github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-05-24 15:57:08 +02:00
Code Issues Packages Projects Releases Wiki Activity
4,292 Commits 7 Branches 56 Tags
20b1ff38f9f4b51890a18157db1c4e8903726408
Commit Graph

1892 Commits

Author SHA1 Message Date
Jens Hausherr 6d70c92795 Add to String-Method to Reference 2016-06-03 09:41:48 +02:00
Jeremy Long d13bbd43f3 added experimental flag to force users to enable this and by doing so understand that these may not be as production ready as the Java analyzer (see issue #498) 2016-05-30 08:09:14 -04:00
Jeremy Long 0394d1a24f checkstyle correction - reduced method length 2016-05-30 07:59:53 -04:00
Jeremy Long 446222e127 removed unnecessary exclude 2016-05-30 07:59:18 -04:00
Jeremy Long 05d7aa898d minor reformatting to reduce line length (checkstyle) 2016-05-30 07:37:44 -04:00
Jens Hausherr ae5a766092 Limit split to fix #503 2016-05-27 15:07:59 +02:00
Jeremy Long 6a807bc002 checkstyle/findbugs corrections 2016-05-25 17:21:46 -04:00
Tilmann H 2906b315b3 Update initialize_mysql.sql 
lower cased "properties" in UPDATE statement
 2016-05-25 11:36:09 +02:00
Jeremy Long 425fd65bd8 added more false positive suppressions 2016-05-21 07:09:08 -04:00
Jeremy Long 7d83362a85 removed stack trace from build when ruby and bundle-audit are not installed 2016-05-15 07:49:17 -04:00
Jeremy Long 0b26894112 checkstyle/pmd/findbugs correction(s) 2016-05-15 07:48:26 -04:00
Jeremy Long 71ef8061f9 merge conflict resolved 2016-05-15 07:29:17 -04:00
Jeremy Long 353b17690f checkstyle/pmd/findbugs correction(s) 2016-05-15 07:22:52 -04:00
Jeremy Long 6790727260 ensured resources are properly closed 2016-05-15 07:02:18 -04:00
Jeremy Long ea942398e3 updated test case to use the correct parent class that allows for use of the database during testing 2016-05-15 06:45:57 -04:00
Jeremy Long 6f451736ba Add ability to flag analyzers as experimental so that they are not always enabled 2016-05-14 07:20:53 -04:00
bjiang 413c71eb0a Merge branch 'ruby_dependency' into swift_support 2016-05-13 13:49:40 -04:00
bjiang 9d1408be20 do not use actual path for packagePath from compress case 2016-05-13 13:33:34 -04:00
bjiang 2b761279e4 Merge branch 'ruby_dependency' into swift_support 2016-05-06 17:59:28 -04:00
bjiang d5e8f54214 fix RubyBundlerAnalyzer.accept 2016-05-06 17:55:21 -04:00
bjiang 83f83d4eee add RubyBundlerAnalyzerTest 2016-05-06 17:45:40 -04:00
bjiang b0f4ab9ba5 cleanup & Rakefile support placeholder 2016-05-06 17:25:08 -04:00
bjiang 06dad8f79c javadoc 2016-05-06 17:22:39 -04:00
bjiang 83ab122ddf disable RubyBundlerAnalyzer if RubyBundleAuditAnalyzer 2016-05-06 16:42:39 -04:00
bjiang 8a42fe4ae1 javadoc 2016-05-06 16:19:59 -04:00
bjiang 94c6778b89 better javadoc 2016-05-06 16:14:16 -04:00
bjiang c0e5973517 rename RubyBundlerAnalyzer and javadoc 2016-05-06 15:50:35 -04:00
bjiang 1e7bbfa7c1 bundle the same SWIFT package by different analyzers 2016-05-06 13:43:05 -04:00
bjiang dc7245ff6e code cleanup 2016-05-06 12:55:59 -04:00
bjiang ffaf7b40e9 merge from ruby_dependency 2016-05-06 10:31:17 -04:00
bjiang 4de3fb1f2a javadoc 2016-05-06 10:25:49 -04:00
bjiang 99355d993a code cleanup with more comments 2016-05-06 10:24:28 -04:00
bjiang d25f6e813c new analyzer for Package.swift 2016-05-05 19:21:21 -04:00
bjiang 043f8e0523 cleanup 2016-05-03 15:45:08 -04:00
bjiang 5fcf2a2623 get authors field 2016-05-03 14:53:25 -04:00
bjiang f1422adf75 merge upstream 2016-05-03 13:12:05 -04:00
bjiang 189da08885 merge upstream 2016-05-03 13:05:56 -04:00
bjiang c2b1742582 support cocoapods for swift 2016-05-03 12:41:39 -04:00
Jeremy Long 9e63ac6d5b Merge pull request #493 from awhitford/CommIO25 
Commons-IO 2.5 upgrade
 2016-05-02 19:26:52 -04:00
Jeremy Long 4d7ab8b187 Merge pull request #491 from mwieczorek/MSSQL_Support 
MSSQL Support
 2016-05-02 19:25:39 -04:00
Jeremy Long 4de9818bee original CVE used in test does not exist in the current default DB used for tests. 2016-05-01 20:16:30 -04:00
Jeremy Long 7a2e1fd221 updated bundle audit score to be more accurate 2016-05-01 15:39:12 -04:00
Jeremy Long 35ffd56ea9 fixed compile issues in PR 2016-04-30 11:20:26 -04:00
Jeremy Long 84b992d3a1 Merge branch 'fix-cvss-for-bundle-audit' of git://github.com/geramirez/DependencyCheck into geramirez-fix-cvss-for-bundle-audit 2016-04-30 11:02:16 -04:00
Jeremy Long 9e46364759 updated test cases to track down build issue 2016-04-30 10:56:50 -04:00
Dave Goddard 0f37c2b59c Adding sinatra fixture 
Signed-off-by: Gabriel Ramirez <gabriel.e.ramirez@gmail.com>
 2016-04-29 16:17:51 -04:00
Michal Wieczorek 33852ea7e3 MSSQL Support 2016-04-27 23:35:05 +02:00
Anthony Whitford 4fbed1cdac Added Charset to avoid deprecated FileUtils methods. 2016-04-27 01:37:00 -07:00
David Jahn 8c6b9f9c68 Fixed CVSS for Ruby. 
this bug was discovered when scanning ruby applications and getting back
`-1` cvss. this turns out to be a problem with bundle-audit cve
database.

Our solution was to use the NVD database, which dependency check uses to
get the CVSS scores for Ruby only if the Criticality is missing from
bundle-audit output. Keep in mind there are compilation errors with the
commit atm.

Fixes #485

Signed-off-by: Gabriel Ramirez <gabriel.e.ramirez@gmail.com>
 2016-04-25 09:40:54 -04:00
Jeremy Long abebecac4a updated parser and tests to revert to old suppression schema if new schema fails 2016-04-24 09:06:00 -04:00