github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-17 09:06:55 +01:00
Code Issues Packages Projects Releases Wiki Activity
3,892 Commits 7 Branches 56 Tags
84b992d3a189cb193c4d6c2e30e084fcd132b084
Commit Graph

76 Commits

Author SHA1 Message Date
Jeremy Long
84b992d3a1 Merge branch 'fix-cvss-for-bundle-audit' of git://github.com/geramirez/DependencyCheck into geramirez-fix-cvss-for-bundle-audit 2016-04-30 11:02:16 -04:00
Dave Goddard
0f37c2b59c Adding sinatra fixture 
Signed-off-by: Gabriel Ramirez <gabriel.e.ramirez@gmail.com>
 2016-04-29 16:17:51 -04:00
Jeremy Long
abebecac4a updated parser and tests to revert to old suppression schema if new schema fails 2016-04-24 09:06:00 -04:00
Jeremy Long
deda02f879 updated suppression schema to require a CPE, CVE, or CVSS Below per issue #488 2016-04-24 07:20:11 -04:00
bjiang
ff7d0fdb9d #472 first fix and improve RubyBundleAuditAnalyzerTest.java 
Test were failing b/c Gemfile.lock and Gemfile were missing.
The files were missing b/c parent .gitignore them.
Changes:
1. Force added new test files, and updated test with more result
validation.
2. Added error logging from bundle-audit.
3. place holder for bundle-audit install directory in test
dependencycheck.properties.
 2016-03-20 15:54:24 -04:00
Dale Visser
2ed5dc153a Fixed merge conflict in App.java 2015-11-23 13:27:22 -05:00
Jeremy Long
aa9908b34a updated test properties w/ changes that had been made in the main properties 2015-10-25 06:22:30 -04:00
Jeremy Long
3b6c64dc9d move test resource to correct directory 2015-10-13 19:03:33 -04:00
Jeremy Long
3b976d211f upgrdae db schema version 2015-10-12 06:15:24 -04:00
Dale Visser
a0492fe944 Merge branch 'upmaster' into ruby-bundler 
Conflicts:
	dependency-check-core/src/main/resources/META-INF/services/org.owasp.dependencycheck.analyzer.Analyzer
 2015-08-27 14:05:36 -04:00
Dale Visser
9e25480baa Merge branch 'upmaster' into node-js-analyzer 
Conflicts:
	dependency-check-cli/src/main/java/org/owasp/dependencycheck/App.java
	dependency-check-cli/src/site/markdown/arguments.md
	dependency-check-core/src/main/resources/META-INF/services/org.owasp.dependencycheck.analyzer.Analyzer
 2015-08-25 13:03:12 -04:00
Dale Visser
4493f895c6 Added test resources to cover interesting bundle-audit cases. 2015-08-19 15:26:17 -04:00
Dale Visser
7eb2c89f39 rugygems: Added gemspec test resources, test cases, and minimal code to run tests and have evidence gathering test fail. 2015-08-12 11:58:46 -04:00
Dale Visser
2441b92bc6 node.js: Initial commit, with analysis test failing. 2015-08-07 14:43:08 -04:00
Dale Visser
4764f61b48 290: Added unit tests and implementation to support bzip2. 2015-08-05 17:42:10 -04:00
Jeremy Long
dd3758af43 manually merged PR #270 
Former-commit-id: 9d4504942f229a7462d59b292e478ea2289ecfed
 2015-07-24 06:44:54 -04:00
Jeremy Long
ee969a5ed9 manually merged PR #278 
Former-commit-id: 7811e5832e680589e5b1734e775ee8cab92dd30f
 2015-07-24 05:36:32 -04:00
Jeremy Long
a547a219a4 grammar police caught me (#285) 
Former-commit-id: 83a94b573aea686ba8cc8c6620e1495c46cd425b
 2015-07-23 05:16:39 -04:00
Jeremy Long
d4eba634ea reduced logging levels in test as build issue was resolved 
Former-commit-id: e1c8cd3ef9f19d5c0d17dc59d6feed6474118602
 2015-07-22 06:45:17 -04:00
Jeremy Long
8cd68c7c16 improved logging 
Former-commit-id: 5b6741a1d561cbf4c20ef98907ce99a2b245b42e
 2015-07-17 08:45:43 -04:00
Jeremy Long
6a2ed23822 switched to debug logging in test 
Former-commit-id: 4d42f08ac2fdc58ce1eeb4ab3f27d1efa72a6a46
 2015-07-17 08:24:33 -04:00
Dale Visser
2d92c9d240 Commented out first instance of cpe.url, and moved 2nd instance up. Assumption: the 2nd value was being used. 
Former-commit-id: 2cae0ca086b2fb666d883dc1a3fbcb174465aa2b
 2015-07-14 18:00:45 -04:00
Dale Visser
e5fdda60fc Merge branch 'upmaster' into openssl-source-analyzer 
Conflicts:
	dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/PythonPackageAnalyzerTest.java

Former-commit-id: 6d92982227ad0ff7c4381d03eb1bf542dfe7697f
 2015-07-09 16:14:54 -04:00
Jeremy Long
0a4c3102dd reverted changes as a schema upgrade is not needed at this time 
Former-commit-id: 6f97fef5748a3d630a73f790cca8baa4753e1d7a
 2015-07-09 07:07:10 -04:00
Jeremy Long
54094ebc21 removed unfinished JavaScriptAnalyzer 
Former-commit-id: 9d7d7e82da91cea21ea87b8d933093e738571ba2
 2015-07-09 06:37:29 -04:00
Jeremy Long
9daa9b6cca reorganized code, made the database file name version independent so that upgrades can be made, and implemented a CPE updates per issue #149 
Former-commit-id: fdb57afa28ecffdb7ca90971851844718ecb8bb9
 2015-07-08 06:20:19 -04:00
Dale Visser
c214b70459 OpenSSL: Analyzer unit test passes. 
Former-commit-id: 06d36762375a5fc55bc7f30a7857713ce332fceb
 2015-07-07 17:37:31 -04:00
Jeremy Long
44893a2a2c added CPE entries to patch issue #149 
Former-commit-id: 472d5456e6a8a9d569908ce8da4f64d05afa96c7
 2015-07-04 06:40:39 -04:00
Jeremy Long
aa66e5ab15 removed unused JUL properties file 
Former-commit-id: e02cb926d9c52fbd6f8e99dc612dea6707fac51a
 2015-06-22 05:54:18 -04:00
Jeremy Long
802e4fc238 changed default logging for tests to INFO 
Former-commit-id: 45b4dc2707e0a267d2ef41a84627c5fee5ba92f1
 2015-06-22 05:53:51 -04:00
Jeremy Long
13db27854b logback test configuration 
Former-commit-id: f7af8edab353b7900eb20f088707ad9c38d9330e
 2015-06-21 20:12:31 -04:00
Dale Visser
cc3a72f4fd AutoconfAnalyzer: Added 'configure' extension for analyzing Autoconf 
output configure scripts for the package metadata shell variables
generated by autoconf. Passing tests that look at metadata generated
in Readable's and Binutil's configure scripts.

Former-commit-id: d20bb17ccf4fde848dede4b87805241387e73f89
 2015-06-03 14:50:24 -04:00
Dale Visser
e960fd31fa AutoconfAnalyzer: Added unit test for Readable's configure.ac, which makes full usage of 
available AC_INIT parameters.

Former-commit-id: e545f3f85b70f15c1650528af9afd940984478a1
 2015-06-03 14:49:45 -04:00
Dale Visser
132fb87c2c Initial AutconfAnalyzer implementation, along with passing unit tests utilizing 
GNU Ghostscript's configure.ac.


Former-commit-id: 50f2c5bc8ba83f346471cde091b4cc46947ed246
 2015-06-03 14:39:49 -04:00
Dale Visser
511d2b9457 Added PythonPackageAnalyzer, for directly analyzing Python library, a.k.a., 
package, source code.


Former-commit-id: 3154ea4ecddd794cb3e7f3686972fd7a6cc2177c
 2015-04-14 10:37:38 -04:00
Dale Visser
bf96c24ec3 Added capability to scan Python egg distribution format (.egg and .zip). 
Changed copyright notices to IDA, and added as possible copyyright holder in
checkstyle-header file, and some whitespace fixes.


Former-commit-id: ac4288dff7c3c40e64dc733791c80035f73cc602
 2015-04-14 10:36:28 -04:00
Dale Visser
e328ec990c Added capability to scan extracted egg and wheel metadata in the local Python 
environment.


Former-commit-id: b0259d38134bf18b1eb72db9951dbe2d04ba8fb9
 2015-04-14 10:32:04 -04:00
Dale Visser
a5dee0cb27 Added PythonDistributionAnalyzer, including unit tests with test data, with 
capability to analyze the Python wheel distribution format. Using
javax.mail.internet.InternetHeaders to parse metadata files.


Former-commit-id: 478ab6be7b0f30f7991144039e33a6f69dd261ed
 2015-04-14 10:30:36 -04:00
Jeremy Long
9554a30286 added test dependency 
Former-commit-id: 424bb6900a580fd5fa1e58979e28329273a17199
 2015-04-06 19:59:56 -04:00
Jeremy Long
8772cda47a added property to resolve issue #82 
Former-commit-id: 711d6f538901aff6a9467fba460b62905dce75b4
 2014-12-06 10:20:46 -05:00
Jeremy Long
aa126039e5 updated NVD CVE URLs to use gzipped files 
Former-commit-id: 25c0c2e5df3a6626fae5401209fac93b105b3392
 2014-11-15 08:21:44 -05:00
Will Stranathan
b57ef7291f No more separate proxy configuration for Central search. Renamed everything to do with Solr to Central. 
Former-commit-id: 4bcee86abf4415bfafc386d10018d9fcb2f6cec4
 2014-11-09 21:07:26 -05:00
Will Stranathan
e5ff2cff4e Squashed commits for the new Solr/Central Search capability 
Former-commit-id: 28ca3ca0ff5de4e097082f6f73003c0a67455efd
 2014-11-08 10:54:02 -05:00
Will Stranathan
931110ba6c Initial checkin of work on a Solr analyzer which will replace Nexus on Internet checks 
Former-commit-id: 09337f6416fa3140c00413426e17e39c4a1fadc6
 2014-11-08 08:47:42 -05:00
Jeremy Long
894263809c added base flag to one suppression entry 
Former-commit-id: 7d6bbf36e5e35c2ee2fe8c901281996a34706036
 2014-09-13 05:39:38 -04:00
Jeremy Long
d9d646c5fb fixed connection string property 
Former-commit-id: 951cf212c80a52909cc2dd66e843b63b35991045
 2014-07-19 13:57:36 -04:00
Jeremy Long
f28b566992 added data.file_name and data.version 
Former-commit-id: e692a13a216ec6808e3fd92397fd3c50854cfa56
 2014-07-19 07:37:11 -04:00
Jeremy Long
46702bbb5c moved checkSumTest.file, checksum.java, and checksumTest.java to dependency-check-utils 
Former-commit-id: 0c05e466b5fe071ca55552660d471431572c0558
 2014-07-17 06:03:21 -04:00
Jeremy Long
d7e46b1693 corrected the connection string in the test properties 
Former-commit-id: 1c37d4bd4de49cddc34b92a27875e0a07eee600f
 2014-07-17 06:00:59 -04:00
Jeremy Long
cda0dfdafe updated test case and related data 
Former-commit-id: 513602f48b6d599b43848f0a88537190084e9cbf
 2014-05-03 12:30:29 -04:00