github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-15 08:13:43 +01:00
Code Issues Packages Projects Releases Wiki Activity
2,661 Commits 7 Branches 56 Tags
70859eb7196bbac7b10e416d047c8d845c88bfbd
Commit Graph

923 Commits

Author SHA1 Message Date
Jeremy Long
70859eb719 checkstyle correction 
Former-commit-id: 6ce90b5c6d192835568995cd33d56330cea53cfb
 2015-03-05 06:15:43 -05:00
Jeremy Long
ff0daa8d66 reverted to lucene 4.7.2 - new versions of lucene are built using JDK 1.7+ and cause issues for the dependency-check Maven Plugin 
Former-commit-id: 514cc4922c7f00f55b1dcd102f6d45491e90a5d8
 2015-03-01 21:43:52 -05:00
Jeremy Long
09f1a0ac92 checkstyle corrections 
Former-commit-id: 6e12b975c1975566ebef47fedef24c179a753e05
 2015-03-01 10:00:13 -05:00
Jeremy Long
e562be77f6 additional hints added for spring 
Former-commit-id: e9e26f6c31b4ae220e1e7686efe6388638ec7c99
 2015-03-01 08:22:56 -05:00
Jeremy Long
af7c6bc2a0 additional patch for issue #196 
Former-commit-id: 10b55f932b5ee52fa1f9ae3b96c15649dd5d6062
 2015-03-01 07:01:24 -05:00
Jeremy Long
e49cbcf345 Merge pull request #198 from colezlaw/master 
Modified NexusAnalyzer to download POM if required

Former-commit-id: 286748f7227706fb0dd49ecd3fd26c127581e7a6
 2015-02-28 13:36:27 -05:00
Jeremy Long
9833ff20d1 changed access modifier so tests will pass 
Former-commit-id: 95ccefd362c0dbea2dbc33f7aeea2d515f5e8b6c
 2015-02-28 07:13:52 -05:00
Jeremy Long
56aea8ad24 Merge branch 'master' of https://github.com/jeremylong/DependencyCheck 
Former-commit-id: 9d51cd721bb160351b4fc6ff27e835b8e3d2820b
 2015-02-26 08:47:30 -05:00
Jeremy Long
d530eddc57 final commit to patch issue #185 
Former-commit-id: 1e77bec21239a0ea228795df7bfa5678d9930d6c
 2015-02-26 08:47:07 -05:00
Will Stranathan
1eab76aab8 Updated error messages to reflect Nexus 
Former-commit-id: 60bd62aebbf52844150a58fe4afea45be867f249
 2015-02-22 14:56:25 -05:00
Will Stranathan
167dbd7368 Merging upstream/master 
Former-commit-id: f77993de8ea6e0de68d4b5cd0da653692ffcbaa9
 2015-02-22 14:55:27 -05:00
Jeremy Long
2594fb1c5f removed unused collection 
Former-commit-id: 5f3c6eab38eae99fef70909650a5eddf2a374a56
 2015-02-22 10:57:52 -05:00
Jeremy Long
c57d21e9bc Merge pull request #199 from hansjoachim/upgrade 
Upgrade jmockit to latest version

Former-commit-id: 3e0228c85439742b8188b6b3bf3ba8c8e16bfb82
 2015-02-22 10:28:47 -05:00
Jeremy Long
9c15bdfe41 Merge branch 'master' of https://github.com/jeremylong/DependencyCheck 
Former-commit-id: 7a189b5240ff2c831c6d6f42555148f5f00586bd
 2015-02-22 10:24:59 -05:00
Jeremy Long
df606674db added referenced projects to the report to resolve issue #185 
Former-commit-id: 61eb8b70dccedf12b745d4c9a73e8f6bc2a0f9c8
 2015-02-22 10:22:44 -05:00
Hans Joachim Desserud
b53de8c69b Move jmockit to dependencyManagement so that we get a common version in all places it is used 
Former-commit-id: 2cfab936074b17a8f9b080a5272c6da757e32921
 2015-02-22 12:50:52 +01:00
Hans Joachim Desserud
25238d5fb5 Prefer interfaces over concrete classes. I have updated internal usage and accepted parameters. I have not touched return values for public/protected methods since they may be called externally and I don't want to break assignments from these. 
Former-commit-id: e534f9acf569a258dd72a568dfe69e70486eb697
 2015-02-22 12:19:49 +01:00
Hans Joachim Desserud
cf677bd70e Prefer checking isEmpty over size() > 0. Plus fix some typos 
Former-commit-id: 754f300c0b120c0c9098c17c19dbd11aa7a39844
 2015-02-22 11:42:14 +01:00
Hans Joachim Desserud
7c4cc1334b Place array designator on the type instead of the variable 
Former-commit-id: 2e29bc1c61400e3bdb6b35b0b21a5cbb04cbf37a
 2015-02-22 11:05:58 +01:00
Hans Joachim Desserud
ff4a1e0ac6 Place modifiers in expected order 
Former-commit-id: 0cf3616fd9a737f4ca143b6f46165bdbf0e14aec
 2015-02-22 10:58:31 +01:00
Will Stranathan
13d7d29630 Modified NexusAnalyzer to download POM if required 
NexusAnalyzer previously would just get GAV for a
match, but the POM may be separate from the jar
and contain other valuable information. This
includes refactoring of the analyzePom into
PomUtils.


Former-commit-id: f7311e08324d8bc6a5860f4be2b0e409fdcf9ba3
 2015-02-19 21:08:45 -05:00
Jeremy Long
889f315c0a general checkstyl, findbugs, and PMD corrections 
Former-commit-id: ec59d464725a33d8c07c79bf7128036a10fe1890
 2015-02-18 21:09:38 -05:00
Jeremy Long
5a0e280899 Merge pull request #197 from ahi/master 
Removes the test for default Maven repository directory.

Former-commit-id: cc261e0e6b54e169862118003bb639d52f5c94ba
 2015-02-18 20:17:17 -05:00
Jeremy Long
ccb5e234b3 moved methods from JarAnalyzer to the new PomUtils so that a POM could be parsed and analyzed within other analyzers (part of patch for issue #196) 
Former-commit-id: 4e649f678e59f4eaf379eba21a6ad87348fe8525
 2015-02-18 20:14:04 -05:00
Jeremy Long
a28c2819fa added pom URL as part of patch for issue #196 and improved the URL provided for the jar file itself 
Former-commit-id: 8f485f53031a7e244d4a8f8d0c055e6b38fca746
 2015-02-18 20:09:42 -05:00
Jeremy Long
40beec2e40 additional parsing of the data from Central was used to determine if the POM file is available in Central (part of the patch for issue #196) 
Former-commit-id: 1805be75b101546b166c9eb4ad1efc30e53983cf
 2015-02-18 20:08:14 -05:00
Jeremy Long
d136aeda84 pom parsing was externalized so that it could be used in multiple locations to assist in the resolution of issue #196 
Former-commit-id: cbdde3b4b2dcabf0ff9e3f49cc3d36c62e67a1bb
 2015-02-18 20:06:51 -05:00
Jeremy Long
fdd6c47cd5 if pom was not found/analyzed by the JAR Analyzer and the POM exists in Central it is downloaded, parsed, and the resulting evidence is added to the dependency to resolve issue #196 
Former-commit-id: 9a36b30d4d4c265a41ae95bf5a9e95b281349425
 2015-02-18 20:05:00 -05:00
Jeremy Long
c5a2b5b3d8 minor code cleanup, reformatting, and added some additional verbose logging 
Former-commit-id: 9d6cf651a22a679f155a04313a09de56c90e0399
 2015-02-18 19:56:56 -05:00
Ahmet Kiyak
babe4739c5 Removes the test for default Maven repository directory. 
Error: If the M3_REPO directory is not set to a path that contains */m2/repository/* the DependencyCheck doesn't read <library>.pom file. Some dependencies like "spring-core-3.2.0.RELEASE.jar" are not found due to this error.

Fix: Remove the test for default Maven repository directory. The existing check for the existence of <library>.pom file is sufficient.

Former-commit-id: 8d7c51f611b5d26d505cfc3fe9f8b94c12174000
 2015-02-17 18:57:24 +01:00
Jeremy Long
49e8ee443c added generic methods to get references to resources to resolve issue #181 
Former-commit-id: 465d3310b1ad5b54e49ab65e5e0e4b003f79998b
 2015-02-13 06:18:56 -05:00
Jeremy Long
a5d8ce07d8 added @Ignore due to test case failure - this analyzer may need to be removed 
Former-commit-id: d3a2112342b66ab1b012678a7adf5b5492e9669f
 2015-02-13 06:17:29 -05:00
Jeremy Long
babc016b48 added project references 
Former-commit-id: ba4a058648203b8749b31e889994a5ddfc72d7b3
 2015-02-12 20:49:04 -05:00
Jeremy Long
a5f378d755 removed commented out code 
Former-commit-id: db1075a0d07f4c5af904691e200b3792533521b3
 2015-02-12 20:48:36 -05:00
Jeremy Long
423f26852f updated URL to central 
Former-commit-id: b2b0741a5c32de3dbfd6e2d7953447b3348ad7e5
 2015-02-08 19:28:04 -05:00
Jeremy Long
f931412bee changed the url for Maven Central 
Former-commit-id: cfe3c6efd45094b1a12d8e147e1d121064b48630
 2015-02-08 07:50:29 -05:00
Jeremy Long
d79d5b5f33 added project references as part of patch for issue #185 
Former-commit-id: 3146c47f89031eaf09e513b6eb757bcc98ee9edf
 2015-02-08 07:17:16 -05:00
Jeremy Long
4c5489efd3 added project references as part of patch for issue #185 
Former-commit-id: 5a4473d0b91b28de8c5caaba51ceed42e670532c
 2015-02-08 06:59:06 -05:00
Jeremy Long
a841027d48 added additional supporessions 
Former-commit-id: a9810fa2e2051204d481e975de0922ec7d4183ef
 2015-02-07 18:15:41 -05:00
Jeremy Long
73bea8e63f removed ignoreTrivial from the cobertura configuration to resolve NPE exceptions 
Former-commit-id: 228db3acc3260c5c0e8b4b0f4cf701993c33aaa1
 2015-02-04 07:26:06 -05:00
Jeremy Long
3b6a2a2908 added test dependency to verify the fix for issue #180 
Former-commit-id: 7f90c990b90b7a76a06be2318e578a98f8a7db13
 2015-01-30 05:31:42 -05:00
Jeremy Long
c2b757ad6f re-added the struts1/2 fix and fixed other bugs in patch for issue #180 
Former-commit-id: 93d45b91a46171788ac1a6c703055e5f196dcc0d
 2015-01-28 18:50:51 -05:00
Jeremy Long
efeba40f2b fixed bug in patch for issue #180 
Former-commit-id: a547268f56b373a6959d1be212629f39d66581d6
 2015-01-27 06:57:51 -05:00
Jeremy Long
018e4bc382 patch for issue #180 
Former-commit-id: 95760c8ee82b1e382dc3785525ac6027c0be8069
 2015-01-25 11:15:43 -05:00
Jeremy Long
4461c2e4a4 patch to resolve the issue with xmltooling discussed in issue #186 
Former-commit-id: c3327bee9055c91659648d4835f8436478e7f41d
 2015-01-21 18:58:51 -05:00
Jeremy Long
1c4aceb0fb added additional optional dependencies for testing purposes for issue #186 
Former-commit-id: 5111120fee1f04a39e3144beb234895275581899
 2015-01-21 18:58:08 -05:00
Hans Joachim Desserud
63c7a9d926 And since the annotation was switched to avoid name collision, the full name is no longer needed 
Former-commit-id: ddbe16d074ca2fed635c2e9f4ca8157af0fe9c24
 2015-01-11 11:09:02 +01:00
Hans Joachim Desserud
6609481cc1 Switch to non-deprecated FindBugs-SuppressWarnings tags which should avoid name collision 
Former-commit-id: a4a978ee4a6621033064488a71577bdb93cddab4
 2015-01-10 21:23:44 +01:00
Hans Joachim Desserud
a37853def6 Also StandardAnalyzer can use the Version-less constructor. The superclass Analyzer will actually default to LUCENE_CURRENT which is equivalent with LATEST which was sent in 
Former-commit-id: 43c8e3350b72bac8eb952ff138887c7232ecb39c
 2015-01-10 19:52:42 +01:00
Hans Joachim Desserud
9f348cfa16 The Version-less constructor for StopFilter will simply default to Version.LATEST under the hood which is exactly what we send in. 
Former-commit-id: cc3010532e9203d663d977f0df0892d8f5694b5f
 2015-01-10 19:41:25 +01:00