github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-16 16:46:55 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,236 Commits 7 Branches 56 Tags
0e2a31709a1b17ccc60c3921860b4833f98d1732
Commit Graph

1236 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jeremy Long
0e2a31709a added test cases to ensure setting the base flag will prevent the identifier from being added to the suppressedIdentifiers collection 
Former-commit-id: d369797a3b14fc2c42621d273d6f314e968848b9
 2014-09-13 05:45:05 -04:00
Jeremy Long
c785b39eda added assertion to validate that the base flag is being processed 
Former-commit-id: 0364e57af8f548d010f17f948492e9472433c675
 2014-09-13 05:44:09 -04:00
Jeremy Long
8fab2f58da added the base property and skipped adding the vulnerability or identifier to the suppressed collection if this is a base suppression rule 
Former-commit-id: a668d7d8b9345b6ad44bfff1ced4ab783a1f90d8
 2014-09-13 05:43:16 -04:00
Jeremy Long
e44ee3bfe1 added parsing of the base flag 
Former-commit-id: 02f533177846bcd4a98b31f851e91f438e1ddeaa
 2014-09-13 05:42:01 -04:00
Jeremy Long
62065c9d28 corrected the removal of an identifier so that iterator.remove was correctly used 
Former-commit-id: 252507772242cc7ff42ef9f310cfca3bec7cb075
 2014-09-13 05:41:26 -04:00
Jeremy Long
c76275275f added the base=true flag to all base suppressions 
Former-commit-id: ac77f3fc4ff80c182b7736554a1960e186e67d69
 2014-09-13 05:40:37 -04:00
Jeremy Long
257f78879d added base attribute to suppression rules 
Former-commit-id: bcadbd75b99471a56d604c2f158570305e9b4010
 2014-09-13 05:40:06 -04:00
Jeremy Long
894263809c added base flag to one suppression entry 
Former-commit-id: 7d6bbf36e5e35c2ee2fe8c901281996a34706036
 2014-09-13 05:39:38 -04:00
Jeremy Long
c503935d6a updated to correctly close the ObjectOutputStream based on guidance from the CERT Java Secure Coding Standard 
Former-commit-id: 1c7b929055f273d49b1203c117d7bb12162cfdb2
 2014-09-12 06:36:00 -04:00
Jeremy Long
d4756c9eb8 updated base suppression list to include sandbox:sandbox - a php app 
Former-commit-id: 087a4c5af2afd03a1d4703d2e1e5a1607a2e7ac9
 2014-09-12 06:34:23 -04:00
Jeremy Long
0004767775 added fix for issue #147 to address springsource, non-core spring, jars being idenified as cpe://a:springsource:springframwork 
Former-commit-id: 0a3182123be78a3f450cdef0bcc395907d27730a
 2014-09-10 17:55:04 -04:00
Jeremy Long
74908642c7 added test dependency 
Former-commit-id: fa4846dfa384639114f32ed3b7a0d91347b8dabf
 2014-09-10 17:39:31 -04:00
Jeremy Long
aadfb71c98 fixed test case by removing a temporary test entry in DetermineCPE_full 
Former-commit-id: 0f91c7b8e1d536c9d15176dc2d9a439da4e8ccdc
 2014-09-10 17:37:54 -04:00
Jeremy Long
1244af649d updated to improve CPE matching so that if a broad match occured (cpe with no version number) we use the highest confidence version when generating the CPE identifier 
Former-commit-id: 6e8c87a71522b1ca7cfa9d72ca419a792d1b17e7
 2014-09-09 15:10:08 -04:00
Jeremy Long
7bd48cc811 updated version analysis to reduce false positives and increase accurate detection 
Former-commit-id: 6097160434b7e98182738706790d82cdbd867175
 2014-09-09 15:07:28 -04:00
Jeremy Long
8f3ce38418 re-ordered operations so that a new lucene index is no longer created on each call to calDetermineCPE_full 
Former-commit-id: e2af1d893b47afe1ed36d1ab1e6840d47757b509
 2014-09-07 08:28:44 -04:00
Jeremy Long
1b2d9b4245 fixed minor display bug 
Former-commit-id: 65e1adcdc7677490907ee6eca68bf1174d355a3c
 2014-09-07 07:20:45 -04:00
Jeremy Long
c6b2b34fde removed duplicative test of downloading XML 
Former-commit-id: 97d1371609af2cc9583b0ac071a8606c93a34fbe
 2014-09-07 06:59:50 -04:00
Jeremy Long
e58fc13fdb additional looping corrections in determineCPE() to break early if an identifier is found 
Former-commit-id: 4ec4ffe598d9870a793da8980bb863633c1967d7
 2014-09-06 19:09:38 -04:00
Jeremy Long
922d53d2e4 Increased the confidence on the pom artifact and groupid 
Former-commit-id: b052b50353197e0f7cb419e6f618f2320da11183
 2014-09-06 19:08:22 -04:00
Jeremy Long
fec53b3951 corrected looping in determineCPE() 
Former-commit-id: 329f20687223f38273b2e23601b05fcea2b9122f
 2014-09-06 06:37:12 -04:00
Jeremy Long
e72e2c6a02 corrected documention error with the reporting sets 
Former-commit-id: ab503e5a710a69624a3216edea880e614b003ba8
 2014-09-01 08:19:46 -04:00
Jeremy Long
08d001ee05 checkstyle corrections 
Former-commit-id: ecc262c75890ef4c8760cb41e7948cb6decdf5d5
 2014-09-01 08:13:53 -04:00
Jeremy Long
99d8a07f4a updated documentation as part of resolution for issue #144 
Former-commit-id: f47171e52e22e75c582bed47c9d0e9df3945e148
 2014-09-01 08:13:34 -04:00
Jeremy Long
eef565134b update to correct issue #79 - the internal report format is no longer supported 
Former-commit-id: 4dc9a83008a75d97f3838aa1a41f1d93eb39f2de
 2014-09-01 07:39:54 -04:00
Jeremy Long
9d78293437 fix for issue #128 - the application will no longer throw an exception on large files when generating the hash digest 
Former-commit-id: aae811e5d10ca0ee5ac7316fa992b5c45e43d2be
 2014-09-01 07:30:04 -04:00
Jeremy Long
fc0a556e5f checkstyle and findbugs corrections 
Former-commit-id: 2bf90876b7c88bccb93135a0be43f01e49c3cd30
 2014-08-30 15:51:24 -04:00
Jeremy Long
b6b070584f checkstyle corrections, added javadoc, etc. 
Former-commit-id: 2b806cb8527a627d400644465bcf9f04d687d729
 2014-08-30 15:19:52 -04:00
Jeremy Long
e13225eee6 initial version of aggreation completed for issue #19 - some cleanup still needs to happen before final release 
Former-commit-id: 98c9af3004e2c725d0dca5d6847b65a4646c6a73
 2014-08-30 07:50:27 -04:00
Jeremy Long
da20fb2922 added velocity-tools to base suppression as it should not be reported as struts 
Former-commit-id: 4649d95a091def05ae249da42aa7d6f845b14d59
 2014-08-30 07:48:02 -04:00
Jeremy Long
459c2beb12 noop 
Former-commit-id: a51d953d0c60c39d845d69d66c87db8b904382c4
 2014-08-29 05:41:31 -04:00
Jeremy Long
f1cc44dead removed the externalReport option 
Former-commit-id: 4cc3ec2638140f8320eb8946d2154dae330786b0
 2014-08-29 05:38:40 -04:00
Jeremy Long
d24cfdc382 resolved merge conflict 
Former-commit-id: 4806c0c99bd35d64135ee22a12018e6a92c54059
 2014-08-16 07:41:55 -04:00
Jeremy Long
ae4cc543f6 corrected outputFile name to correctly use the target directory from project.getBuild().getDirectory() 
Former-commit-id: 7ef2ca45e502e945e7356f9c63845eb4e7b532fc
 2014-08-16 07:30:34 -04:00
Jeremy Long
abdb3d17f9 added initial plumbing to support report aggregation per issue #19 - report aggregation is still not complete 
Former-commit-id: df248d0c1a7f3628653717029f034a46afde742b
 2014-08-16 07:29:35 -04:00
Jeremy Long
4095c5da38 made serializable 
Former-commit-id: 27d8084ea981766791df05c5e9ef61dbe40ba32c
 2014-08-16 07:27:28 -04:00
Jeremy Long
78fab728e4 added an additional generate method 
Former-commit-id: 44b78b525da45918f3b4bc77b368f88e49361c95
 2014-08-15 06:22:54 -04:00
Jeremy Long
52097a6867 initial version of the ReportAggregationMojo 
Former-commit-id: e15575413d625c6b5c5f3d73f5a739e1890eec27
 2014-08-15 06:02:04 -04:00
Jeremy Long
cb990b55b5 added the apache 2.0 license to the header 
Former-commit-id: f7d5558f565abe9c3e1a04f79666137e4f67e017
 2014-08-15 06:00:30 -04:00
Jeremy Long
5070fe303a added the configuration value mavenSettingsProxyId to inform users that if you have multiple proxies defined in settings.xml you can choose which one should be used 
Former-commit-id: 20fa4a92d446fd30a882e07c37897907fb1638b1
 2014-08-15 05:59:39 -04:00
Jeremy Long
b4405ebf3e minor changes to the TOC table - removed # of related dependencies and renamed CVE Impact to Highest Severity to clear up ambiguity 
Former-commit-id: b8b14ab120d889057864eb6f93cadad9773b9171
 2014-08-15 05:58:10 -04:00
Jeremy Long
d9e6bf5068 Merge pull request #145 from erik-wramner/fix-maven-proxy-bug 
Modified Maven plugin to use proxy host as is, not as an URL. This works...

Former-commit-id: 53e28e6799ef13ca3d88ed00aaa1e0c3f24aa04b
 2014-08-15 05:37:14 -04:00
erik-wramner
6822188f52 Modified Maven plugin to use proxy host as is, not as an URL. This works correctly for our proxy server with Maven 3. 
Former-commit-id: 02e97e359b1c5d6d9f1dc9149c9fbed510d31559
 2014-08-10 12:15:00 +02:00
Jeremy Long
15858d03ff moved reporting functions from the core maven plugin to a utility class 
Former-commit-id: d63d2a7a5031038b9f86bbe94fc4a198374bd9f3
 2014-08-08 14:44:26 -04:00
Jeremy Long
814a733258 moved reporting functions from the core maven plugin to a utility class 
Former-commit-id: 0d8507b8534320189ea5f36d0fc1cac7d0843c0f
 2014-08-08 14:43:00 -04:00
Jeremy Long
3ce85d8ca9 rework of report generation and added fix for proxy (patch for proxy was from Erik Wramner) to close issue #136 
Former-commit-id: afc81123b31189618ade397b830bf421db2918f8
 2014-08-08 14:42:23 -04:00
Jeremy Long
d3bff2f39d version 1.2.5-SNAPSHOT 
Former-commit-id: 85ed1238022348f1e9496ffe3c95d4ff8e3d09c3
 2014-08-05 18:55:30 -04:00
Jeremy Long
f2272730ac version 1.2.4 
Former-commit-id: 4de7e508eb1885bb72e866960fa5402f72bf8e49
v1.2.4 		2014-08-05 18:45:36 -04:00
Jeremy Long
fe19c97d86 corrected link syntax 
Former-commit-id: 01b9ea03864248a9c5427af6d7238c435c0a4fa7
 2014-08-05 18:45:25 -04:00
Jeremy Long
56b447493e added additional error messages about the proxy if the download fails per issue #136 
Former-commit-id: 7a5dcc58ab959a70b7e086a984f5d9289d749b99
 2014-08-05 10:58:43 -04:00