github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-03-12 05:11:56 +01:00
Code Issues Packages Projects Releases Wiki Activity
3,938 Commits 7 Branches 56 Tags
0b26894112ca706d86ec73b08fb00a06826ef7d9
Commit Graph

1510 Commits

Author SHA1 Message Date
Anthony Whitford
11a3db5d64 Revert "Replaced update or insert property logic with merge property logic." 
This reverts commit ece4a51b94.
 2015-09-10 23:21:44 -07:00
Anthony Whitford
3746df49ee Added type declarations. 2015-09-10 00:21:54 -07:00
Anthony Whitford
d98f67eab9 Added missing serialVersionUID. 2015-09-10 00:20:03 -07:00
Anthony Whitford
fde415e251 Added missing serialVersionUID. 2015-09-10 00:05:04 -07:00
Anthony Whitford
5702f39181 Addressed possible resource leak. 2015-09-09 23:54:20 -07:00
Anthony Whitford
45658afd89 Replaced empty string equals check with an isEmpty check. 2015-09-09 23:20:51 -07:00
Anthony Whitford
ece4a51b94 Replaced update or insert property logic with merge property logic. 2015-09-09 23:18:38 -07:00
Dale Visser
837d4918f2 Merge branch 'upmaster' into ruby-bundler. Fixed omission of --disableBundleAudit option. 
Conflicts:
	dependency-check-cli/src/main/java/org/owasp/dependencycheck/CliParser.java
 2015-09-09 18:09:41 -04:00
Jeremy Long
fdbec176fa fixed logging statements to use slf4j format syntax instead of String.format syntax 2015-09-08 06:31:59 -04:00
Anthony Whitford
96768d8529 Replaced Date manipulation with more efficient System call. 2015-09-08 01:01:13 -07:00
Anthony Whitford
2689a08026 Replaced Date manipulation with more efficient System call. 2015-09-07 17:50:02 -07:00
Anthony Whitford
54be70672e Replaced Date manipulation with more efficient System call. 2015-09-07 17:49:11 -07:00
Anthony Whitford
b51731d15f Added final keyword. 2015-09-07 16:35:23 -07:00
Anthony Whitford
769fcb20d8 Removed a now unused import. 2015-09-07 16:29:27 -07:00
Anthony Whitford
537c4b3a50 Added missing final keywords. 2015-09-07 16:28:55 -07:00
Anthony Whitford
a75c17ac5e Added final keywords and elaborated the javax.json imports. 2015-09-07 16:28:22 -07:00
Anthony Whitford
9a45c9aa7c Removed unused Cal10n MessageConveyor. 2015-09-07 15:21:54 -07:00
Anthony Whitford
01450bacc2 Removed a redundant null check, and replaced an addAll with the constructor population. 2015-09-07 14:51:26 -07:00
Anthony Whitford
af0255ee09 Rather than create a collection, then call addAll to populate, the collection can be created with the collection to clone. 2015-09-07 14:48:23 -07:00
Anthony Whitford
df25bbb6d2 Replaced json iteration with more efficient entrySet. Also corrected an invalid logging statement. 2015-09-07 14:43:34 -07:00
Anthony Whitford
444685bc05 Inner class should be static (since it doesn't reference parent). 2015-09-07 14:40:32 -07:00
Anthony Whitford
514f8398e2 Upgraded commons-lang-2.6 to newer commons-lang3-3.4. 2015-09-07 01:09:41 -07:00
Jeremy Long
3bb716b060 Merge pull request #336 from awhitford/Timing 
Added time measurements for key steps.
 2015-09-05 21:08:05 -04:00
Jeremy Long
784b78b17c added another timer to pull #336 2015-09-05 21:07:29 -04:00
Jeremy Long
d452c5fabb fixed shift operator per issue #335 2015-09-05 20:56:18 -04:00
Anthony Whitford
92e1fd3f28 Added time measurements for key steps. 2015-09-05 00:31:50 -07:00
Dale Visser
1e29d2e751 Merge branch 'upmaster' into ruby-bundler 
Conflicts:
	dependency-check-cli/src/main/java/org/owasp/dependencycheck/CliParser.java
 2015-08-30 15:11:33 -04:00
Dale Visser
a0437bf933 Ruby bunder: Code needed to disable the analyzer in the CLI if desired. 2015-08-30 15:07:21 -04:00
Dale Visser
73e0292a4b Ruby Bundler: Added informative message about updating DB. Switched most log messages to debug level. 2015-08-30 14:52:55 -04:00
Dale Visser
c393e74160 Ruby bundler: Better message and logging when bundle-audit not found. 2015-08-30 14:31:58 -04:00
Dale Visser
80c4666198 Ruby bundler: More method extractions to eliminate monolithic method. 2015-08-30 14:16:32 -04:00
Dale Visser
ea7bd1f700 Ruby bundler: tidied up how extracted method is used. 2015-08-30 14:06:47 -04:00
Dale Visser
b3a55cc85d Ruby bundler: extracted method 2015-08-30 13:57:30 -04:00
Dale Visser
036200350d Ruby bundler: add needed null checks to avoid NPEs. 2015-08-30 13:50:22 -04:00
Dale Visser
713e9658c5 Ruby bundler: got description working. Added boilerplate text describing differences from standard D-C vulnerability report. 2015-08-29 12:29:44 -04:00
Dale Visser
782039810e Ruby Bundler: Added URL to report. 2015-08-29 11:33:16 -04:00
Dale Visser
b473d8ab9c Ruby Bundler: Added URL to report. 2015-08-29 11:28:38 -04:00
Dale Visser
2eb6918fb3 Ruby Bundler: Clean up report a little bit, and grouped vulnerabilities under dependencies, when appropriate. 2015-08-29 11:06:24 -04:00
Dale Visser
6f4ce34840 Ruby Bundler: Added CVSS score and a little hack to avoid dependency bundling. 2015-08-28 21:31:01 -04:00
Dale Visser
8853552161 Ruby Bundler: Successfully adding vulnerability into report, though all displayed info not looking great. 2015-08-28 19:56:35 -04:00
Dale Visser
95d3d17d83 Ruby Bundler: Now successfully creating temp files for dependency objects. 2015-08-28 13:58:49 -04:00
Jeremy Long
c41a288280 added null checks 2015-08-28 05:27:00 -04:00
Dale Visser
a0492fe944 Merge branch 'upmaster' into ruby-bundler 
Conflicts:
	dependency-check-core/src/main/resources/META-INF/services/org.owasp.dependencycheck.analyzer.Analyzer
 2015-08-27 14:05:36 -04:00
Dale Visser
c60245ea2b Node.js Analyzer: Switched from org.json to Glassfish JSR 353 reference implementation. 2015-08-25 17:28:17 -04:00
Dale Visser
9e25480baa Merge branch 'upmaster' into node-js-analyzer 
Conflicts:
	dependency-check-cli/src/main/java/org/owasp/dependencycheck/App.java
	dependency-check-cli/src/site/markdown/arguments.md
	dependency-check-core/src/main/resources/META-INF/services/org.owasp.dependencycheck.analyzer.Analyzer
 2015-08-25 13:03:12 -04:00
Jeremy Long
e484c5754e Merge pull request #312 from dwvisser/rubygems-analyzer-pr 
Rubygems analyzer
 2015-08-25 05:31:10 -04:00
Jeremy Long
481e753ad4 corrected spring-security false positives per issue #319 and #311 2015-08-23 06:45:35 -04:00
Dale Visser
271016f0fa Added verbose flag to get as much reportable info as possible. 2015-08-19 15:33:50 -04:00
Dale Visser
4493f895c6 Added test resources to cover interesting bundle-audit cases. 2015-08-19 15:26:17 -04:00
Dale Visser
5c32ecd8e1 Ruby Analyzer: Added bundle-audit analyzer. So far just launches if available and logs the output. 2015-08-18 16:59:39 -04:00