github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-18 17:47:05 +01:00
Code Issues Packages Projects Releases Wiki Activity
3,974 Commits 7 Branches 56 Tags
f6b80630dd5cab7ec79712cc7a7e836245b56eb6
Commit Graph

462 Commits

Author SHA1 Message Date
Jeremy Long
f6b80630dd temporary travis debugging code 2016-06-05 08:30:22 -04:00
Jeremy Long
f43589589d fixed setup to call super 2016-06-05 08:04:45 -04:00
Jeremy Long
310ca967a1 fixed compareTo in order to resolve issue #503 2016-06-05 06:32:49 -04:00
Jeremy Long
c4b423cb0f additional tests resources to fix issue #503 2016-06-05 06:32:11 -04:00
Jens Hausherr
f3d3a25856 Add more test cases 2016-06-03 09:50:28 +02:00
Jens Hausherr
ae5a766092 Limit split to fix #503 2016-05-27 15:07:59 +02:00
Jeremy Long
7d83362a85 removed stack trace from build when ruby and bundle-audit are not installed 2016-05-15 07:49:17 -04:00
Jeremy Long
71ef8061f9 merge conflict resolved 2016-05-15 07:29:17 -04:00
Jeremy Long
353b17690f checkstyle/pmd/findbugs correction(s) 2016-05-15 07:22:52 -04:00
Jeremy Long
ea942398e3 updated test case to use the correct parent class that allows for use of the database during testing 2016-05-15 06:45:57 -04:00
Jeremy Long
6f451736ba Add ability to flag analyzers as experimental so that they are not always enabled 2016-05-14 07:20:53 -04:00
bjiang
d5e8f54214 fix RubyBundlerAnalyzer.accept 2016-05-06 17:55:21 -04:00
bjiang
83f83d4eee add RubyBundlerAnalyzerTest 2016-05-06 17:45:40 -04:00
bjiang
b0f4ab9ba5 cleanup & Rakefile support placeholder 2016-05-06 17:25:08 -04:00
bjiang
83ab122ddf disable RubyBundlerAnalyzer if RubyBundleAuditAnalyzer 2016-05-06 16:42:39 -04:00
bjiang
189da08885 merge upstream 2016-05-03 13:05:56 -04:00
Jeremy Long
4de9818bee original CVE used in test does not exist in the current default DB used for tests. 2016-05-01 20:16:30 -04:00
Jeremy Long
84b992d3a1 Merge branch 'fix-cvss-for-bundle-audit' of git://github.com/geramirez/DependencyCheck into geramirez-fix-cvss-for-bundle-audit 2016-04-30 11:02:16 -04:00
Jeremy Long
9e46364759 updated test cases to track down build issue 2016-04-30 10:56:50 -04:00
Dave Goddard
0f37c2b59c Adding sinatra fixture 
Signed-off-by: Gabriel Ramirez <gabriel.e.ramirez@gmail.com>
 2016-04-29 16:17:51 -04:00
David Jahn
8c6b9f9c68 Fixed CVSS for Ruby. 
this bug was discovered when scanning ruby applications and getting back
`-1` cvss. this turns out to be a problem with bundle-audit cve
database.

Our solution was to use the NVD database, which dependency check uses to
get the CVSS scores for Ruby only if the Criticality is missing from
bundle-audit output. Keep in mind there are compilation errors with the
commit atm.

Fixes #485

Signed-off-by: Gabriel Ramirez <gabriel.e.ramirez@gmail.com>
 2016-04-25 09:40:54 -04:00
Jeremy Long
abebecac4a updated parser and tests to revert to old suppression schema if new schema fails 2016-04-24 09:06:00 -04:00
Jeremy Long
deda02f879 updated suppression schema to require a CPE, CVE, or CVSS Below per issue #488 2016-04-24 07:20:11 -04:00
bjiang
da82f975e4 Add test for project url from pom.xml 2016-04-15 12:30:14 -04:00
bjiang
ab48d2c2ff multiple improvements 2016-03-28 14:06:30 -04:00
bjiang
a22fc550b3 #472 fix test to only skip the proper test case. 2016-03-21 11:38:52 -04:00
bjiang
343a78917c Fixed #472. Disable RubyBundleAuditAnalyzer if exception during initialize. 
changes:
1. disable self during initialize before bubbling exception
2. new test case RubyBundleAuditAnalyzerTest#testMissingBundleAudit()
 2016-03-20 17:06:03 -04:00
bjiang
ff7d0fdb9d #472 first fix and improve RubyBundleAuditAnalyzerTest.java 
Test were failing b/c Gemfile.lock and Gemfile were missing.
The files were missing b/c parent .gitignore them.
Changes:
1. Force added new test files, and updated test with more result
validation.
2. Added error logging from bundle-audit.
3. place holder for bundle-audit install directory in test
dependencycheck.properties.
 2016-03-20 15:54:24 -04:00
Jeremy Long
cdc07047aa doclint fixes 2016-03-05 13:18:37 -05:00
Jeremy Long
c832c2da28 doclint fixes 2016-03-05 13:18:37 -05:00
Jeremy Long
8daa713639 doclint fixes 2016-03-05 13:18:36 -05:00
Jeremy Long
e0a2966706 doclint fixes 2016-03-05 13:18:36 -05:00
Jeremy Long
354bfa14f9 doclint fixes 2016-03-05 13:18:35 -05:00
Jeremy Long
46b91702ba doclint fixes 2016-03-05 13:18:35 -05:00
Jeremy Long
de9516e368 doclint fixes 2016-03-05 13:18:35 -05:00
Jeremy Long
3924e07e5c doclint fixes 2016-03-05 13:18:34 -05:00
Jeremy Long
76bcbb5a7e doclint fixes 2016-03-05 13:18:34 -05:00
Jeremy Long
f752285912 added test for parse manifest per issue #455 2016-02-27 07:14:27 -05:00
Jeremy Long
b45f9f514b base test case handles settings initialization 2016-02-06 08:40:33 -05:00
Jeremy Long
2190c0229c added check to see if the file is xml prior to unzipping it per issue #441 2016-02-06 08:11:24 -05:00
Jeremy Long
578fa32243 updated to honor noupdate flag for version check and removed some complexity 2016-01-03 09:14:08 -05:00
Jeremy Long
3a7f95b9b1 spelling correction 2015-12-18 06:28:11 -05:00
Jeremy Long
e05cef6886 extended the wrong base test case 2015-11-27 07:07:17 -05:00
Jeremy Long
8b5dbeab44 removed stack trace in build when bundle audit is not installed 2015-11-25 05:59:58 -05:00
Dale Visser
2ed5dc153a Fixed merge conflict in App.java 2015-11-23 13:27:22 -05:00
Anthony Whitford
041d3c5312 Removed unnecessary countCharacter method by leveraging StringUtils.countMatches. 2015-11-01 23:19:37 -08:00
Jeremy Long
54d921f275 added test case 2015-10-26 06:32:02 -04:00
Jeremy Long
aa9908b34a updated test properties w/ changes that had been made in the main properties 2015-10-25 06:22:30 -04:00
Jeremy Long
dc849c3891 removed duplicate abstract test base 2015-10-18 06:17:21 -04:00
Jeremy Long
2770b58a20 fixing the build 2015-10-18 06:07:23 -04:00