de956589297bcf91c69d2f66c0e2def0189 Mon Sep 17 00:00:00 2001
From: Jeremy Long <jeremy.long@gmail.com>
Date: Fri, 5 May 2017 14:14:17 -0400
Subject: [PATCH 3/5] added new schema to support the addition of the GAV

---
 .../resources/schema/dependency-check.1.5.xsd | 203 ++++++++++++++++++
 1 file changed, 203 insertions(+)
 create mode 100644 dependency-check-core/src/main/resources/schema/dependency-check.1.5.xsd

diff --git a/dependency-check-core/src/main/resources/schema/dependency-check.1.5.xsd b/dependency-check-core/src/main/resources/schema/dependency-check.1.5.xsd
new file mode 100644
index 000000000..191cdb202
--- /dev/null
+++ b/dependency-check-core/src/main/resources/schema/dependency-check.1.5.xsd
@@ -0,0 +1,203 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema id="analysis"
+           xmlns:xs="http://www.w3.org/2001/XMLSchema"
+           elementFormDefault="qualified"
+           targetNamespace="https://jeremylong.github.io/DependencyCheck/dependency-check.1.5.xsd"
+           xmlns:dc="https://jeremylong.github.io/DependencyCheck/dependency-check.1.5.xsd">
+
+    <xs:complexType name="scanInfo">
+        <xs:sequence minOccurs="1" maxOccurs="1">
+            <xs:element name="engineVersion" type="xs:string" minOccurs="1" maxOccurs="1" />
+            <xs:sequence minOccurs="0" maxOccurs="unbounded">
+                <xs:element name="dataSource">
+                    <xs:complexType>
+                        <xs:sequence>
+                            <xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1" />
+                            <xs:element name="timestamp" type="xs:string" minOccurs="1" maxOccurs="1" />
+                        </xs:sequence>
+                    </xs:complexType>
+                </xs:element>
+            </xs:sequence>
+        </xs:sequence>
+    </xs:complexType>
+    <xs:complexType name="projectInfo">
+        <xs:sequence>
+            <xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1" />
+            <xs:element name="groupID" type="xs:string" minOccurs="0" maxOccurs="1" />
+            <xs:element name="artifactID" type="xs:string" minOccurs="0" maxOccurs="1" />
+            <xs:element name="version" type="xs:string" minOccurs="0" maxOccurs="1" />
+            <xs:element name="reportDate" type="xs:string" minOccurs="1" maxOccurs="1" />
+            <xs:element name="credits" type="xs:string" minOccurs="1" maxOccurs="1" />
+        </xs:sequence>
+    </xs:complexType>
+    <xs:complexType name="identifier">
+        <xs:sequence>
+            <xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1" />
+            <xs:element name="url" type="xs:string" minOccurs="0" maxOccurs="1" />
+            <xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1" />
+            <xs:element name="notes" type="xs:string" minOccurs="0" maxOccurs="1" />
+        </xs:sequence>
+        <xs:attribute name="type" type="xs:string" use="required" />
+        <xs:attribute name="confidence" type="xs:string" use="optional" />
+    </xs:complexType>
+    <xs:complexType name="relatedDependency">
+        <xs:sequence>
+            <xs:element name="filePath" type="xs:string" minOccurs="1" maxOccurs="1" />
+            <xs:element name="sha1" type="xs:string" minOccurs="1" maxOccurs="1" />
+            <xs:element name="md5" type="xs:string" minOccurs="1" maxOccurs="1" />
+            <xs:sequence minOccurs="0" maxOccurs="unbounded">
+                <xs:element name="identifier" type="dc:identifier" />
+            </xs:sequence>
+        </xs:sequence>
+    </xs:complexType>
+    <xs:complexType name="exception">
+        <xs:sequence>
+            <xs:element name="message" minOccurs="0" maxOccurs="unbounded" />
+            <xs:element name="stackTrace" minOccurs="0" maxOccurs="unbounded">
+                <xs:complexType>
+                    <xs:sequence>
+                        <xs:element name="trace" minOccurs="0" maxOccurs="unbounded" />
+                    </xs:sequence>
+                </xs:complexType>
+            </xs:element>
+            <xs:element name="innerException" minOccurs="0" maxOccurs="unbounded">
+                <xs:complexType>
+                    <xs:sequence>
+                        <xs:element name="message" minOccurs="0" maxOccurs="unbounded" />
+                        <xs:element name="stackTrace" minOccurs="0" maxOccurs="unbounded">
+                            <xs:complexType>
+                                <xs:sequence>
+                                    <xs:element name="trace" minOccurs="0" maxOccurs="unbounded" />
+                                </xs:sequence>
+                            </xs:complexType>
+                        </xs:element>
+                    </xs:sequence>
+                </xs:complexType>
+            </xs:element>
+        </xs:sequence>
+    </xs:complexType>
+    <xs:complexType name="evidence">
+        <xs:sequence>
+            <xs:element name="source" type="xs:string" minOccurs="1" maxOccurs="1" />
+            <xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1" />
+            <xs:element name="value" type="xs:string" minOccurs="1" maxOccurs="1" />
+        </xs:sequence>
+        <xs:attribute name="type" type="xs:string" use="required" />
+        <xs:attribute name="confidence" type="xs:string" use="required" />
+    </xs:complexType>
+    <xs:complexType name="reference">
+        <xs:sequence>
+            <xs:element name="source" type="xs:string" minOccurs="1" maxOccurs="1" />
+            <xs:element name="url" type="xs:string" minOccurs="1" maxOccurs="1" />
+            <xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1" />
+        </xs:sequence>
+    </xs:complexType>
+    <xs:complexType name="software">
+        <xs:simpleContent>
+            <xs:extension base="xs:string">
+                <xs:attribute name="allPreviousVersion" type="xs:boolean" />
+            </xs:extension>
+        </xs:simpleContent>
+    </xs:complexType>
+    <xs:complexType name="vulnerability">
+        <xs:sequence>
+            <xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1" />
+            <xs:element name="cvssScore" type="xs:decimal" minOccurs="1" maxOccurs="1" />
+            <xs:element name="cvssAccessVector" type="xs:string" minOccurs="1" maxOccurs="1" />
+            <xs:element name="cvssAccessComplexity" type="xs:string" minOccurs="1" maxOccurs="1" />
+            <xs:element name="cvssAuthenticationr" type="xs:string" minOccurs="1" maxOccurs="1" />
+            <xs:element name="cvssConfidentialImpact" type="xs:string" minOccurs="1" maxOccurs="1" />
+            <xs:element name="cvssIntegrityImpact" type="xs:string" minOccurs="1" maxOccurs="1" />
+            <xs:element name="cvssAvailabilityImpact" type="xs:string" minOccurs="1" maxOccurs="1" />
+            <xs:element name="severity" type="xs:string" minOccurs="1" maxOccurs="1" />
+            <xs:element name="cwe" type="xs:string" minOccurs="0" maxOccurs="1" />
+            <xs:element name="description" type="xs:string" minOccurs="1" maxOccurs="1" />
+            <xs:element name="notes" type="xs:string" minOccurs="0" maxOccurs="1" />
+            <xs:element name="references" minOccurs="0" maxOccurs="1">
+                <xs:complexType>
+                    <xs:sequence minOccurs="0" maxOccurs="unbounded">
+                        <xs:element name="reference" type="dc:reference" />
+                    </xs:sequence>
+                </xs:complexType>
+            </xs:element>
+            <xs:element name="vulnerableSoftware" minOccurs="0" maxOccurs="1">
+                <xs:complexType>
+                    <xs:sequence minOccurs="0" maxOccurs="unbounded">
+                        <xs:element name="software" type="dc:software" />
+                    </xs:sequence>
+                </xs:complexType>
+            </xs:element>
+        </xs:sequence>
+    </xs:complexType>
+    <xs:complexType name="dependency">
+        <xs:sequence>
+            <xs:element name="fileName" type="xs:string" minOccurs="1" maxOccurs="1" />
+            <xs:element name="filePath" type="xs:string" minOccurs="1" maxOccurs="1" />
+            <xs:element name="md5" type="xs:string" minOccurs="1" maxOccurs="1" />
+            <xs:element name="sha1" type="xs:string" minOccurs="1" maxOccurs="1" />
+            <xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1" />
+            <xs:element name="license" type="xs:string" minOccurs="0" maxOccurs="1" />
+            <xs:element name="relatedDependencies" minOccurs="0" maxOccurs="1">
+                <xs:complexType>
+                    <xs:sequence minOccurs="0" maxOccurs="unbounded">
+                        <xs:element name="relatedDependency" type="dc:relatedDependency" />
+                    </xs:sequence>
+                </xs:complexType>
+            </xs:element>
+            <xs:element name="analysisExceptions" minOccurs="0" maxOccurs="1">
+                <xs:complexType>
+                    <xs:sequence minOccurs="0" maxOccurs="unbounded">
+                        <xs:element name="exception" type="dc:exception"/>
+                    </xs:sequence>
+                </xs:complexType>
+            </xs:element>
+            <xs:element name="evidenceCollected" minOccurs="0" maxOccurs="1">
+                <xs:complexType>
+                    <xs:sequence minOccurs="0" maxOccurs="unbounded">
+                        <xs:element name="evidence" type="dc:evidence"/>
+                    </xs:sequence>
+                </xs:complexType>
+            </xs:element>
+            <xs:element name="identifiers" minOccurs="0" maxOccurs="1">
+                <xs:complexType>
+                    <xs:sequence>
+                        <xs:sequence minOccurs="0" maxOccurs="unbounded">
+                            <xs:element name="identifier" type="dc:identifier" />
+                        </xs:sequence>
+                        <xs:sequence minOccurs="0" maxOccurs="unbounded">
+                            <xs:element name="suppressedIdentifier" type="dc:identifier"/>
+                        </xs:sequence>
+                    </xs:sequence>
+                </xs:complexType>
+            </xs:element>
+            <xs:element name="vulnerabilities" minOccurs="0" maxOccurs="1">
+                <xs:complexType>
+                    <xs:sequence>
+                        <xs:sequence minOccurs="0" maxOccurs="unbounded">
+                            <xs:element name="vulnerability" type="dc:vulnerability"/>
+                        </xs:sequence>
+                        <xs:sequence minOccurs="0" maxOccurs="unbounded">
+                            <xs:element name="suppressedVulnerability" type="dc:vulnerability"/>
+                        </xs:sequence>
+                    </xs:sequence>
+                </xs:complexType>
+            </xs:element>
+        </xs:sequence>
+    </xs:complexType>
+
+    <xs:element name="analysis">
+        <xs:complexType>
+            <xs:sequence>
+                <xs:element name="scanInfo" type="dc:scanInfo"/>
+                <xs:element name="projectInfo" type="dc:projectInfo"/>
+                <xs:element name="dependencies">
+                    <xs:complexType>
+                        <xs:sequence minOccurs="0" maxOccurs="unbounded">
+                            <xs:element name="dependency" type="dc:dependency"/>
+                        </xs:sequence>
+                    </xs:complexType>
+                </xs:element>
+            </xs:sequence>
+        </xs:complexType>
+    </xs:element>
+</xs:schema>
\ No newline at end of file

From b3736ac13a59424dcb21aa939ee7696be3117a98 Mon Sep 17 00:00:00 2001
From: Jeremy Long <jeremy.long@gmail.com>
Date: Fri, 5 May 2017 14:15:04 -0400
Subject: [PATCH 4/5] updated template optional add the GAV

---
 .../src/main/resources/templates/XmlReport.vsl       | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/dependency-check-core/src/main/resources/templates/XmlReport.vsl b/dependency-check-core/src/main/resources/templates/XmlReport.vsl
index 166f5df14..3ff033714 100644
--- a/dependency-check-core/src/main/resources/templates/XmlReport.vsl
+++ b/dependency-check-core/src/main/resources/templates/XmlReport.vsl
@@ -19,7 +19,7 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
 @version 1.2
 
 *#<?xml version="1.0"?>
-<analysis xmlns="https://jeremylong.github.io/DependencyCheck/dependency-check.1.4.xsd">
+<analysis xmlns="https://jeremylong.github.io/DependencyCheck/dependency-check.1.5.xsd">
     <scanInfo>
         <engineVersion>$version</engineVersion>
 #foreach($prop in $properties.getMetaData().entrySet())
@@ -31,9 +31,15 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
     </scanInfo>
     <projectInfo>
         <name>$enc.xml($applicationName)</name>
-        <version>$enc.xml($version)</version>
-        <artifactID>$enc.xml($artifactID)</artifactID>
+#if ($groupID)
         <groupID>$enc.xml($groupID)</groupID>
+#end
+#if ($artifactID)        
+        <artifactID>$enc.xml($artifactID)</artifactID>
+#end
+#if ($version)
+        <version>$enc.xml($version)</version>
+#end
         <reportDate>$scanDateXML</reportDate>
         <credits>This report contains data retrieved from the National Vulnerability Database: http://nvd.nist.gov</credits>
     </projectInfo>

From 5c2145176055d8183ca12d7b3f5b9033684c726e Mon Sep 17 00:00:00 2001
From: Jeremy Long <jeremy.long@gmail.com>
Date: Fri, 5 May 2017 14:15:21 -0400
Subject: [PATCH 5/5] updated to use the new schema

---
 .../reporting/ReportGeneratorIntegrationTest.java               | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dependency-check-core/src/test/java/org/owasp/dependencycheck/reporting/ReportGeneratorIntegrationTest.java b/dependency-check-core/src/test/java/org/owasp/dependencycheck/reporting/ReportGeneratorIntegrationTest.java
index e27fa4b6c..05eb28ab8 100644
--- a/dependency-check-core/src/test/java/org/owasp/dependencycheck/reporting/ReportGeneratorIntegrationTest.java
+++ b/dependency-check-core/src/test/java/org/owasp/dependencycheck/reporting/ReportGeneratorIntegrationTest.java
@@ -153,7 +153,7 @@ public class ReportGeneratorIntegrationTest extends BaseDBTestCase {
             
             engine.cleanup();
             
-            InputStream xsdStream = ReportGenerator.class.getClassLoader().getResourceAsStream("schema/dependency-check.1.4.xsd");
+            InputStream xsdStream = ReportGenerator.class.getClassLoader().getResourceAsStream("schema/dependency-check.1.5.xsd");
             StreamSource xsdSource = new StreamSource(xsdStream);
             StreamSource xmlSource = new StreamSource(new File(writeTo));
             SchemaFactory sf = SchemaFactory.newInstance(XMLConstants.W3C_XML_SCHEMA_NS_URI);