github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-15 00:03:43 +01:00
Code Issues Packages Projects Releases Wiki Activity
3,968 Commits 7 Branches 56 Tags
c4b423cb0f889d2e244d23f295a8fbff2d238eee
Commit Graph

1531 Commits

Author SHA1 Message Date
Jeremy Long
c4b423cb0f additional tests resources to fix issue #503 2016-06-05 06:32:11 -04:00
Jeremy Long
b295e927b7 resolved merge conflict 2016-06-04 09:09:57 -04:00
Jeremy Long
63d24737dd Merge pull request #506 from jabbrwcky/issue-503 
Thanks for the test cases
 2016-06-04 07:47:44 -04:00
Jeremy Long
60ce02ba28 improved logging to assist in resoloving issue #503 2016-06-04 07:46:42 -04:00
Jeremy Long
95939ed66c added javadoc per checkstyle 2016-06-04 07:45:07 -04:00
Jeremy Long
7f609a35be added javadoc per checkstyle 2016-06-04 07:44:42 -04:00
Jeremy Long
f7b534f1ee checkstyle correction 2016-06-04 07:44:08 -04:00
Jens Hausherr
e79da72711 Use batch update for references and vulnerable software if supported by DB. 2016-06-03 10:22:54 +02:00
Jens Hausherr
1ba081959b Accidentially dropped some imports 2016-06-03 10:09:28 +02:00
Jens Hausherr
578dc63652 Vulnerable Software: Compact toString() output; remove accessor calls for own properties 2016-06-03 09:54:25 +02:00
Jens Hausherr
fccd683b50 add toString() for Vulnerability 2016-06-03 09:52:35 +02:00
Jens Hausherr
f3d3a25856 Add more test cases 2016-06-03 09:50:28 +02:00
Jens Hausherr
6d70c92795 Add to String-Method to Reference 2016-06-03 09:41:48 +02:00
Jeremy Long
d13bbd43f3 added experimental flag to force users to enable this and by doing so understand that these may not be as production ready as the Java analyzer (see issue #498) 2016-05-30 08:09:14 -04:00
Jeremy Long
0394d1a24f checkstyle correction - reduced method length 2016-05-30 07:59:53 -04:00
Jeremy Long
05d7aa898d minor reformatting to reduce line length (checkstyle) 2016-05-30 07:37:44 -04:00
Jens Hausherr
ae5a766092 Limit split to fix #503 2016-05-27 15:07:59 +02:00
Jeremy Long
6a807bc002 checkstyle/findbugs corrections 2016-05-25 17:21:46 -04:00
Tilmann H
2906b315b3 Update initialize_mysql.sql 
lower cased "properties" in UPDATE statement
 2016-05-25 11:36:09 +02:00
Jeremy Long
425fd65bd8 added more false positive suppressions 2016-05-21 07:09:08 -04:00
Jeremy Long
7d83362a85 removed stack trace from build when ruby and bundle-audit are not installed 2016-05-15 07:49:17 -04:00
Jeremy Long
0b26894112 checkstyle/pmd/findbugs correction(s) 2016-05-15 07:48:26 -04:00
Jeremy Long
71ef8061f9 merge conflict resolved 2016-05-15 07:29:17 -04:00
Jeremy Long
353b17690f checkstyle/pmd/findbugs correction(s) 2016-05-15 07:22:52 -04:00
Jeremy Long
6790727260 ensured resources are properly closed 2016-05-15 07:02:18 -04:00
Jeremy Long
ea942398e3 updated test case to use the correct parent class that allows for use of the database during testing 2016-05-15 06:45:57 -04:00
Jeremy Long
6f451736ba Add ability to flag analyzers as experimental so that they are not always enabled 2016-05-14 07:20:53 -04:00
bjiang
9d1408be20 do not use actual path for packagePath from compress case 2016-05-13 13:33:34 -04:00
bjiang
d5e8f54214 fix RubyBundlerAnalyzer.accept 2016-05-06 17:55:21 -04:00
bjiang
83f83d4eee add RubyBundlerAnalyzerTest 2016-05-06 17:45:40 -04:00
bjiang
b0f4ab9ba5 cleanup & Rakefile support placeholder 2016-05-06 17:25:08 -04:00
bjiang
06dad8f79c javadoc 2016-05-06 17:22:39 -04:00
bjiang
83ab122ddf disable RubyBundlerAnalyzer if RubyBundleAuditAnalyzer 2016-05-06 16:42:39 -04:00
bjiang
8a42fe4ae1 javadoc 2016-05-06 16:19:59 -04:00
bjiang
94c6778b89 better javadoc 2016-05-06 16:14:16 -04:00
bjiang
c0e5973517 rename RubyBundlerAnalyzer and javadoc 2016-05-06 15:50:35 -04:00
bjiang
4de3fb1f2a javadoc 2016-05-06 10:25:49 -04:00
bjiang
189da08885 merge upstream 2016-05-03 13:05:56 -04:00
Jeremy Long
9e63ac6d5b Merge pull request #493 from awhitford/CommIO25 
Commons-IO 2.5 upgrade
 2016-05-02 19:26:52 -04:00
Jeremy Long
4d7ab8b187 Merge pull request #491 from mwieczorek/MSSQL_Support 
MSSQL Support
 2016-05-02 19:25:39 -04:00
Jeremy Long
4de9818bee original CVE used in test does not exist in the current default DB used for tests. 2016-05-01 20:16:30 -04:00
Jeremy Long
7a2e1fd221 updated bundle audit score to be more accurate 2016-05-01 15:39:12 -04:00
Jeremy Long
35ffd56ea9 fixed compile issues in PR 2016-04-30 11:20:26 -04:00
Jeremy Long
84b992d3a1 Merge branch 'fix-cvss-for-bundle-audit' of git://github.com/geramirez/DependencyCheck into geramirez-fix-cvss-for-bundle-audit 2016-04-30 11:02:16 -04:00
Jeremy Long
9e46364759 updated test cases to track down build issue 2016-04-30 10:56:50 -04:00
Dave Goddard
0f37c2b59c Adding sinatra fixture 
Signed-off-by: Gabriel Ramirez <gabriel.e.ramirez@gmail.com>
 2016-04-29 16:17:51 -04:00
Michal Wieczorek
33852ea7e3 MSSQL Support 2016-04-27 23:35:05 +02:00
Anthony Whitford
4fbed1cdac Added Charset to avoid deprecated FileUtils methods. 2016-04-27 01:37:00 -07:00
David Jahn
8c6b9f9c68 Fixed CVSS for Ruby. 
this bug was discovered when scanning ruby applications and getting back
`-1` cvss. this turns out to be a problem with bundle-audit cve
database.

Our solution was to use the NVD database, which dependency check uses to
get the CVSS scores for Ruby only if the Criticality is missing from
bundle-audit output. Keep in mind there are compilation errors with the
commit atm.

Fixes #485

Signed-off-by: Gabriel Ramirez <gabriel.e.ramirez@gmail.com>
 2016-04-25 09:40:54 -04:00
Jeremy Long
abebecac4a updated parser and tests to revert to old suppression schema if new schema fails 2016-04-24 09:06:00 -04:00