github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-16 00:33:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
4,393 Commits 7 Branches 56 Tags
59e29b7afea8ad2ca76c76647fcaba53b770cc4f
Commit Graph

4393 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Anthony Whitford
a5e77c85a6 Maven Site Plugin 3.5.1, Doxia 1.7.1, Ant 1.9.7, Maven 3.3.9. 2016-04-16 11:21:24 -07:00
Anthony Whitford
1e8d2aff75 Added code to avoid an unchecked cast warning. 2016-04-16 11:08:13 -07:00
Anthony Whitford
bc0a0f9902 Added missing serialVersionUID. 2016-04-16 11:07:19 -07:00
bjiang
da82f975e4 Add test for project url from pom.xml 2016-04-15 12:30:14 -04:00
bjiang
48af120db8 add project URL evidence from pom 2016-04-15 11:28:33 -04:00
Jeremy Long
8722eae766 version 1.3.6 v1.3.6 2016-04-10 07:06:07 -04:00
Jeremy Long
53776936ca fix FP per issue #469 2016-04-09 11:27:08 -04:00
Jeremy Long
dca465b801 fixed minor warning about file encoding during build 2016-04-09 07:31:40 -04:00
Jeremy Long
43cd115dc7 Merge pull request #482 from awhitford/DepUpg-160406 
Dependency Updates
 2016-04-09 06:59:29 -04:00
Jeremy Long
e7ba08e52c updated log message to assist in debugging an issue 2016-04-09 06:51:00 -04:00
Jeremy Long
9df12e6ff2 updated log message to assist in debugging an issue 2016-04-09 06:49:44 -04:00
Jeremy Long
b5c7fb747c updated log message to assist in debugging an issue 2016-04-09 06:38:37 -04:00
Anthony Whitford
a40a4afe80 SLF4J 1.7.21 released; commons-compress 1.11 released. 2016-04-06 21:39:27 -07:00
bjiang
739f595f13 improve python package identification 2016-04-05 16:12:14 -04:00
bjiang
e07e892969 Merge branch 'master' into ruby_dependency 2016-04-05 14:47:17 -04:00
Jeremy Long
d4a6c58cc8 upgrade the transitive dependency commons-collections 2016-04-05 12:08:16 -04:00
Jeremy Long
d644431a4e Merge pull request #479 from awhitford/SLF4J1720LB117 
SLF4J 1.7.20 and Logback 1.1.7 released.
 2016-04-03 07:41:54 -04:00
bjiang
33bbb50b43 Ruby .gemspec must before bundler analyzer to get proper package grouping 2016-04-02 13:51:15 -04:00
bjiang
f89d7df305 improve vendor evidences for .gemspec analyzer 2016-04-02 13:49:50 -04:00
bjiang
3b02cd0e39 bundling same Ruby packages from .gemspec and bundler analyzers 2016-04-02 13:48:25 -04:00
bjiang
52cd50e0a8 keep delimitor space in array value 2016-04-01 14:08:41 -04:00
bjiang
996a970081 fix version evidence name 2016-04-01 14:07:03 -04:00
bjiang
6c0b65acd4 capture licenses and homepage in Ruby bundler analyzer 2016-04-01 13:30:36 -04:00
Anthony Whitford
f4df263dfe SLF4J 1.7.20 and Logback 1.1.7 released. 2016-03-30 21:03:51 -07:00
bjiang
8c659acc82 new Ruby bundler analyzer 2016-03-30 20:20:10 -04:00
bjiang
7aba2429af merge from upstream 2016-03-28 14:23:09 -04:00
bjiang
ab48d2c2ff multiple improvements 2016-03-28 14:06:30 -04:00
Jeremy Long
0b699d45bf Merge pull request #467 from colezlaw/python-init 
Patch for jeremylong/DependencyCheck/#466
 2016-03-25 19:35:06 -04:00
Jeremy Long
54beafa262 Merge pull request #475 from biancajiang/master 
Fix test to skip the proper test case when bundle-audit is not available
 2016-03-25 19:34:34 -04:00
Jeremy Long
531d4923eb Merge pull request #470 from MrBerg/suppress-osvdb 
Make it possible to suppress vulnerabilities from OSVDB
 2016-03-25 19:33:43 -04:00
Jeremy Long
b160a4d1dd Merge pull request #478 from swapnilsm/master 
Added primary key to "software" table
 2016-03-25 19:32:45 -04:00
Swapnil S. Mahajan
ca54daf456 Added primary key to "software" table 
"software" is a bridge table so there should always be only one record for a pair of cpeEntryId and cveid.
 2016-03-25 16:55:53 +05:30
bjiang
a22fc550b3 #472 fix test to only skip the proper test case. 2016-03-21 11:38:52 -04:00
Jeremy Long
0650d93953 Merge pull request #474 from awhitford/SLF4J1719 
SLF4J 1.7.19 released.
 2016-03-21 08:18:41 -04:00
Jeremy Long
5633258fa7 Update README.md 2016-03-21 08:16:06 -04:00
Jeremy Long
12278cda58 Update README.md 
Fixed broken link to documentation.
 2016-03-21 08:12:39 -04:00
Jeremy Long
84d1f08fda updated documentation for NVD urls to match what is hosted by NIST 2016-03-21 07:58:02 -04:00
Jeremy Long
c184292a57 Merge pull request #473 from biancajiang/master 
Handle bundle-audit not available case and fix RubyBundleAuditAnalyzer test cases
 2016-03-21 07:52:17 -04:00
Anthony Whitford
4cdfcb9f9d SLF4J 1.7.19 released. 2016-03-20 20:47:07 -04:00
bjiang
343a78917c Fixed #472. Disable RubyBundleAuditAnalyzer if exception during initialize. 
changes:
1. disable self during initialize before bubbling exception
2. new test case RubyBundleAuditAnalyzerTest#testMissingBundleAudit()
 2016-03-20 17:06:03 -04:00
bjiang
ff7d0fdb9d #472 first fix and improve RubyBundleAuditAnalyzerTest.java 
Test were failing b/c Gemfile.lock and Gemfile were missing.
The files were missing b/c parent .gitignore them.
Changes:
1. Force added new test files, and updated test with more result
validation.
2. Added error logging from bundle-audit.
3. place holder for bundle-audit install directory in test
dependencycheck.properties.
 2016-03-20 15:54:24 -04:00
Jonas Berg
db26b46be0 Make it possible to suppress vulnerabilities from OSVDB 2016-03-16 13:59:23 +02:00
Will Stranathan
d77a70c360 Patch for jeremylong/DependencyCheck/#466 
This does two things:
1) Updates the PythonPackageAnalyzer to HIGH evidence for __init__.py
2) Removes evidence from the FileNameAnalyzer for __init__.py[co]?

TODO: Need for the PythonPackageAnalyzer to still add evidence for
__init__.py[co] even though it won't be able to analyze the contents of
it. Also, need to work up the tree for __init__.py files to get the
parent folders (not sure why subfolders are not being inspected).
 2016-03-12 15:09:43 -05:00
Jeremy Long
42f4ae65d1 Merge pull request #463 from chadjvw/master 
Updated Oracle init script
 2016-03-07 20:43:05 -05:00
Chad Van Wyhe
88daac31d2 Merge pull request #1 from chadjvw/oracle-init-fix 
fixed trigger compilation and added version number
 2016-03-07 12:59:02 -06:00
Chad Van Wyhe
ac04c173a8 fixed trigger compilation and added version number 2016-03-07 12:55:18 -06:00
Jeremy Long
8401494fbc Merge pull request #462 from thc202/issues-page-gradle-purge 
Fix issues in Gradle's dependencyCheckPurge task site page
 2016-03-06 18:54:03 -05:00
Jeremy Long
97af118cb9 Merge pull request #461 from thc202/broken-link-readme 
Fix broken link in README.md file... Thanks!
 2016-03-06 18:53:12 -05:00
thc202
091e6026bc Fix issues in Gradle's dependencyCheckPurge task site page 
Fix broken link to dependencyCheckUpdate task page, remove repeated
closing character ']'.
Replace $H with # in the heading of the example.
 2016-03-06 23:46:12 +00:00
thc202
c798ede7bf Fix broken link in README.md file 
Correct the link to NOTICE.txt file, change from NOTICES.txt to
NOTICE.txt.
 2016-03-06 23:46:04 +00:00