github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-15 00:03:43 +01:00
Code Issues Packages Projects Releases Wiki Activity
3,368 Commits 7 Branches 56 Tags
b3a55cc85db4e022425b8b88d8773343e27cd014
Commit Graph

1360 Commits

Author SHA1 Message Date
Dale Visser
b3a55cc85d Ruby bundler: extracted method 2015-08-30 13:57:30 -04:00
Dale Visser
036200350d Ruby bundler: add needed null checks to avoid NPEs. 2015-08-30 13:50:22 -04:00
Dale Visser
713e9658c5 Ruby bundler: got description working. Added boilerplate text describing differences from standard D-C vulnerability report. 2015-08-29 12:29:44 -04:00
Dale Visser
782039810e Ruby Bundler: Added URL to report. 2015-08-29 11:33:16 -04:00
Dale Visser
b473d8ab9c Ruby Bundler: Added URL to report. 2015-08-29 11:28:38 -04:00
Dale Visser
2eb6918fb3 Ruby Bundler: Clean up report a little bit, and grouped vulnerabilities under dependencies, when appropriate. 2015-08-29 11:06:24 -04:00
Dale Visser
6f4ce34840 Ruby Bundler: Added CVSS score and a little hack to avoid dependency bundling. 2015-08-28 21:31:01 -04:00
Dale Visser
8853552161 Ruby Bundler: Successfully adding vulnerability into report, though all displayed info not looking great. 2015-08-28 19:56:35 -04:00
Dale Visser
95d3d17d83 Ruby Bundler: Now successfully creating temp files for dependency objects. 2015-08-28 13:58:49 -04:00
Dale Visser
a0492fe944 Merge branch 'upmaster' into ruby-bundler 
Conflicts:
	dependency-check-core/src/main/resources/META-INF/services/org.owasp.dependencycheck.analyzer.Analyzer
 2015-08-27 14:05:36 -04:00
Dale Visser
c60245ea2b Node.js Analyzer: Switched from org.json to Glassfish JSR 353 reference implementation. 2015-08-25 17:28:17 -04:00
Dale Visser
9e25480baa Merge branch 'upmaster' into node-js-analyzer 
Conflicts:
	dependency-check-cli/src/main/java/org/owasp/dependencycheck/App.java
	dependency-check-cli/src/site/markdown/arguments.md
	dependency-check-core/src/main/resources/META-INF/services/org.owasp.dependencycheck.analyzer.Analyzer
 2015-08-25 13:03:12 -04:00
Jeremy Long
e484c5754e Merge pull request #312 from dwvisser/rubygems-analyzer-pr 
Rubygems analyzer
 2015-08-25 05:31:10 -04:00
Jeremy Long
481e753ad4 corrected spring-security false positives per issue #319 and #311 2015-08-23 06:45:35 -04:00
Dale Visser
271016f0fa Added verbose flag to get as much reportable info as possible. 2015-08-19 15:33:50 -04:00
Dale Visser
4493f895c6 Added test resources to cover interesting bundle-audit cases. 2015-08-19 15:26:17 -04:00
Dale Visser
5c32ecd8e1 Ruby Analyzer: Added bundle-audit analyzer. So far just launches if available and logs the output. 2015-08-18 16:59:39 -04:00
Dale Visser
2db1f8d2b6 Random fixes to issues found by IntelliJ IDEA code inspection. 2015-08-17 18:55:51 -04:00
Dale Visser
235869fc79 rubygems: Reformat and consisitent parameter naming in private methods. 2015-08-12 12:08:05 -04:00
Dale Visser
89166e81fb rubygems: Add summary to evidence, inline constants that were only being used once. 2015-08-12 12:08:05 -04:00
Dale Visser
2d109b81cf rubygems: Used substring(int) to remove the need for Matcher.find(int). 
Also fixed javadoc, made some variables final, shortened a variable name.
 2015-08-12 12:06:18 -04:00
Dale Visser
5c02b4dccb rubygems: Added new analyzer to META-INF/services. Confirmed correlation with CPE in CLI. 2015-08-12 12:06:18 -04:00
Dale Visser
e7f154b58d rubygems: Various refactoring improvements. 2015-08-12 12:00:56 -04:00
Dale Visser
c0752575c6 rubygems: All evidence assertions now passing. 2015-08-12 12:00:43 -04:00
Dale Visser
7eb2c89f39 rugygems: Added gemspec test resources, test cases, and minimal code to run tests and have evidence gathering test fail. 2015-08-12 11:58:46 -04:00
Jeremy Long
c856d01b52 removed un-needed dependencies 2015-08-09 16:05:14 -04:00
Dale Visser
7a535b2576 node.js: Added parent folder to display file name. Added try-catch for JSONException, logging warning message in that case. 2015-08-09 11:32:57 -04:00
Dale Visser
4b17fd88a3 node.js: Adding name_project to vendor evidence, as many node.js projects seem to follow this pattern with their CPEs. Also, logging warnings whenever JSON parse doesn't go as expected. 2015-08-09 11:18:16 -04:00
Jeremy Long
8d1f3f723f version 1.3.1-SNAPSHOT 2015-08-09 10:25:44 -04:00
Jeremy Long
37f50db00e removed related dependencies from hashCode and equals to resolve issue #293 2015-08-09 09:56:20 -04:00
Jeremy Long
ccb87f43b7 made suppression notes textarea readonly to resolve issue #306 2015-08-09 09:36:55 -04:00
Jeremy Long
d569f39f53 Merge branch 'master' of github.com:jeremylong/DependencyCheck 2015-08-09 09:10:32 -04:00
Jeremy Long
fb3951772f fixed errors due to null values per issue #309 2015-08-09 09:10:18 -04:00
Dale Visser
b4c3046ab5 node.js: Added package.json eveidence gathering, using json.org package for the parsing. 2015-08-07 15:41:01 -04:00
Dale Visser
2441b92bc6 node.js: Initial commit, with analysis test failing. 2015-08-07 14:43:08 -04:00
Dale Visser
1f074ff400 290: Further refactoring for readability. 2015-08-05 17:42:25 -04:00
Dale Visser
4764f61b48 290: Added unit tests and implementation to support bzip2. 2015-08-05 17:42:10 -04:00
Dale Visser
56424924bb 290: Extracted some methods to reduce average method size, and eliminate some duplicate code. 2015-08-05 17:42:10 -04:00
Jeremy Long
d529e88242 version 1.3.0 2015-08-04 21:19:19 -04:00
Jeremy Long
624f52882e modified how generated keys were returned in an attempt to resolve issue #296 2015-08-02 06:28:05 -04:00
Jeremy Long
44f37c12c3 checkstyle corrections 2015-08-01 06:49:55 -04:00
Will Stranathan
c4d26f9194 Removed i18n for SLF4J logging as it was preventing build on jdk1.6 2015-07-29 18:29:09 -04:00
Jeremy Long
79b59f2aae checkstyle/pmd/findbugs recommended updates 2015-07-29 07:00:30 -04:00
Jeremy Long
5444253ed6 added more CVSS details per issue #154 2015-07-27 06:56:23 -04:00
Jeremy Long
dd3758af43 manually merged PR #270 
Former-commit-id: 9d4504942f229a7462d59b292e478ea2289ecfed
 2015-07-24 06:44:54 -04:00
Jeremy Long
ee969a5ed9 manually merged PR #278 
Former-commit-id: 7811e5832e680589e5b1734e775ee8cab92dd30f
 2015-07-24 05:36:32 -04:00
Jeremy Long
a547a219a4 grammar police caught me (#285) 
Former-commit-id: 83a94b573aea686ba8cc8c6620e1495c46cd425b
 2015-07-23 05:16:39 -04:00
Jeremy Long
d4eba634ea reduced logging levels in test as build issue was resolved 
Former-commit-id: e1c8cd3ef9f19d5c0d17dc59d6feed6474118602
 2015-07-22 06:45:17 -04:00
Jeremy Long
97d3a2986c corrected merge conflict 
Former-commit-id: 5653364b7053ae119dd2d0a604258ccd80f4a061
 2015-07-21 07:06:11 -04:00
Jeremy Long
d3b20757ef changed to BaseDBTest instead of BaseTest to reesolve build errors per issue #273 
Former-commit-id: 392b26cac4595d6dd6c9a4ffbd2d76f851c8c7ed
 2015-07-21 07:04:39 -04:00