github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-05-22 14:57:07 +02:00
Code Issues Packages Projects Releases Wiki Activity
4,376 Commits 7 Branches 56 Tags
cb75ab8cca20c19d9b6195349a12d34ac4972b1d
Commit Graph

1937 Commits

Author SHA1 Message Date
Stefan Neuhaus cb75ab8cca Use Apache StringUtils.split(String, char) instead of String.split(String) 
String.split() uses a regex pattern for splitting. As we simply need to split on a single fixed char using the Apache StringUtils is preferable.
 2017-02-21 14:23:13 +01:00
Stefan Neuhaus 0f3845b16d cleanup: remove unused return value 2017-02-21 14:12:12 +01:00
Stefan Neuhaus dd7128095e add license information to dbStatements_oracle.properties 2017-02-21 14:02:34 +01:00
stevespringett ae21424a30 Closes #664 2017-02-18 21:23:19 -06:00
Jeremy Long 3577949425 codacy recommended updates 2017-02-17 19:03:53 -05:00
Jeremy Long 0d72471502 fixed synchronization per coverity 2017-02-17 18:00:40 -05:00
Jeremy Long d9dcc8cc2d fixed UTF-8 BOM bug 2017-02-17 17:18:10 -05:00
Jeremy Long c9e8e6cf0e codacy recommended updates 2017-02-17 14:20:43 -05:00
Jeremy Long 960a2e27ab formating and codacy recommended updates 2017-02-17 12:59:17 -05:00
Jeremy Long ae5a95bfb3 merge #662 2017-02-17 12:13:45 -05:00
Jeremy Long d6c9fea354 formating and codacy recommended updates 2017-02-17 12:03:11 -05:00
Jeremy Long d6f1351f6b Merge pull request #657 from stefanneuhaus/accelerate-db-update_get-rid-of-treeset 
Accelerate CVE DB update: replace TreeSets in Vulnerability by HashSets
 2017-02-17 10:48:46 -05:00
Jeremy Long 373488adb4 codacy recommended updates 2017-02-17 10:31:25 -05:00
Stefan Neuhaus 59401cc9f8 cleanup/code style 2017-02-16 20:55:26 +01:00
Stefan Neuhaus eca0e7a852 Fix integration test 2017-02-16 20:53:48 +01:00
Stefan Neuhaus 563dc24854 Parallelize retrieval of last modification timestamps 2017-02-16 08:59:09 +01:00
Stefan Neuhaus 3a70e25983 Refactoring: Move retrieval of last modified timestamps from UpdateableNvdCve to NvdCveUpdater 
- UpdateableNvdCve is from its nature more like a simple value object
- Facilitates performance optimization for retrieval of last modification timestamps
 2017-02-16 08:58:50 +01:00
Stefan Neuhaus a9fc6bf02c cleanup: remove unused stuff 2017-02-16 08:58:36 +01:00
Stefan Neuhaus cd4f09dc86 NvdCveUpdater: Refactor thread pool concept 
- Make thread pools members of the class to facilitate reuse
- Increase default max download thread pool size from 3 to 50 (should be fine for mostly blocking tasks like downloading)
 2017-02-16 08:58:14 +01:00
Stefan Neuhaus 0464626e2b Accelerate CVE DB update 
Vulnerability: switch vulnerableSoftware and references from expensive TreeSet to HashSet
 2017-02-11 20:46:28 +01:00
Jeremy Long 0b329bd40e added test case 2017-02-07 19:41:06 -05:00
Jeremy Long 3d33f24f09 Merge pull request #655 from suhand/master 
Minor spelling fixes
 2017-02-07 19:40:39 -05:00
Jeremy Long 886c02fad2 add configuration to remove FP based on parent-group/artifact from spring-boot 2017-02-07 06:24:34 -05:00
Jeremy Long 3a11504153 updated to prevent bundling of dependencies within WAR files 2017-02-07 06:22:55 -05:00
Jeremy Long 3a082ae00a minor update to #617 2017-02-07 06:06:53 -05:00
Suhan Dharmasuriya 780201845b Minor spelling fixes 2017-02-07 12:00:17 +05:30
Jeremy Long 0e0a4bb0b4 expanded hint rules so that they can remove evidence 2017-02-04 09:20:47 -05:00
Jeremy Long 5333083a78 fixed bug that caused ODC to fail if an invalid assembly was scanned 2017-01-28 08:13:27 -05:00
Jeremy Long b8c6c86330 snapshot version 2017-01-28 08:12:51 -05:00
Jeremy Long e246757f47 version 1.4.5 2017-01-22 17:10:42 -05:00
Jeremy Long f39f754b7b reapplied fix for issue #601 2017-01-22 08:10:14 -05:00
Jeremy Long c59615f452 patch for issue #510 and #512 2017-01-22 08:01:40 -05:00
Jeremy Long 847bed2fa0 added manifest implementation-version 2017-01-22 07:42:11 -05:00
Jeremy Long a9af15f6f8 checkstyle/pmd suggested corrections 2017-01-21 08:47:52 -05:00
Rick Oosterholt df8d4fd77c Minor change: When JAR reading errors occur, at least add the file name 
to the exception. Without it, finding the troubling JAR is hard.
 2017-01-18 13:52:17 +01:00
Jeremy Long 9d5769bb69 Merge branch 'issue575' 2017-01-15 11:19:37 -05:00
Jeremy Long 523cd23b6b filter version numbers for issue #575 2017-01-14 09:41:34 -05:00
Jeremy Long 8733a85ebb patch per issue#642 2017-01-13 06:53:26 -05:00
Jeremy Long d9f0ffa742 Merge pull request #634 from hgschmie/enable_disable 
rework the enabled / disabled logic
 2017-01-08 08:18:12 -05:00
Jeremy Long 8d63ee19ed fix for Jenkins integration, updates to commit f47c6b0 2017-01-08 07:55:35 -05:00
Jeremy Long 6af0842838 added logging 2017-01-02 21:45:21 -05:00
Jeremy Long 4c49adf1ba reduced code duplication 2017-01-02 21:44:59 -05:00
Jeremy Long 5f4e4fab56 reduced code duplication 2017-01-02 21:43:51 -05:00
Jeremy Long 146d7e3fbf reduced code duplciation 2017-01-02 21:42:20 -05:00
Henning Schmiedehausen def78a3cfd rework the enabled / disabled logic 
If an analyzer is disabled from the configuration, it should not be
initialized (because some of the may actually fail during that process
nor should the engine log in any way that those exist.

With these changes, it is possible for me to turn off unwanted
analyzers (e.g. Ruby analyzers for a java project) from the maven
plugin and not confuse my users with spurious misleading messages.
 2016-12-28 16:39:25 -08:00
Jeremy Long 63ad13ff7a added enabled properties per issue #612 2016-12-27 08:46:04 -05:00
Jeremy Long dd92ec675f fixed error in tests 2016-12-27 08:45:42 -05:00
Jeremy Long 6e1512f7d9 added enabled setting (#612) and added additional checks to see if the update should occur (#631) 2016-12-27 08:45:01 -05:00
Jeremy Long 287b1df3fd added enabled settings for all analyzers per #612 2016-12-26 09:11:26 -05:00
Jeremy Long 38bf9b4ddb checkstyle recommendations 2016-12-22 07:32:04 -05:00