github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-14 07:43:40 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,268 Commits 7 Branches 56 Tags
c86b821951eae1f905fb384d892ffffa80958bd4
Commit Graph

1268 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jeremy Long
c86b821951 suppressed warning on unchecked cast 
Former-commit-id: 633151a31b613071c7bd3e939c6a5c16864b8b88
 2014-10-25 08:06:15 -04:00
Jeremy Long
4def086bf9 removed comments 
Former-commit-id: 2c48f5b93a97a0642fbc37edd603b0d0baca4368
 2014-10-25 08:05:26 -04:00
Jeremy Long
885c890d7d changed the analyzer to use the actual file name rather then the display name 
Former-commit-id: 9cc348aaef8fac5e6c64220d94428f168ea8855b
 2014-10-25 08:05:01 -04:00
Jeremy Long
06060a6694 improved error handling of invalid search strings 
Former-commit-id: 97250e44b27e009b2480d25f8c2ebb7566038086
 2014-10-25 08:04:33 -04:00
Jeremy Long
70667814f6 changed display name of files contained in archives so that it doesn't look like an invalid path 
Former-commit-id: db3a7edadef81dd7e66c68cf0f4cdf43e12936b6
 2014-10-25 08:03:47 -04:00
Jeremy Long
766b7a940c changed scan methods to return a list of dependencies instead of void 
Former-commit-id: f0fd1e06708de3159acff0147968b5508a54fc05
 2014-10-25 08:02:36 -04:00
Jeremy Long
0c37586357 added Xlint:unchecked 
Former-commit-id: e26970bf2cd4606b777bddfc806ba74227da9cba
 2014-10-25 08:00:11 -04:00
Jeremy Long
b4aa55ce1f Merge branch 'master' of github.com:ctrl-alt-dev/DependencyCheck into ctrl-alt-dev-master 
Former-commit-id: 4d1ab5ecacf0ca7354f57d3a49accd5a173e0a26
 2014-10-24 05:36:40 -04:00
Jeremy Long
109443ce77 changed the name property of dependencies identified within an archive 
Former-commit-id: 5d778afea68c881efea628d9ecc28596d3cbc9d6
 2014-10-23 06:09:39 -04:00
Jeremy Long
c6f391501d added test case for patch to issue #156 
Former-commit-id: 8fa1de0566760a41d65614921f4bb764178151f8
 2014-10-22 21:43:23 -04:00
Jeremy Long
d1f3105fbd added appropriate sorting to resolve issue #156 
Former-commit-id: b5d0dd3e9d337417ea3483b491035009269eaa5c
 2014-10-22 21:42:51 -04:00
Jeremy Long
8f88ca9d3d corrected compareTo to use file path, not just file name 
Former-commit-id: 98e19c402cd5824aed4b3b4923b7ef72359752cf
 2014-10-22 21:12:40 -04:00
Erik Hooijmeijer
f9e4ca0cc2 corrected javadoc 
Former-commit-id: 3e0533a8a36afcacb647610f352bfd854e505272
 2014-10-22 19:10:54 +02:00
Erik Hooijmeijer
5caf023677 added excludeInternalGroupIds configuration parameter that allows the exclusion of groupIds of internal projects. This is to speed up analysis as internal projects have no public vulnerabilites nor a sonatype listing but do frequently have names that collide with other libraries. The parameter can have multiple values, e.g. <excludeInternalGroupIds><groupId>nl.someinteral.project</groupId><groupId>org.another.one</groupId></excludeInternalGroupIds> 
Former-commit-id: ffa0716366c6c7b65d1181f2bd945472b75b5483
 2014-10-22 19:08:33 +02:00
Erik Hooijmeijer
35c2f4873c values from the project pom.xml are now taken into account as well 
Former-commit-id: ca6c5b40f09959f162b337f2cb4268a57ce46d3d
 2014-10-21 20:09:54 +02:00
Jeremy Long
1ed7bab375 additional updates for issue #162, if no pom is present in the jar, but it exists in the repo the pom from the repo will be used 
Former-commit-id: 0d1603f45420b57b00149764acca1fe5bd3f3c83
 2014-10-17 20:55:58 -04:00
Jeremy Long
f0d1bfb777 added an additional suppression for issue #162 
Former-commit-id: 9c3403814b15cbcdebdc9e0d43253016548efb23
 2014-10-16 06:57:24 -04:00
Jeremy Long
42519ac843 version 1.2.6-SNAPSHOT 
Former-commit-id: 0b301bfa4a942e43976a34195a32982000f34d12
 2014-10-14 06:28:14 -04:00
Jeremy Long
8869e13385 Merge pull request #161 from hansjoachim/exceptionTests 
Uses ExpectedException to test for exceptions

Former-commit-id: 38f9b007311032db7edec0e1c345130409518855
 2014-10-13 05:47:54 -04:00
Hans Joachim Desserud
8f9cbfe806 Unrelated: remove unused before/after 
Former-commit-id: 68524208b8c0a197e9682aceec25cff0bc30ff56
 2014-10-12 18:29:27 +02:00
Hans Joachim Desserud
6481938626 Test for exceptions with ExpectedException 
Former-commit-id: 47c6c559196b4c10a5deb3698805ff7276f0aa83
 2014-10-12 18:27:03 +02:00
Jeremy Long
9c7cc2acbf corrected the documentation 
Former-commit-id: 428b6b3e07ed250ac11fb6c917c90888c0d20246
 2014-10-10 20:03:36 -04:00
Jeremy Long
89a57d4ed3 removed velocity-tools to close issue #160 
Former-commit-id: 5ca46405a5aa7521bd0a0de54500d848156491a6
 2014-10-10 06:36:47 -04:00
Jeremy Long
732378592b corrected link to the unfortunate realities pdf 
Former-commit-id: 285bcfd78f00fa514d3f96b5dcbac2fd18384177
 2014-10-08 06:47:27 -04:00
Jeremy Long
19dc46660b corrected link to the unfortunate realities pdf 
Former-commit-id: 75332bd18e6ac3ecac5dddda2f3945ae4003bd06
 2014-10-08 06:21:55 -04:00
Jeremy Long
4aad3471af fixed javadoc 
Former-commit-id: 2402251f2157864ee3c51dd571cb9d21e17856e6
 2014-10-08 06:21:20 -04:00
Jeremy Long
92bd305b00 version 1.2.5 
Former-commit-id: b3fe4ea80c4286684eda15a3b9f46cebc4f09ee8
v1.2.5 		2014-09-16 19:47:17 -04:00
Jeremy Long
f71eb09f74 updated sample report 
Former-commit-id: 1de33769f71be8c86116b4a17d8282c69e0abed6
 2014-09-16 19:47:07 -04:00
Jeremy Long
83d4a7bc18 moved test case dependency,jersey client, to the allTests profile 
Former-commit-id: 58da4d9c21803362133f74c168aea256c51a5824
 2014-09-16 05:24:43 -04:00
Jeremy Long
29595324c4 added suppression rules for jersey-client 
Former-commit-id: cb8f4081c6d0fc2128a3a3dfda294a541c16adec
 2014-09-13 07:10:17 -04:00
Jeremy Long
f9064e526f added test jar to the extended profile test dependencies 
Former-commit-id: b24966e3936afd9337dbea5476a696ddf46efc65
 2014-09-13 07:09:54 -04:00
Jeremy Long
93ec2e8639 fixed javadoc 
Former-commit-id: d06907a74a6fd4cf9ac5e5774af63eda5aba02b3
 2014-09-13 05:50:49 -04:00
Jeremy Long
0e2a31709a added test cases to ensure setting the base flag will prevent the identifier from being added to the suppressedIdentifiers collection 
Former-commit-id: d369797a3b14fc2c42621d273d6f314e968848b9
 2014-09-13 05:45:05 -04:00
Jeremy Long
c785b39eda added assertion to validate that the base flag is being processed 
Former-commit-id: 0364e57af8f548d010f17f948492e9472433c675
 2014-09-13 05:44:09 -04:00
Jeremy Long
8fab2f58da added the base property and skipped adding the vulnerability or identifier to the suppressed collection if this is a base suppression rule 
Former-commit-id: a668d7d8b9345b6ad44bfff1ced4ab783a1f90d8
 2014-09-13 05:43:16 -04:00
Jeremy Long
e44ee3bfe1 added parsing of the base flag 
Former-commit-id: 02f533177846bcd4a98b31f851e91f438e1ddeaa
 2014-09-13 05:42:01 -04:00
Jeremy Long
62065c9d28 corrected the removal of an identifier so that iterator.remove was correctly used 
Former-commit-id: 252507772242cc7ff42ef9f310cfca3bec7cb075
 2014-09-13 05:41:26 -04:00
Jeremy Long
c76275275f added the base=true flag to all base suppressions 
Former-commit-id: ac77f3fc4ff80c182b7736554a1960e186e67d69
 2014-09-13 05:40:37 -04:00
Jeremy Long
257f78879d added base attribute to suppression rules 
Former-commit-id: bcadbd75b99471a56d604c2f158570305e9b4010
 2014-09-13 05:40:06 -04:00
Jeremy Long
894263809c added base flag to one suppression entry 
Former-commit-id: 7d6bbf36e5e35c2ee2fe8c901281996a34706036
 2014-09-13 05:39:38 -04:00
Jeremy Long
c503935d6a updated to correctly close the ObjectOutputStream based on guidance from the CERT Java Secure Coding Standard 
Former-commit-id: 1c7b929055f273d49b1203c117d7bb12162cfdb2
 2014-09-12 06:36:00 -04:00
Jeremy Long
d4756c9eb8 updated base suppression list to include sandbox:sandbox - a php app 
Former-commit-id: 087a4c5af2afd03a1d4703d2e1e5a1607a2e7ac9
 2014-09-12 06:34:23 -04:00
Jeremy Long
0004767775 added fix for issue #147 to address springsource, non-core spring, jars being idenified as cpe://a:springsource:springframwork 
Former-commit-id: 0a3182123be78a3f450cdef0bcc395907d27730a
 2014-09-10 17:55:04 -04:00
Jeremy Long
74908642c7 added test dependency 
Former-commit-id: fa4846dfa384639114f32ed3b7a0d91347b8dabf
 2014-09-10 17:39:31 -04:00
Jeremy Long
aadfb71c98 fixed test case by removing a temporary test entry in DetermineCPE_full 
Former-commit-id: 0f91c7b8e1d536c9d15176dc2d9a439da4e8ccdc
 2014-09-10 17:37:54 -04:00
Jeremy Long
1244af649d updated to improve CPE matching so that if a broad match occured (cpe with no version number) we use the highest confidence version when generating the CPE identifier 
Former-commit-id: 6e8c87a71522b1ca7cfa9d72ca419a792d1b17e7
 2014-09-09 15:10:08 -04:00
Jeremy Long
7bd48cc811 updated version analysis to reduce false positives and increase accurate detection 
Former-commit-id: 6097160434b7e98182738706790d82cdbd867175
 2014-09-09 15:07:28 -04:00
Jeremy Long
8f3ce38418 re-ordered operations so that a new lucene index is no longer created on each call to calDetermineCPE_full 
Former-commit-id: e2af1d893b47afe1ed36d1ab1e6840d47757b509
 2014-09-07 08:28:44 -04:00
Jeremy Long
1b2d9b4245 fixed minor display bug 
Former-commit-id: 65e1adcdc7677490907ee6eca68bf1174d355a3c
 2014-09-07 07:20:45 -04:00
Jeremy Long
c6b2b34fde removed duplicative test of downloading XML 
Former-commit-id: 97d1371609af2cc9583b0ac071a8606c93a34fbe
 2014-09-07 06:59:50 -04:00