github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-16 00:33:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
2,986 Commits 7 Branches 56 Tags
3ed5e856463f2a6b2d252ce8f0eddb8d5ca8c8e2
Commit Graph

2986 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jeremy Long
e042148c62 Merge branch 'colezlaw-master' 
Former-commit-id: 5654a0e5cd8b8524ac317a55a2af5a52408bc8ca
 2014-06-26 20:33:45 -04:00
Jeremy Long
d8ba04ae7f Merge branch 'master' of github.com:colezlaw/DependencyCheck into colezlaw-master 
Former-commit-id: 27bac793e5284df49c0804361c07d4ef559cb251
 2014-06-26 20:33:35 -04:00
Jeremy Long
314d5fdad2 Merge branch 'colezlaw-suppression-fix' 
Former-commit-id: 1e7d9df774347ea043fef8ef3f5d6ca4aebaa15a
 2014-06-26 20:32:07 -04:00
Will Stranathan
5c874cafd1 Fixed suppression analyzer to load from input stream fixing failure 
Former-commit-id: 4e6f8d7fddcf7ed26ad60b7aa8bc3a6b22ae19cc
 2014-06-26 15:14:55 -04:00
Will Stranathan
8cafc14d09 Updated to 1.1 of GrokAssembly.exe to deal with exceptions 
Former-commit-id: 8c1d6ad04e378f2a19e2fcdc9ebc1eab12be9aef
 2014-06-24 10:16:53 -04:00
Jeremy Long
25ac5033fc snapshot version 1.2.3 
Former-commit-id: 58f96e7ef71987a53626287f95b332f04b60a6f6
 2014-06-22 21:33:58 -04:00
Jeremy Long
848be0db6c version 1.2.2 
Former-commit-id: 8da06e1a2f4b41bccc22105d7bc758442bb14e57
v1.2.2 		2014-06-22 21:31:58 -04:00
Jeremy Long
0f9da0731e updated text 
Former-commit-id: 7749b9ec6b0ce9502e1c7129bdec902ce5b43595
 2014-06-22 21:22:32 -04:00
Jeremy Long
8bc2364cce added site information to the dependency-check utils 
Former-commit-id: 7d8c4c3c2b98e0d492f4447e5f1dc1f071a2241a
 2014-06-22 19:56:14 -04:00
Jeremy Long
b64916ce3f added file analyzer documentation 
Former-commit-id: c0c29021cd1197f26942ff36c8b63220d1267c21
 2014-06-22 19:55:21 -04:00
Jeremy Long
452955667c checkstyle correction 
Former-commit-id: e5a891ea5b438e64e8a3aa5e697cb859d1a1f09a
 2014-06-22 19:54:25 -04:00
Jeremy Long
f38bbf4cc7 minor javadoc correction 
Former-commit-id: 45e621682304820fe17c17e92bd0aa5ac5dfd023
 2014-06-22 19:53:59 -04:00
Jeremy Long
25eaa11a52 updated description 
Former-commit-id: c8cb8b041ce351c2d33a3621f772e75d02950193
 2014-06-22 19:53:38 -04:00
Jeremy Long
4b4da8d467 checkstyle/pmd/etc. corrections 
Former-commit-id: 59883bd0b03c8690ce9a20120eafefe7c61384cd
 2014-06-22 19:03:33 -04:00
Jeremy Long
13116c5381 added support for suppression by GAV (issue #124), created base suppression.xml (issue #123), and fixed false positives related to spring security (issue #130) 
Former-commit-id: 330134211d022fec336dc1ca39205a94a088ee84
 2014-06-22 16:34:39 -04:00
Jeremy Long
d2cd406a62 added additional test resources 
Former-commit-id: b788c7420b82d8a108cd2335c536be667c2ab293
 2014-06-22 16:32:48 -04:00
Jeremy Long
acbce05fbf updated to support suppression by maven coordinates (GAV) per issue #124 
Former-commit-id: 3cff74ded9b0c352fb1d45e784d89c3c20f55467
 2014-06-20 06:47:46 -04:00
Jeremy Long
bee4d3a338 fixed bug that left false positive, previously fixed, due to the file name modifications that the archive analyzer makes - regex needed updating to not just look for the start of the filename 
Former-commit-id: 922a9edaf9123524585b97e6cb9f8efd4a389031
 2014-06-14 07:04:02 -04:00
Steve Springett
b9003a2f02 Merge remote-tracking branch 'origin/master' 
Conflicts:
	dependency-check-ant/src/main/java/org/owasp/dependencycheck/taskdefs/DependencyCheckTask.java
	dependency-check-ant/src/site/markdown/configuration.md
	dependency-check-cli/src/main/java/org/owasp/dependencycheck/App.java
	dependency-check-cli/src/main/java/org/owasp/dependencycheck/cli/CliParser.java
	dependency-check-cli/src/site/markdown/arguments.md
	dependency-check-core/src/main/java/org/owasp/dependencycheck/agent/DependencyCheckScanAgent.java
	dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/AssemblyAnalyzer.java
	dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nexus/NexusSearch.java
	dependency-check-core/src/main/resources/dependencycheck-resources.properties
	dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/DependencyCheckMojo.java
	dependency-check-maven/src/site/markdown/configuration.md
	dependency-check-utils/src/main/java/org/owasp/dependencycheck/utils/Downloader.java
	dependency-check-utils/src/main/java/org/owasp/dependencycheck/utils/Settings.java
	dependency-check-utils/src/main/java/org/owasp/dependencycheck/utils/URLConnectionFactory.java
	dependency-check-utils/src/test/java/org/owasp/dependencycheck/utils/DownloaderIntegrationTest.java
	src/test/resources/data.zip

Former-commit-id: 65443535a6c7cc240eb3999f60ea82044e9fff6a
 2014-06-10 10:57:45 -05:00
Jeremy Long
bce226002b added data.zip back after cleaning up history 
Former-commit-id: 6d227bf38e8023eeb134c965f48fbf859aeb9600
 2014-06-01 11:31:09 -04:00
Jeremy Long
a417db7c7a updated documentation to replace deprecated proxyUrl with proxyServer 
Former-commit-id: 165e14fcb6b57d8a522875eaa65f5ee766c9b1af
 2014-05-31 06:43:07 -04:00
Jeremy Long
0ffef12a8b deprecated the proxyUrl field replacing it with proxyServer; getter and setter for proxyUrl now just wrap proxyServer 
Former-commit-id: 5f1fbdf2eda6f05252f81dd8bf7acd44c01b7b6f
 2014-05-31 06:42:27 -04:00
Jeremy Long
4539b040e0 deprecated proxyUrl and replaced it with proxyServer 
Former-commit-id: 3330de9b2c36742a0b93d478b7dadaccea00cd4a
 2014-05-31 06:39:36 -04:00
Jeremy Long
f85014a86d deprecated proxyUrl and replaced it with proxyServer - using the deprecated configuration will still work but will generate a warning 
Former-commit-id: d9ff32d6b6e2f4d088f95d52ee33f1d0df3457fd
 2014-05-31 06:38:50 -04:00
Jeremy Long
d90d07c68b added code to disable the analyzer if initialization fails 
Former-commit-id: 202baa329f07fb24921ce83660d596d46b71b663
 2014-05-30 05:26:03 -04:00
Jeremy Long
ce292b84fa fixed spelling error in property name 
Former-commit-id: 106e8e9128bc371ff78f3a73c3f0da6012761cba
 2014-05-30 05:25:20 -04:00
Jeremy Long
01690860db renamed PROXY_URL to PROXY_SERVER to avoid confusion 
Former-commit-id: 1fbc025fba68aff644a8b8582657e5ef30024a24
 2014-05-24 07:06:59 -04:00
Jeremy Long
89fb2d4915 fixed error messages and added status code checks 
Former-commit-id: d21ff11466908f07ca02a50269f08d76f16a243e
 2014-05-24 07:06:46 -04:00
Jeremy Long
5cc3a42832 renamed PROXY_URL to PROXY_SERVER to avoid confusion 
Former-commit-id: 730eebed21baddfbd90c42a95769f8781de95b56
 2014-05-24 07:05:05 -04:00
Jeremy Long
6b303410d1 added a new initialize method that accepts a properties file path to load to make the class more versatile 
Former-commit-id: b6bee9569b075380b656faf9d2f1bf1c9aae849a
 2014-05-21 06:42:43 -04:00
Jeremy Long
60b0145e04 added a new initialize method that accepts a properties file path to load to make the class more versatile 
Former-commit-id: 00ec19b51a20c4ce3329a7c3c075a1f3ba16859e
 2014-05-21 06:42:43 -04:00
Jeremy Long
8cae2f24b1 Moved some of the utility classes from core to a new utils module 
Former-commit-id: 6c2ba353e41c6a43fef326896ea77ede300591ec
 2014-05-21 06:29:46 -04:00
Jeremy Long
ce48823d38 Moved some of the utility classes from core to a new utils module 
Former-commit-id: 2e6ff9631ff4c843f10db1e022e41e728394e420
 2014-05-21 06:29:46 -04:00
Jeremy Long
0a04d753ea renamed CallableDownloadTask to DownloadTask 
Former-commit-id: b4f805b231d3706c63a718ad23bc9b28a08cbb5f
 2014-05-20 21:08:15 -04:00
Jeremy Long
d43fee5585 renamed CallableDownloadTask to DownloadTask 
Former-commit-id: 4ed8987945722d99e0f23b2f379321a652f76348
 2014-05-20 21:08:15 -04:00
Jeremy Long
35402c7bd3 fixed test cases 
Former-commit-id: d76e5ba0431fdfc80847e7adbff9f0216ee7a191
 2014-05-17 08:04:20 -04:00
Jeremy Long
5dc9e51dd4 fixed test cases 
Former-commit-id: 081ea17023cef3313ce59dbf8ce7f2a8cff706eb
 2014-05-17 08:04:20 -04:00
Jeremy Long
847a97f61c if maven identifier already exists we now update it with a hyperlink instead of adding a new one - the Jar analyzer may add a maven identifier based on the pom.xml 
Former-commit-id: 00b8ca069e60a8fed72e767748380d0d6fa6908d
 2014-05-17 08:04:03 -04:00
Jeremy Long
235fcccbd7 if maven identifier already exists we now update it with a hyperlink instead of adding a new one - the Jar analyzer may add a maven identifier based on the pom.xml 
Former-commit-id: db0ae1145d000089fb10e0357566f03632a559b9
 2014-05-17 08:04:03 -04:00
Jeremy Long
fac27a6120 cleaned up pom evidence collection and added a maven identifier if the GAV is available from the pom.xml 
Former-commit-id: 83974c844dc91237ab3f174971f218e1678f47b4
 2014-05-17 08:03:04 -04:00
Jeremy Long
91c971b8fd cleaned up pom evidence collection and added a maven identifier if the GAV is available from the pom.xml 
Former-commit-id: 0400863fea2cfe86a5601b3ae134e7e98a4b29c7
 2014-05-17 08:03:04 -04:00
Jeremy Long
2e24eda00d fixed false positives related to Apache POI and MS Office CPE/CVE per issue #126 
Former-commit-id: 8cc26dc25ef613dd308388452c08a9f5852843ad
 2014-05-14 19:17:47 -04:00
Jeremy Long
e43003cadc fixed false positives related to Apache POI and MS Office CPE/CVE per issue #126 
Former-commit-id: cfde8d86cb339a9f2cf0b8c1f72f5ca198efab8a
 2014-05-14 19:17:47 -04:00
Jeremy Long
7a653abf22 Update JarAnalyze to resolve issue #127 
Updated JarAnalyzer to resolve issue #127 - duplicate package and package name evidence in the report.

Former-commit-id: ed40398c0b00e5fd5065705772ad15afaf5c7e0c
 2014-05-14 18:01:12 -04:00
Jeremy Long
9a96165655 Update JarAnalyze to resolve issue #127 
Updated JarAnalyzer to resolve issue #127 - duplicate package and package name evidence in the report.

Former-commit-id: 067643f7e99a7a4f36438b18c07e92a5e8544089
 2014-05-14 18:01:12 -04:00
Jeremy Long
ae09229107 updated version to 1.2.2-SNAPSHOT 
Former-commit-id: affbbe1f04a1e3de600e7498faa4f11c0d6d93c1
 2014-05-10 08:41:37 -04:00
Jeremy Long
994aef411c updated version to 1.2.2-SNAPSHOT 
Former-commit-id: e1b07457515dcab0f00c6a0b36fadb58ecc3deeb
 2014-05-10 08:41:37 -04:00
Jeremy Long
be35f48bdd updated to release version 1.2.1 
Former-commit-id: 1564da513f47b9256cb2e79918fcd2d6dd0091bb
 2014-05-10 08:32:34 -04:00
Jeremy Long
094a180935 updated to release version 1.2.1 
Former-commit-id: d908eed4538f0928c8b108348d9d46ce6d2f57e0
v1.2.1 		2014-05-10 08:32:34 -04:00
Jeremy Long
846173844e updated sample report 
Former-commit-id: 35d6cb454ad1c6440d60c4717f33cf1eed733c2b
 2014-05-10 07:25:42 -04:00