github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-15 08:13:43 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,241 Commits 7 Branches 56 Tags
f71eb09f7490fdb94eb6b9b25649f83663ea55f2
Commit Graph

672 Commits

Author SHA1 Message Date
Jeremy Long
29595324c4 added suppression rules for jersey-client 
Former-commit-id: cb8f4081c6d0fc2128a3a3dfda294a541c16adec
 2014-09-13 07:10:17 -04:00
Jeremy Long
93ec2e8639 fixed javadoc 
Former-commit-id: d06907a74a6fd4cf9ac5e5774af63eda5aba02b3
 2014-09-13 05:50:49 -04:00
Jeremy Long
0e2a31709a added test cases to ensure setting the base flag will prevent the identifier from being added to the suppressedIdentifiers collection 
Former-commit-id: d369797a3b14fc2c42621d273d6f314e968848b9
 2014-09-13 05:45:05 -04:00
Jeremy Long
c785b39eda added assertion to validate that the base flag is being processed 
Former-commit-id: 0364e57af8f548d010f17f948492e9472433c675
 2014-09-13 05:44:09 -04:00
Jeremy Long
8fab2f58da added the base property and skipped adding the vulnerability or identifier to the suppressed collection if this is a base suppression rule 
Former-commit-id: a668d7d8b9345b6ad44bfff1ced4ab783a1f90d8
 2014-09-13 05:43:16 -04:00
Jeremy Long
e44ee3bfe1 added parsing of the base flag 
Former-commit-id: 02f533177846bcd4a98b31f851e91f438e1ddeaa
 2014-09-13 05:42:01 -04:00
Jeremy Long
62065c9d28 corrected the removal of an identifier so that iterator.remove was correctly used 
Former-commit-id: 252507772242cc7ff42ef9f310cfca3bec7cb075
 2014-09-13 05:41:26 -04:00
Jeremy Long
c76275275f added the base=true flag to all base suppressions 
Former-commit-id: ac77f3fc4ff80c182b7736554a1960e186e67d69
 2014-09-13 05:40:37 -04:00
Jeremy Long
257f78879d added base attribute to suppression rules 
Former-commit-id: bcadbd75b99471a56d604c2f158570305e9b4010
 2014-09-13 05:40:06 -04:00
Jeremy Long
894263809c added base flag to one suppression entry 
Former-commit-id: 7d6bbf36e5e35c2ee2fe8c901281996a34706036
 2014-09-13 05:39:38 -04:00
Jeremy Long
d4756c9eb8 updated base suppression list to include sandbox:sandbox - a php app 
Former-commit-id: 087a4c5af2afd03a1d4703d2e1e5a1607a2e7ac9
 2014-09-12 06:34:23 -04:00
Jeremy Long
0004767775 added fix for issue #147 to address springsource, non-core spring, jars being idenified as cpe://a:springsource:springframwork 
Former-commit-id: 0a3182123be78a3f450cdef0bcc395907d27730a
 2014-09-10 17:55:04 -04:00
Jeremy Long
aadfb71c98 fixed test case by removing a temporary test entry in DetermineCPE_full 
Former-commit-id: 0f91c7b8e1d536c9d15176dc2d9a439da4e8ccdc
 2014-09-10 17:37:54 -04:00
Jeremy Long
1244af649d updated to improve CPE matching so that if a broad match occured (cpe with no version number) we use the highest confidence version when generating the CPE identifier 
Former-commit-id: 6e8c87a71522b1ca7cfa9d72ca419a792d1b17e7
 2014-09-09 15:10:08 -04:00
Jeremy Long
7bd48cc811 updated version analysis to reduce false positives and increase accurate detection 
Former-commit-id: 6097160434b7e98182738706790d82cdbd867175
 2014-09-09 15:07:28 -04:00
Jeremy Long
8f3ce38418 re-ordered operations so that a new lucene index is no longer created on each call to calDetermineCPE_full 
Former-commit-id: e2af1d893b47afe1ed36d1ab1e6840d47757b509
 2014-09-07 08:28:44 -04:00
Jeremy Long
1b2d9b4245 fixed minor display bug 
Former-commit-id: 65e1adcdc7677490907ee6eca68bf1174d355a3c
 2014-09-07 07:20:45 -04:00
Jeremy Long
c6b2b34fde removed duplicative test of downloading XML 
Former-commit-id: 97d1371609af2cc9583b0ac071a8606c93a34fbe
 2014-09-07 06:59:50 -04:00
Jeremy Long
e58fc13fdb additional looping corrections in determineCPE() to break early if an identifier is found 
Former-commit-id: 4ec4ffe598d9870a793da8980bb863633c1967d7
 2014-09-06 19:09:38 -04:00
Jeremy Long
922d53d2e4 Increased the confidence on the pom artifact and groupid 
Former-commit-id: b052b50353197e0f7cb419e6f618f2320da11183
 2014-09-06 19:08:22 -04:00
Jeremy Long
fec53b3951 corrected looping in determineCPE() 
Former-commit-id: 329f20687223f38273b2e23601b05fcea2b9122f
 2014-09-06 06:37:12 -04:00
Jeremy Long
da20fb2922 added velocity-tools to base suppression as it should not be reported as struts 
Former-commit-id: 4649d95a091def05ae249da42aa7d6f845b14d59
 2014-08-30 07:48:02 -04:00
Jeremy Long
4095c5da38 made serializable 
Former-commit-id: 27d8084ea981766791df05c5e9ef61dbe40ba32c
 2014-08-16 07:27:28 -04:00
Jeremy Long
b4405ebf3e minor changes to the TOC table - removed # of related dependencies and renamed CVE Impact to Highest Severity to clear up ambiguity 
Former-commit-id: b8b14ab120d889057864eb6f93cadad9773b9171
 2014-08-15 05:58:10 -04:00
Jeremy Long
56b447493e added additional error messages about the proxy if the download fails per issue #136 
Former-commit-id: 7a5dcc58ab959a70b7e086a984f5d9289d749b99
 2014-08-05 10:58:43 -04:00
Jeremy Long
e45b68eda7 fixed issue #140 - false positive is now suppressed 
Former-commit-id: 4b584884e1eb5efa214b1af87d555e6866db917a
 2014-08-05 10:44:33 -04:00
Jeremy Long
bd955cda06 improved TOC per issue #138 
Former-commit-id: 7cc7ccb9d0dd8257588438220bf61d78caa2bcec
 2014-08-05 09:22:28 -04:00
Jeremy Long
c6dbc01912 ensured FileInputStream is correctly closed 
Former-commit-id: 6e0362476f456e5af07e686fdccf04e600a97de8
 2014-08-05 09:19:35 -04:00
Jeremy Long
fabe1aa940 checkstyle corrections 
Former-commit-id: d23c5d17629f8484c1c07d328c9c1b74a678e062
 2014-08-05 09:19:00 -04:00
Jeremy Long
ba5dbb94b8 removed fully qualified class name from jaxb instantiation 
Former-commit-id: 15d5f9e2013daba62f7e32618958743e87e8ea79
 2014-08-05 09:18:35 -04:00
Jeremy Long
cf21dfaa3a changed warning log message 
Former-commit-id: 9a7fd59cd15e627ed103a6e797bc47518805276b
 2014-08-04 08:05:31 -04:00
Jeremy Long
f6eef54566 added fix for issue #136 
Former-commit-id: c259a419769b41e138d3cbb3811f1c24652601d5
 2014-08-01 15:09:41 -04:00
Jeremy Long
0b06b194b0 added XmlRootElement attribute 
Former-commit-id: a3263e63c8c7b12c90ad388c8eda1ab09e43786c
 2014-08-01 14:22:40 -04:00
Jeremy Long
73f6ce304c corrected jaxb newInstance 
Former-commit-id: 32a1b759ad1e127784ae9bff902cca01c6faaad7
 2014-08-01 14:21:55 -04:00
Jeremy Long
3565098650 converted abstract class to a final class with a private constructor 
Former-commit-id: 582a421e69eac2bfc008ca8ee2fe88c7734c9a31
 2014-07-20 06:36:33 -04:00
Jeremy Long
803fcf146b minor fix to test case 
Former-commit-id: bf20319aed4f100d124cdeb7abeafe6598778891
 2014-07-19 13:58:30 -04:00
Jeremy Long
d9d646c5fb fixed connection string property 
Former-commit-id: 951cf212c80a52909cc2dd66e843b63b35991045
 2014-07-19 13:57:36 -04:00
Jeremy Long
034a274b07 fixed copy paste error 
Former-commit-id: 83c51cb5b43c635088025a2076121911af32a7ec
 2014-07-19 13:57:15 -04:00
Jeremy Long
718d7af8bc updated to use the new getConnectionString implementation 
Former-commit-id: c5bd68b3d2fb4c2470d6c50dc5f8f9f6036b9fce
 2014-07-19 07:38:51 -04:00
Jeremy Long
860d3d9c8b made the ensureDBExists method perform a correct check rather then the previous hack 
Former-commit-id: 5fae859fa7531761e78022eb2e8c4c41e6d5d150
 2014-07-19 07:38:08 -04:00
Jeremy Long
f28b566992 added data.file_name and data.version 
Former-commit-id: e692a13a216ec6808e3fd92397fd3c50854cfa56
 2014-07-19 07:37:11 -04:00
Jeremy Long
46702bbb5c moved checkSumTest.file, checksum.java, and checksumTest.java to dependency-check-utils 
Former-commit-id: 0c05e466b5fe071ca55552660d471431572c0558
 2014-07-17 06:03:21 -04:00
Jeremy Long
5600c9bc69 removed commented out property 
Former-commit-id: 2a07ced007c986d3ab127d8ff216f49c332f41c3
 2014-07-17 06:01:59 -04:00
Jeremy Long
d7e46b1693 corrected the connection string in the test properties 
Former-commit-id: 1c37d4bd4de49cddc34b92a27875e0a07eee600f
 2014-07-17 06:00:59 -04:00
Jeremy Long
288892441f corrected javadoc 
Former-commit-id: c0c7d8da486a08dfc3e9232b57166d4c496bb798
 2014-07-17 05:59:10 -04:00
Jeremy Long
e1179a8e22 moved getConnectionString to the Settings class 
Former-commit-id: d35df6d103505888ac4d87f964d8d615996ce614
 2014-07-13 06:56:40 -04:00
Jeremy Long
464d91f45a fixed resource leaks found by coverity 
Former-commit-id: 0e2d3b866853e2b906b9683e27602fd244298e55
 2014-07-08 06:17:36 -04:00
Jeremy Long
d8ba04ae7f Merge branch 'master' of github.com:colezlaw/DependencyCheck into colezlaw-master 
Former-commit-id: 27bac793e5284df49c0804361c07d4ef559cb251
 2014-06-26 20:33:35 -04:00
Will Stranathan
5c874cafd1 Fixed suppression analyzer to load from input stream fixing failure 
Former-commit-id: 4e6f8d7fddcf7ed26ad60b7aa8bc3a6b22ae19cc
 2014-06-26 15:14:55 -04:00
Will Stranathan
8cafc14d09 Updated to 1.1 of GrokAssembly.exe to deal with exceptions 
Former-commit-id: 8c1d6ad04e378f2a19e2fcdc9ebc1eab12be9aef
 2014-06-24 10:16:53 -04:00