github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-03-11 21:05:38 +01:00
Code Issues Packages Projects Releases Wiki Activity

merge upstream

Browse Source
This commit is contained in:
bjiang
2016-05-03 13:12:05 -04:00
parent c2b1742582 9e63ac6d5b
commit f1422adf75
63 changed files with 434 additions and 390 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
dependency-check-core/src/test/java/org/owasp/dependencycheck/BaseDBTestCase.java
View File

@@ -31,8 +31,8 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
* An abstract database test case that is used to ensure the H2 DB exists prior to performing tests that utilize the data
* contained within.
* An abstract database test case that is used to ensure the H2 DB exists prior
* to performing tests that utilize the data contained within.
*
* @author Jeremy Long
*/
@@ -49,6 +49,11 @@ public abstract class BaseDBTestCase extends BaseTest {
public static void ensureDBExists() throws Exception {
File f = new File("./target/data/dc.h2.db");
if (f.exists() && f.isFile() && f.length() < 71680) {
f.delete();
}
java.io.File dataPath = Settings.getDataDirectory();
String fileName = Settings.getString(Settings.KEYS.DB_FILE_NAME);
LOGGER.trace("DB file name {}", fileName);

2
dependency-check-core/src/test/java/org/owasp/dependencycheck/BaseTest.java
View File

@@ -39,7 +39,7 @@ public class BaseTest {
if (f.exists() && f.isFile() && f.length() < 71680) {
System.err.println("------------------------------------------------");
System.err.println("------------------------------------------------");
System.err.println("I broke the build");
System.err.println("Test referenced CveDB() and does not extend BaseDbTestCases?");
System.err.println("------------------------------------------------");
System.err.println("------------------------------------------------");
}

11
dependency-check-core/src/test/java/org/owasp/dependencycheck/EngineIntegrationTest.java
View File

@@ -30,16 +30,7 @@ import org.owasp.dependencycheck.utils.Settings;
*
* @author Jeremy Long
*/
public class EngineIntegrationTest extends BaseTest {
@Before
public void setUp() throws Exception {
org.owasp.dependencycheck.BaseDBTestCase.ensureDBExists();
}
@After
public void tearDown() {
}
public class EngineIntegrationTest extends BaseDBTestCase {
/**
* Test running the entire engine.

4
dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/AbstractSuppressionAnalyzerTest.java
View File

@@ -77,8 +77,8 @@ public class AbstractSuppressionAnalyzerTest extends BaseTest {
Settings.setString(Settings.KEYS.SUPPRESSION_FILE, "suppressions.xml");
instance.initialize();
int expCount = 5;
List<SuppressionRule> result = instance.getRules();
assertTrue(expCount <= result.size());
int currentSize = instance.getRules().size();
assertTrue(expCount <= currentSize);
}
@Test(expected = SuppressionParseException.class)

4
dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/AnalyzerServiceTest.java
View File

@@ -20,13 +20,13 @@ package org.owasp.dependencycheck.analyzer;
import java.util.Iterator;
import static org.junit.Assert.assertTrue;
import org.junit.Test;
import org.owasp.dependencycheck.BaseTest;
import org.owasp.dependencycheck.BaseDBTestCase;
/**
*
* @author Jeremy Long
*/
public class AnalyzerServiceTest extends BaseTest {
public class AnalyzerServiceTest extends BaseDBTestCase {
/**
* Test of getAnalyzers method, of class AnalyzerService.

1
dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/ComposerLockAnalyzerTest.java
View File

@@ -55,6 +55,7 @@ public class ComposerLockAnalyzerTest extends BaseDBTestCase {
*/
@Before
public void setUp() throws Exception {
super.setUp();
analyzer = new ComposerLockAnalyzer();
analyzer.setFilesMatched(true);
analyzer.initialize();

3
dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/FalsePositiveAnalyzerTest.java
View File

@@ -18,6 +18,7 @@ package org.owasp.dependencycheck.analyzer;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
import org.junit.Test;
import org.owasp.dependencycheck.BaseTest;
import org.owasp.dependencycheck.Engine;
import org.owasp.dependencycheck.dependency.Dependency;
@@ -25,7 +26,7 @@ import org.owasp.dependencycheck.dependency.Dependency;
*
* @author Jeremy Long
*/
public class FalsePositiveAnalyzerTest {
public class FalsePositiveAnalyzerTest extends BaseTest {
/**
* Test of getName method, of class FalsePositiveAnalyzer.

2
dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/FileNameAnalyzerTest.java
View File

@@ -28,7 +28,7 @@ import org.owasp.dependencycheck.dependency.Dependency;
*
* @author Jeremy Long
*/
public class FileNameAnalyzerTest {
public class FileNameAnalyzerTest extends BaseTest {
/**
* Test of getName method, of class FileNameAnalyzer.

28
dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/RubyBundleAuditAnalyzerTest.java
View File

@@ -18,6 +18,7 @@
package org.owasp.dependencycheck.analyzer;
import static org.hamcrest.CoreMatchers.is;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertThat;
import static org.junit.Assert.assertTrue;
@@ -37,6 +38,7 @@ import org.owasp.dependencycheck.data.nvdcve.DatabaseException;
import org.owasp.dependencycheck.dependency.Dependency;
import org.owasp.dependencycheck.dependency.Evidence;
import org.owasp.dependencycheck.dependency.Identifier;
import org.owasp.dependencycheck.dependency.Vulnerability;
import org.owasp.dependencycheck.utils.Settings;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -116,13 +118,37 @@ public class RubyBundleAuditAnalyzerTest extends BaseTest {
assertTrue(dependency.getVersionEvidence().toString().toLowerCase().contains("2.2.2"));
assertTrue(dependency.getFilePath().endsWith(resource));
assertTrue(dependency.getFileName().equals("Gemfile.lock"));
} catch (Exception e) {
LOGGER.warn("Exception setting up RubyBundleAuditAnalyzer. Make sure Ruby gem bundle-audit is installed. You may also need to set property \"analyzer.bundle.audit.path\".", e);
Assume.assumeNoException("Exception setting up RubyBundleAuditAnalyzer; bundle audit may not be installed, or property \"analyzer.bundle.audit.path\" may not be set.", e);
}
}
/**
* Test Ruby addCriticalityToVulnerability
*/
@Test
public void testAddCriticalityToVulnerability() throws AnalysisException, DatabaseException {
try {
analyzer.initialize();
final Dependency result = new Dependency(BaseTest.getResourceAsFile(this,
"ruby/vulnerable/gems/sinatra/Gemfile.lock"));
final Engine engine = new Engine();
analyzer.analyze(result, engine);
Dependency dependency = engine.getDependencies().get(0);
Vulnerability vulnerability = dependency.getVulnerabilities().first();
assertEquals(vulnerability.getCvssScore(), 5.0f, 0.0);
} catch (Exception e) {
LOGGER.warn("Exception setting up RubyBundleAuditAnalyzer. Make sure Ruby gem bundle-audit is installed. You may also need to set property \"analyzer.bundle.audit.path\".", e);
Assume.assumeNoException("Exception setting up RubyBundleAuditAnalyzer; bundle audit may not be installed, or property \"analyzer.bundle.audit.path\" may not be set.", e);
}
}
/**
* Test when Ruby bundle-audit is not available on the system.
*

3
dependency-check-core/src/test/java/org/owasp/dependencycheck/data/composer/ComposerLockParserTest.java
View File

@@ -25,11 +25,12 @@ import java.io.InputStream;
import java.nio.charset.Charset;
import static org.junit.Assert.*;
import org.owasp.dependencycheck.BaseTest;
/**
* Created by colezlaw on 9/5/15.
*/
public class ComposerLockParserTest {
public class ComposerLockParserTest extends BaseTest {
private InputStream inputStream;

3
dependency-check-core/src/test/java/org/owasp/dependencycheck/data/cpe/IndexEntryTest.java
View File

@@ -19,12 +19,13 @@ package org.owasp.dependencycheck.data.cpe;
import org.junit.Assert;
import org.junit.Test;
import org.owasp.dependencycheck.BaseTest;
/**
*
* @author Jeremy Long
*/
public class IndexEntryTest {
public class IndexEntryTest extends BaseTest {
/**
* Test of setName method, of class IndexEntry.

22
dependency-check-core/src/test/java/org/owasp/dependencycheck/data/cwe/CweDBTest.java
View File

@@ -23,31 +23,13 @@ import static org.junit.Assert.assertEquals;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import org.owasp.dependencycheck.BaseTest;
/**
*
* @author Jeremy Long
*/
public class CweDBTest {
public CweDBTest() {
}
@BeforeClass
public static void setUpClass() throws Exception {
}
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
public class CweDBTest extends BaseTest {
/**
* Method to serialize the CWE HashMap. This is not used in production; this is only used once during dev to create

19
dependency-check-core/src/test/java/org/owasp/dependencycheck/data/lucene/FieldAnalyzerTest.java
View File

@@ -43,28 +43,13 @@ import static org.junit.Assert.assertFalse;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import org.owasp.dependencycheck.BaseTest;
/**
*
* @author Jeremy Long
*/
public class FieldAnalyzerTest {
@BeforeClass
public static void setUpClass() throws Exception {
}
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
public class FieldAnalyzerTest extends BaseTest {
@Test
public void testAnalyzers() throws Exception {

19
dependency-check-core/src/test/java/org/owasp/dependencycheck/data/lucene/LuceneUtilsTest.java
View File

@@ -23,28 +23,13 @@ import static org.junit.Assert.assertEquals;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import org.owasp.dependencycheck.BaseTest;
/**
*
* @author Jeremy Long
*/
public class LuceneUtilsTest {
@BeforeClass
public static void setUpClass() throws Exception {
}
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
public class LuceneUtilsTest extends BaseTest {
/**
* Test of appendEscapedLuceneQuery method, of class LuceneUtils.

8
dependency-check-core/src/test/java/org/owasp/dependencycheck/data/lucene/TokenPairConcatenatingFilterTest.java
View File

@@ -39,14 +39,6 @@ import org.junit.Test;
*/
public class TokenPairConcatenatingFilterTest extends BaseTokenStreamTestCase {
@BeforeClass
public static void setUpClass() {
}
@AfterClass
public static void tearDownClass() {
}
@Override
@Before
public void setUp() throws Exception {

21
dependency-check-core/src/test/java/org/owasp/dependencycheck/data/nvdcve/CveDBIntegrationTest.java
View File

@@ -24,6 +24,8 @@ import java.util.Map;
import java.util.Map.Entry;
import java.util.Set;
import org.junit.Assert;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
import org.junit.Test;
import org.owasp.dependencycheck.dependency.Vulnerability;
@@ -73,6 +75,25 @@ public class CveDBIntegrationTest extends BaseDBTestCase {
}
}
/**
* Test of getVulnerability method, of class CveDB.
*/
@Test
public void testgetVulnerability() throws Exception {
CveDB instance = null;
try {
instance = new CveDB();
instance.open();
Vulnerability result = instance.getVulnerability("CVE-2014-0094");
assertEquals("The ParametersInterceptor in Apache Struts before 2.3.16.1 allows remote attackers to \"manipulate\" the ClassLoader via the class parameter, which is passed to the getClass method.", result.getDescription());
} finally {
if (instance != null) {
instance.close();
}
}
}
/**
* Test of getVulnerabilities method, of class CveDB.
*/

21
dependency-check-core/src/test/java/org/owasp/dependencycheck/data/nvdcve/CveDBMySQLTest.java
View File

@@ -25,6 +25,7 @@ import static org.junit.Assert.assertTrue;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import org.owasp.dependencycheck.BaseTest;
import org.owasp.dependencycheck.dependency.Vulnerability;
import org.owasp.dependencycheck.dependency.VulnerableSoftware;
import org.owasp.dependencycheck.utils.Settings;
@@ -33,25 +34,7 @@ import org.owasp.dependencycheck.utils.Settings;
*
* @author Jeremy Long
*/
public class CveDBMySQLTest {
@BeforeClass
public static void setUpClass() {
Settings.initialize();
}
@AfterClass
public static void tearDownClass() {
Settings.cleanup();
}
@Before
public void setUp() throws Exception {
}
@After
public void tearDown() throws Exception {
}
public class CveDBMySQLTest extends BaseTest {
/**
* Pretty useless tests of open, commit, and close methods, of class CveDB.

24
dependency-check-core/src/test/java/org/owasp/dependencycheck/data/nvdcve/DriverLoaderTest.java
View File

@@ -33,26 +33,7 @@ import org.owasp.dependencycheck.BaseTest;
*
* @author Jeremy Long
*/
public class DriverLoaderTest {
public DriverLoaderTest() {
}
@BeforeClass
public static void setUpClass() {
}
@AfterClass
public static void tearDownClass() {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
public class DriverLoaderTest extends BaseTest {
/**
* Test of load method, of class DriverLoader.
@@ -71,7 +52,8 @@ public class DriverLoaderTest {
}
/**
* Test of load method, of class DriverLoader; expecting an exception due to a bad driver class name.
* Test of load method, of class DriverLoader; expecting an exception due to
* a bad driver class name.
*/
@Test(expected = DriverLoadException.class)
public void testLoad_String_ex() throws Exception {

21
dependency-check-core/src/test/java/org/owasp/dependencycheck/data/update/nvd/NvdCve_1_2_HandlerTest.java
View File

@@ -36,26 +36,7 @@ import org.owasp.dependencycheck.dependency.VulnerableSoftware;
*
* @author Jeremy Long
*/
public class NvdCve_1_2_HandlerTest {
public NvdCve_1_2_HandlerTest() {
}
@BeforeClass
public static void setUpClass() throws Exception {
}
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
public class NvdCve_1_2_HandlerTest extends BaseTest {
@Test
public void testParse() throws Exception {

21
dependency-check-core/src/test/java/org/owasp/dependencycheck/data/update/nvd/NvdCve_2_0_HandlerTest.java
View File

@@ -33,26 +33,7 @@ import org.owasp.dependencycheck.BaseTest;
*
* @author Jeremy Long
*/
public class NvdCve_2_0_HandlerTest {
public NvdCve_2_0_HandlerTest() {
}
@BeforeClass
public static void setUpClass() throws Exception {
}
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
public class NvdCve_2_0_HandlerTest extends BaseTest {
@Test
public void testParse() {

21
dependency-check-core/src/test/java/org/owasp/dependencycheck/dependency/DependencyTest.java
View File

@@ -35,26 +35,7 @@ import org.owasp.dependencycheck.data.nexus.MavenArtifact;
*
* @author Jeremy Long
*/
public class DependencyTest {
public DependencyTest() {
}
@BeforeClass
public static void setUpClass() throws Exception {
}
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
public class DependencyTest extends BaseTest {
/**
* Test of getFileName method, of class Dependency.

3
dependency-check-core/src/test/java/org/owasp/dependencycheck/dependency/EvidenceTest.java
View File

@@ -20,12 +20,13 @@ package org.owasp.dependencycheck.dependency;
import org.junit.Test;
import static org.junit.Assert.*;
import static org.hamcrest.CoreMatchers.*;
import org.owasp.dependencycheck.BaseTest;
/**
*
* @author Jeremy Long
*/
public class EvidenceTest {
public class EvidenceTest extends BaseTest {
/**
* Test of equals method, of class Evidence.

22
dependency-check-core/src/test/java/org/owasp/dependencycheck/dependency/VulnerableSoftwareTest.java
View File

@@ -23,31 +23,13 @@ import static org.junit.Assert.assertEquals;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import org.owasp.dependencycheck.BaseTest;
/**
*
* @author Jeremy Long
*/
public class VulnerableSoftwareTest {
public VulnerableSoftwareTest() {
}
@BeforeClass
public static void setUpClass() throws Exception {
}
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
public class VulnerableSoftwareTest extends BaseTest {
/**
* Test of equals method, of class VulnerableSoftware.

8
dependency-check-core/src/test/java/org/owasp/dependencycheck/reporting/ReportGeneratorIntegrationTest.java
View File

@@ -26,6 +26,7 @@ import javax.xml.validation.SchemaFactory;
import javax.xml.validation.Validator;
import org.junit.Before;
import org.junit.Test;
import org.owasp.dependencycheck.BaseDBTestCase;
import org.owasp.dependencycheck.BaseTest;
import org.owasp.dependencycheck.Engine;
import org.owasp.dependencycheck.data.nvdcve.CveDB;
@@ -36,12 +37,7 @@ import org.owasp.dependencycheck.utils.Settings;
*
* @author Jeremy Long
*/
public class ReportGeneratorIntegrationTest extends BaseTest {
@Before
public void setUp() throws Exception {
org.owasp.dependencycheck.BaseDBTestCase.ensureDBExists();
}
public class ReportGeneratorIntegrationTest extends BaseDBTestCase {
/**
* Test of generateReport method, of class ReportGenerator.

22
dependency-check-core/src/test/java/org/owasp/dependencycheck/suppression/PropertyTypeTest.java
View File

@@ -25,31 +25,13 @@ import static org.junit.Assert.assertTrue;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import org.owasp.dependencycheck.BaseTest;
/**
*
* @author Jeremy Long
*/
public class PropertyTypeTest {
public PropertyTypeTest() {
}
@BeforeClass
public static void setUpClass() {
}
@AfterClass
public static void tearDownClass() {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
public class PropertyTypeTest extends BaseTest {
/**
* Test of set and getValue method, of class PropertyType.

21
dependency-check-core/src/test/java/org/owasp/dependencycheck/suppression/SuppressionHandlerTest.java
View File

@@ -39,26 +39,7 @@ import org.xml.sax.XMLReader;
*
* @author Jeremy Long
*/
public class SuppressionHandlerTest {
public SuppressionHandlerTest() {
}
@BeforeClass
public static void setUpClass() {
}
@AfterClass
public static void tearDownClass() {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
public class SuppressionHandlerTest extends BaseTest {
/**
* Test of getSuppressionRules method, of class SuppressionHandler.

21
dependency-check-core/src/test/java/org/owasp/dependencycheck/suppression/SuppressionParserTest.java
View File

@@ -32,26 +32,7 @@ import org.owasp.dependencycheck.BaseTest;
*
* @author Jeremy Long
*/
public class SuppressionParserTest {
public SuppressionParserTest() {
}
@BeforeClass
public static void setUpClass() {
}
@AfterClass
public static void tearDownClass() {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
public class SuppressionParserTest extends BaseTest {
/**
* Test of parseSuppressionRules method, of class SuppressionParser.

2
dependency-check-core/src/test/java/org/owasp/dependencycheck/suppression/SuppressionRuleTest.java
View File

@@ -34,7 +34,7 @@ import org.owasp.dependencycheck.dependency.Vulnerability;
*
* @author Jeremy Long
*/
public class SuppressionRuleTest {
public class SuppressionRuleTest extends BaseTest {
//<editor-fold defaultstate="collapsed" desc="Stupid tests of properties">
/**

22
dependency-check-core/src/test/java/org/owasp/dependencycheck/utils/DateUtilTest.java
View File

@@ -22,31 +22,13 @@ import static org.junit.Assert.assertEquals;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import org.owasp.dependencycheck.BaseTest;
/**
*
* @author Jeremy Long
*/
public class DateUtilTest {
public DateUtilTest() {
}
@BeforeClass
public static void setUpClass() {
}
@AfterClass
public static void tearDownClass() {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
public class DateUtilTest extends BaseTest {
/**
* Test of withinDateRange method, of class DateUtil.

3
dependency-check-core/src/test/java/org/owasp/dependencycheck/utils/DependencyVersionTest.java
View File

@@ -24,12 +24,13 @@ import static org.junit.Assert.assertArrayEquals;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
import org.junit.Test;
import org.owasp.dependencycheck.BaseTest;
/**
*
* @author Jeremy Long
*/
public class DependencyVersionTest {
public class DependencyVersionTest extends BaseTest {
/**
* Test of parseVersion method, of class DependencyVersion.

22
dependency-check-core/src/test/java/org/owasp/dependencycheck/utils/DependencyVersionUtilTest.java
View File

@@ -24,31 +24,13 @@ import static org.junit.Assert.assertNull;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import org.owasp.dependencycheck.BaseTest;
/**
*
* @author Jeremy Long
*/
public class DependencyVersionUtilTest {
public DependencyVersionUtilTest() {
}
@BeforeClass
public static void setUpClass() throws Exception {
}
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
public class DependencyVersionUtilTest extends BaseTest {
/**
* Test of parseVersion method, of class DependencyVersionUtil.

3
dependency-check-core/src/test/java/org/owasp/dependencycheck/utils/FilterTest.java
View File

@@ -23,12 +23,13 @@ import static org.junit.Assert.assertArrayEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
import org.junit.Test;
import org.owasp.dependencycheck.BaseTest;
/**
*
* @author Jeremy Long
*/
public class FilterTest {
public class FilterTest extends BaseTest {
/**
* Test of passes method, of class Filter.

3
dependency-check-core/src/test/java/org/owasp/dependencycheck/xml/pom/ModelTest.java
View File

@@ -23,12 +23,13 @@ import java.util.Properties;
import org.junit.Test;
import static org.junit.Assert.*;
import org.owasp.dependencycheck.BaseTest;
/**
*
* @author jeremy
*/
public class ModelTest {
public class ModelTest extends BaseTest {
/**
* Test of getName method, of class Model.

2
dependency-check-core/src/test/java/org/owasp/dependencycheck/xml/pom/PomUtilsTest.java
View File

@@ -27,7 +27,7 @@ import org.owasp.dependencycheck.BaseTest;
*
* @author jeremy
*/
public class PomUtilsTest {
public class PomUtilsTest extends BaseTest {
/**
* Test of readPom method, of class PomUtils.

2
dependency-check-core/src/test/resources/commons-fileupload-1.2.1.suppression.xml
View File

@@ -1,5 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
<suppressions xmlns="https://www.owasp.org/index.php/OWASP_Dependency_Check_Suppression">
<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.1.xsd">
<suppress>
<notes><![CDATA[
file name: commons-fileupload-1.2.1.jar

4
dependency-check-core/src/test/resources/ruby/vulnerable/gems/sinatra/Gemfile Normal file
View File

@@ -0,0 +1,4 @@
# encoding: utf-8
source 'https://rubygems.org'
gem 'sinatra'

17
dependency-check-core/src/test/resources/ruby/vulnerable/gems/sinatra/Gemfile.lock Normal file
View File

@@ -0,0 +1,17 @@
GEM
remote: https://rubygems.org/
specs:
rack (1.5.2)
rack-protection (1.5.2)
rack
sinatra (1.4.4)
rack (~> 1.4)
rack-protection (~> 1.4)
tilt (~> 1.3, >= 1.3.4)
tilt (1.4.1)
PLATFORMS
ruby
DEPENDENCIES
sinatra