DependencyCheck

github-mirrors/DependencyCheck

Fork 0

mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-13 23:33:37 +01:00

Commit Graph

Select branches

Hide Pull Requests

cvedb-cache

feature/java-version-parse

gh-pages

issue690_threadsafe

master

reportGeneration

stevespringett-master

1.4.3

v0.2.0

v0.2.1

v0.2.2

v0.2.3

v0.2.3.1

v0.2.3.2

v0.2.4.0

v0.2.5.0

v0.2.5.1

v0.2.5.2

v0.2.6.0

v0.3.0.0

v0.3.1.0

v0.3.1.1

v0.3.2.0

v0.3.2.2

v0.3.2.3

v0.3.2.4

v1.0.1

v1.0.2

v1.0.3

v1.0.4

v1.0.5

v1.0.6

v1.0.7

v1.0.8

v1.1.0

v1.1.1

v1.1.2

v1.1.3

v1.1.4

v1.2.0

v1.2.0.1

v1.2.1

v1.2.11

v1.2.2

v1.2.3

v1.2.4

v1.2.5

v1.2.6

v1.2.7

v1.2.8

v1.2.9

v1.3.0

v1.3.1

v1.3.2

v1.3.3

v1.3.4

v1.3.5

v1.3.6

v1.4.0

v1.4.1

v1.4.2

v1.4.4

v1.4.5

2689a08026 Replaced Date manipulation with more efficient System call. Anthony Whitford 2015-09-07 17:50:02 -07:00
54be70672e Replaced Date manipulation with more efficient System call. Anthony Whitford 2015-09-07 17:49:11 -07:00
480fa50af5 Corrected Javadoc to eliminate warning. Anthony Whitford 2015-09-07 17:01:24 -07:00
b51731d15f Added final keyword. Anthony Whitford 2015-09-07 16:35:23 -07:00
c09650a136 Removed unused slf4j-ext and slf4j-jdk14 dependency declarations. Anthony Whitford 2015-09-07 16:30:58 -07:00
769fcb20d8 Removed a now unused import. Anthony Whitford 2015-09-07 16:29:27 -07:00
537c4b3a50 Added missing final keywords. Anthony Whitford 2015-09-07 16:28:55 -07:00
a75c17ac5e Added final keywords and elaborated the javax.json imports. Anthony Whitford 2015-09-07 16:28:22 -07:00
85604e8afa Logback-core is a transitive dependency from logback-classic -- no need to explicitly mention it. JSoup type is jar by default, so no need to mention that. SLF4J-Ext does not seem to be used, so can drop that. H2 only has runtime scope. Anthony Whitford 2015-09-07 16:01:10 -07:00
9a45c9aa7c Removed unused Cal10n MessageConveyor. Anthony Whitford 2015-09-07 15:21:54 -07:00
01450bacc2 Removed a redundant null check, and replaced an addAll with the constructor population. Anthony Whitford 2015-09-07 14:51:26 -07:00
af0255ee09 Rather than create a collection, then call addAll to populate, the collection can be created with the collection to clone. Anthony Whitford 2015-09-07 14:48:23 -07:00
df25bbb6d2 Replaced json iteration with more efficient entrySet. Also corrected an invalid logging statement. Anthony Whitford 2015-09-07 14:43:34 -07:00
444685bc05 Inner class should be static (since it doesn't reference parent). Anthony Whitford 2015-09-07 14:40:32 -07:00
115f63c330 Removed an unused import and combined nested if statements. Anthony Whitford 2015-09-07 14:38:43 -07:00
f9dbc4f7bf Upgraded Fluido Skin to 1.4 (from 1.3.1). Anthony Whitford 2015-09-07 10:54:01 -07:00
83263f8dee Update README.md Jeremy Long 2015-09-07 07:43:33 -04:00
a452ade957 Merge pull request #339 from awhitford/DependencyUpgrades Jeremy Long 2015-09-07 07:36:47 -04:00
1f48af024e Merge pull request #338 from awhitford/PomCleanup Jeremy Long 2015-09-07 07:34:07 -04:00
0a643d7195 Merge pull request #340 from awhitford/CommonsLang3 Jeremy Long 2015-09-07 07:30:52 -04:00
c3835b9da7 removed erroneous short cli argument for exclude Jeremy Long 2015-09-07 07:27:39 -04:00
bb1a96cf7a Merge branch 'master' of github.com:jeremylong/DependencyCheck Jeremy Long 2015-09-07 07:25:36 -04:00
56360301d7 changed debug message to an error Jeremy Long 2015-09-07 07:25:29 -04:00
435cccdeae Merge pull request #341 from awhitford/CommonsCli131 Jeremy Long 2015-09-07 07:24:48 -04:00
b11b472933 Upgraded commons-cli to 1.3.1 (from 1.2). See http://commons.apache.org/proper/commons-cli/release_1_3.html for upgrade details. Anthony Whitford 2015-09-07 02:27:10 -07:00
514f8398e2 Upgraded commons-lang-2.6 to newer commons-lang3-3.4. Anthony Whitford 2015-09-07 01:09:41 -07:00
90935fef25 Upgraded dependencies. Anthony Whitford 2015-09-07 00:40:30 -07:00
9b5ce1c3a6 Upgraded shade plugin to 2.4.1 (from 2.3). Anthony Whitford 2015-09-06 23:20:15 -07:00
8ad1639b02 License is inherited from Parent POM -- no need to restate unless it is different. Anthony Whitford 2015-09-06 22:30:01 -07:00
6d70332cd6 Centralized the Versions report to the parent pom. Anthony Whitford 2015-09-06 22:21:50 -07:00
717f6240e3 Centralized javadoc reporting to parent pom. Anthony Whitford 2015-09-06 20:51:56 -07:00
ab782054a1 Missed this lingering redundant maven-project-info-reports-plugin declaration. Anthony Whitford 2015-09-06 13:37:04 -07:00
b481f01217 Moved the maven-plugin-plugin declarations into the maven module since it is unique to that module. Anthony Whitford 2015-09-06 13:05:17 -07:00
d0f884f5b2 Centralized the maven-surefire-report-plugin to the parent pom. Note that gradle and jenkins modules are skipped since it does not apply. Anthony Whitford 2015-09-06 12:56:36 -07:00
51e66354b0 No need to explicitly add a jar goal when it implicitly exists already for a jar module. Anthony Whitford 2015-09-06 11:18:56 -07:00
1efe90f445 Merge pull request #337 from awhitford/Checkstyle Jeremy Long 2015-09-06 06:12:19 -04:00
7b47b7549d Removed redundant declarations for maven-compiler-plugin and maven-jar-plugin. Anthony Whitford 2015-09-06 01:42:01 -07:00
7ccb77fb57 Removed unnecessary property for findbugs-maven-plugin since it is now only declared once. Anthony Whitford 2015-09-06 01:32:00 -07:00
a32fa69823 Moved taglist-maven-plugin to the parent pom. (Gradle and Jenkins modules don't have them -- before or after.) This will make it easier to manage and evolve. Anthony Whitford 2015-09-06 01:29:17 -07:00
ece4cb03ad project.build.sourceEncoding is already specified in the parent pom, so this is not necessary. Anthony Whitford 2015-09-06 00:53:53 -07:00
5c53b6528f Centralized the findbugs-maven-plugin to the parent pom. Gradle and Jenkins modules skip it naturally. The onlyAnlyze setting for utils is maintained via a property. Also was able to upgrade to latest plugin, version 3.0.2. Anthony Whitford 2015-09-06 00:51:28 -07:00
9b92007eff Centralized cobertura plugin to the parent pom and was able to upgrade it from 2.6 to 2.7. Anthony Whitford 2015-09-06 00:23:24 -07:00
e433809f4d Moved maven-jxr-plugin and maven-project-info-reports-plugin reporting declarations into the parent pom. No need to duplicate in child modules. Utils did not have project-info reports, but there does not seem to be a good reason. Also note that the JXR plugin is naturally skipped when it does not apply (there is no java code), so not necessary to explicitly skip it for gradle and jenkins modules. Anthony Whitford 2015-09-05 23:57:53 -07:00
d74218004a Reporting section for jenkins module is completely redundant with the parent pom. It can be removed and will generate the same report. Anthony Whitford 2015-09-05 23:17:28 -07:00
c35276e3df Reporting section for gradle module is completely redundant with the parent pom. It can be removed and will generate the same report. Anthony Whitford 2015-09-05 23:15:35 -07:00
064236ed5b Added Dependency plugin to Reporting section because it has an excellent Dependency Analysis Report. Anthony Whitford 2015-09-05 22:56:36 -07:00
2a50dcba9d Removed Checkstyle and PMD violations. Anthony Whitford 2015-09-05 22:25:59 -07:00
f7974b324b Exclude generated HelpMojo.java file from Checkstyle analysis. Anthony Whitford 2015-09-05 22:25:38 -07:00
3bb716b060 Merge pull request #336 from awhitford/Timing Jeremy Long 2015-09-05 21:08:05 -04:00
39e465261f Merge branch 'master' of github.com:jeremylong/DependencyCheck Jeremy Long 2015-09-05 21:07:47 -04:00
784b78b17c added another timer to pull #336 Jeremy Long 2015-09-05 21:07:29 -04:00
22c68ed8ef Merge pull request #331 from wmaintw/master Jeremy Long 2015-09-05 21:00:15 -04:00
c4c670a3b1 Merge pull request #334 from awhitford/MavenPluginWarnings Jeremy Long 2015-09-05 20:59:05 -04:00
17a05cc1d4 removed excessive logging used to debug Jeremy Long 2015-09-05 20:56:54 -04:00
d452c5fabb fixed shift operator per issue #335 Jeremy Long 2015-09-05 20:56:18 -04:00
2cf974ef02 maven-reporting-api cannot be scoped to provided Jeremy Long 2015-09-05 07:09:01 -04:00
1f0e789575 fixed bug that might contribute to issue #189 Jeremy Long 2015-09-05 06:48:00 -04:00
92e1fd3f28 Added time measurements for key steps. Anthony Whitford 2015-09-05 00:31:50 -07:00
49736a87aa Merge branch 'awhitford-FixSite' Jeremy Long 2015-09-03 05:32:06 -04:00
d009e39842 Removed unnecessary maven-site-plugin dependency, and maven-plugin-annotations dependency is provided. Anthony Whitford 2015-09-03 01:47:46 -07:00
c2b8901537 Removed deprecated code. Anthony Whitford 2015-09-03 01:25:53 -07:00
dd910cb5ec Updated plugins. Anthony Whitford 2015-09-03 00:48:06 -07:00
4632753f02 commented out initial attempt at issue #22 to resolve issue #327 Jeremy Long 2015-09-02 06:42:36 -04:00
3fdcd12b4f maven dependencies should be marked as provided per issue #329 Jeremy Long 2015-09-02 06:05:56 -04:00
94d1d611c7 add compatibility supports ma wei 2015-09-02 13:45:06 +08:00
27b54a0bfa changed taskdef.properties file name Jeremy Long 2015-09-01 06:37:44 -04:00
1b1ecd0748 split monolithic taskdef into three primary taskdefs Jeremy Long 2015-08-31 06:59:57 -04:00
1e29d2e751 Merge branch 'upmaster' into ruby-bundler Dale Visser 2015-08-30 15:11:33 -04:00
a0437bf933 Ruby bunder: Code needed to disable the analyzer in the CLI if desired. Dale Visser 2015-08-30 15:07:21 -04:00
73e0292a4b Ruby Bundler: Added informative message about updating DB. Switched most log messages to debug level. Dale Visser 2015-08-30 14:52:55 -04:00
c393e74160 Ruby bundler: Better message and logging when bundle-audit not found. Dale Visser 2015-08-30 14:31:58 -04:00
80c4666198 Ruby bundler: More method extractions to eliminate monolithic method. Dale Visser 2015-08-30 14:16:32 -04:00
ea7bd1f700 Ruby bundler: tidied up how extracted method is used. Dale Visser 2015-08-30 14:06:47 -04:00
b3a55cc85d Ruby bundler: extracted method Dale Visser 2015-08-30 13:57:30 -04:00
036200350d Ruby bundler: add needed null checks to avoid NPEs. Dale Visser 2015-08-30 13:50:22 -04:00
e630c484ff implementing the purge feature as requested in issue #328 Jeremy Long 2015-08-30 07:02:26 -04:00
713e9658c5 Ruby bundler: got description working. Added boilerplate text describing differences from standard D-C vulnerability report. Dale Visser 2015-08-29 12:29:44 -04:00
782039810e Ruby Bundler: Added URL to report. Dale Visser 2015-08-29 11:33:16 -04:00
b473d8ab9c Ruby Bundler: Added URL to report. Dale Visser 2015-08-29 11:28:38 -04:00
2eb6918fb3 Ruby Bundler: Clean up report a little bit, and grouped vulnerabilities under dependencies, when appropriate. Dale Visser 2015-08-29 11:06:24 -04:00
29626666a7 removed debug logging Jeremy Long 2015-08-29 08:38:49 -04:00
dc41c9a671 Merge branch 'master' of github.com:jeremylong/DependencyCheck Jeremy Long 2015-08-29 08:02:42 -04:00
83af70bb59 corrected argument name for the purge nvd option Jeremy Long 2015-08-29 07:57:54 -04:00
b293873640 finished deprecating the application name argument in favor of project name per issue #320 Jeremy Long 2015-08-29 07:12:40 -04:00
8bb92815cb added argument to purge local NVD per issue #328 Jeremy Long 2015-08-29 06:58:13 -04:00
7a8f7199c8 renaming app argument to project per issue #320 Jeremy Long 2015-08-29 06:48:52 -04:00
6f4ce34840 Ruby Bundler: Added CVSS score and a little hack to avoid dependency bundling. Dale Visser 2015-08-28 21:31:01 -04:00
8853552161 Ruby Bundler: Successfully adding vulnerability into report, though all displayed info not looking great. Dale Visser 2015-08-28 19:56:35 -04:00
95d3d17d83 Ruby Bundler: Now successfully creating temp files for dependency objects. Dale Visser 2015-08-28 13:58:49 -04:00
3594280b04 Merge pull request #326 from dwvisser/doc-updates Jeremy Long 2015-08-28 06:12:54 -04:00
1e447c6e3e Merge branch 'master' of github.com:jeremylong/DependencyCheck Jeremy Long 2015-08-28 05:27:16 -04:00
c41a288280 added null checks Jeremy Long 2015-08-28 05:27:00 -04:00
a0492fe944 Merge branch 'upmaster' into ruby-bundler Dale Visser 2015-08-27 14:05:36 -04:00
1fffebd497 Docs: Added Ruby Gemspec analyzer page, fixed typos on Node.js page. Dale Visser 2015-08-26 14:40:36 -04:00
62c05049a7 Docs: Added node.js page, fixed typos in Python page. Dale Visser 2015-08-26 14:25:32 -04:00
0fdf377d45 Docs: Added CMake analyzer page. Dale Visser 2015-08-26 14:11:30 -04:00
6ca8e2644a Docs: Fixed sidebar links to OpenSSL and Python analyzer pages. Dale Visser 2015-08-26 13:59:28 -04:00
4a3061db6d Docs: Added CMake to landing page, and links to Autoconf and CMake. Added missing analyzers to analyzers list. Shortened my analyzer URLs, though not all in site index yet. Dale Visser 2015-08-26 13:54:15 -04:00
61ac81518a Docs: Added Ruby and Node.js to landing page. Added table row for Node.js in Analyzers list. Dale Visser 2015-08-26 12:27:38 -04:00
acd4b4371d Merge pull request #323 from wmaintw/master Jeremy Long 2015-08-26 06:05:38 -04:00

... 16 17 18 19 20 ...