bjiang
189da08885
merge upstream
2016-05-03 13:05:56 -04:00
Jeremy Long
4de9818bee
original CVE used in test does not exist in the current default DB used for tests.
2016-05-01 20:16:30 -04:00
Jeremy Long
84b992d3a1
Merge branch 'fix-cvss-for-bundle-audit' of git://github.com/geramirez/DependencyCheck into geramirez-fix-cvss-for-bundle-audit
2016-04-30 11:02:16 -04:00
Jeremy Long
9e46364759
updated test cases to track down build issue
2016-04-30 10:56:50 -04:00
Dave Goddard
0f37c2b59c
Adding sinatra fixture
...
Signed-off-by: Gabriel Ramirez <gabriel.e.ramirez@gmail.com >
2016-04-29 16:17:51 -04:00
David Jahn
8c6b9f9c68
Fixed CVSS for Ruby.
...
this bug was discovered when scanning ruby applications and getting back
`-1` cvss. this turns out to be a problem with bundle-audit cve
database.
Our solution was to use the NVD database, which dependency check uses to
get the CVSS scores for Ruby only if the Criticality is missing from
bundle-audit output. Keep in mind there are compilation errors with the
commit atm.
Fixes #485
Signed-off-by: Gabriel Ramirez <gabriel.e.ramirez@gmail.com >
2016-04-25 09:40:54 -04:00
Jeremy Long
abebecac4a
updated parser and tests to revert to old suppression schema if new schema fails
2016-04-24 09:06:00 -04:00
Jeremy Long
deda02f879
updated suppression schema to require a CPE, CVE, or CVSS Below per issue #488
2016-04-24 07:20:11 -04:00
bjiang
da82f975e4
Add test for project url from pom.xml
2016-04-15 12:30:14 -04:00
bjiang
ab48d2c2ff
multiple improvements
2016-03-28 14:06:30 -04:00
bjiang
a22fc550b3
#472 fix test to only skip the proper test case.
2016-03-21 11:38:52 -04:00
bjiang
343a78917c
Fixed #472 . Disable RubyBundleAuditAnalyzer if exception during initialize.
...
changes:
1. disable self during initialize before bubbling exception
2. new test case RubyBundleAuditAnalyzerTest#testMissingBundleAudit()
2016-03-20 17:06:03 -04:00
bjiang
ff7d0fdb9d
#472 first fix and improve RubyBundleAuditAnalyzerTest.java
...
Test were failing b/c Gemfile.lock and Gemfile were missing.
The files were missing b/c parent .gitignore them.
Changes:
1. Force added new test files, and updated test with more result
validation.
2. Added error logging from bundle-audit.
3. place holder for bundle-audit install directory in test
dependencycheck.properties.
2016-03-20 15:54:24 -04:00
Jeremy Long
cdc07047aa
doclint fixes
2016-03-05 13:18:37 -05:00
Jeremy Long
c832c2da28
doclint fixes
2016-03-05 13:18:37 -05:00
Jeremy Long
8daa713639
doclint fixes
2016-03-05 13:18:36 -05:00
Jeremy Long
e0a2966706
doclint fixes
2016-03-05 13:18:36 -05:00
Jeremy Long
354bfa14f9
doclint fixes
2016-03-05 13:18:35 -05:00
Jeremy Long
46b91702ba
doclint fixes
2016-03-05 13:18:35 -05:00
Jeremy Long
de9516e368
doclint fixes
2016-03-05 13:18:35 -05:00
Jeremy Long
3924e07e5c
doclint fixes
2016-03-05 13:18:34 -05:00
Jeremy Long
76bcbb5a7e
doclint fixes
2016-03-05 13:18:34 -05:00
Jeremy Long
f752285912
added test for parse manifest per issue #455
2016-02-27 07:14:27 -05:00
Jeremy Long
b45f9f514b
base test case handles settings initialization
2016-02-06 08:40:33 -05:00
Jeremy Long
2190c0229c
added check to see if the file is xml prior to unzipping it per issue #441
2016-02-06 08:11:24 -05:00
Jeremy Long
578fa32243
updated to honor noupdate flag for version check and removed some complexity
2016-01-03 09:14:08 -05:00
Jeremy Long
3a7f95b9b1
spelling correction
2015-12-18 06:28:11 -05:00
Jeremy Long
e05cef6886
extended the wrong base test case
2015-11-27 07:07:17 -05:00
Jeremy Long
8b5dbeab44
removed stack trace in build when bundle audit is not installed
2015-11-25 05:59:58 -05:00
Dale Visser
2ed5dc153a
Fixed merge conflict in App.java
2015-11-23 13:27:22 -05:00
Anthony Whitford
041d3c5312
Removed unnecessary countCharacter method by leveraging StringUtils.countMatches.
2015-11-01 23:19:37 -08:00
Jeremy Long
54d921f275
added test case
2015-10-26 06:32:02 -04:00
Jeremy Long
aa9908b34a
updated test properties w/ changes that had been made in the main properties
2015-10-25 06:22:30 -04:00
Jeremy Long
dc849c3891
removed duplicate abstract test base
2015-10-18 06:17:21 -04:00
Jeremy Long
2770b58a20
fixing the build
2015-10-18 06:07:23 -04:00
Jeremy Long
a7f50d147e
depending on test order this test may fail if ArchiveAnalyzer was previously loaded.
2015-10-14 07:12:04 -04:00
Jeremy Long
2f518dacfc
Merge branch 'master' of github.com:jeremylong/DependencyCheck
2015-10-13 21:24:22 -04:00
Jeremy Long
fded8b6cd3
fixed issue #383
2015-10-13 21:24:03 -04:00
Jeremy Long
3b6c64dc9d
move test resource to correct directory
2015-10-13 19:03:33 -04:00
Jeremy Long
a13dd58989
Merge pull request #380 from awhitford/TestLint
...
Removed compiler warnings from test code.
2015-10-12 06:46:50 -04:00
Jeremy Long
622b3210ae
Merge pull request #379 from awhitford/HashSetLen
...
Sized the new HashSet to avoid rehashing risk.
2015-10-12 06:46:12 -04:00
Jeremy Long
0ce830ca9d
fixed test case to correctly initialize the settings
2015-10-12 06:43:32 -04:00
Jeremy Long
3b976d211f
upgrdae db schema version
2015-10-12 06:15:24 -04:00
Anthony Whitford
031d648585
Removed compiler warnings from test code.
2015-10-11 17:48:27 -07:00
Anthony Whitford
762b2fe7d6
Leverage Collections.singleton for single entry HashSets.
2015-10-11 17:32:08 -07:00
Dale Visser
0573d0083e
Ruby Bundler: Throw AnalysisException in initialize if can't run bundle-audit.
2015-09-22 15:07:43 -04:00
Dale Visser
e57d62b682
Merge branch 'upmaster' into ruby-bundler
...
Conflicts:
dependency-check-cli/src/main/java/org/owasp/dependencycheck/App.java
dependency-check-cli/src/main/java/org/owasp/dependencycheck/CliParser.java
dependency-check-core/src/main/resources/META-INF/services/org.owasp.dependencycheck.analyzer.Analyzer
2015-09-22 14:21:43 -04:00
Jeremy Long
e04809f96b
checkstyle/findbugs/pmd/copyright corrections
2015-09-19 08:20:14 -04:00
Jeremy Long
b389260dec
updated copyright
2015-09-18 05:47:06 -04:00
Will Stranathan
6a7a868b71
Initial checkin of ComposerLockAnalyzer
2015-09-14 22:14:00 -04:00
