4.0.0 org.owasp dependency-check-parent 3.1.2-SNAPSHOT dependency-check-core jar Dependency-Check Core dependency-check-core is the engine and reporting tool used to identify and report if there are any known, publicly disclosed vulnerabilities in the scanned project's dependencies. The engine extracts meta-data from the dependencies and uses this to do fuzzy key-word matching against the Common Platfrom Enumeration (CPE), if any CPE identifiers are found the associated Common Vulnerability and Exposure (CVE) entries are added to the generated report. src/main/resources **/*.properties **/schema/*.xsd true ${basedir}/.. META-INF LICENSE.txt NOTICE.txt src/main/resources **/*.properties **/*.gif **/*.js **/schema/**/*.xsd **/schema/**/*.xml **/schema/**/*.bat **/schema/**/*.sh false src/test/resources **/*.properties true ${basedir}/../src/test/resources false ${basedir}/src/test/resources false org.apache.maven.plugins maven-dependency-plugin generate-resources copy-dependencies ${project.build.directory}/test-classes test dependency-check-utils org.apache.maven.plugins maven-jar-plugin test-jar package test-jar **/*.class com.vdurmont semver4j joda-time joda-time com.google.code.findbugs annotations true org.slf4j slf4j-api ch.qos.logback logback-classic test org.owasp dependency-check-utils ${project.parent.version} org.apache.lucene lucene-test-framework test org.jmockit jmockit test org.apache.commons commons-compress commons-io commons-io org.apache.commons commons-lang3 org.apache.lucene lucene-core org.apache.lucene lucene-analyzers-common org.apache.lucene lucene-queryparser org.apache.velocity velocity com.h2database h2 runtime org.glassfish javax.json org.jsoup jsoup com.sun.mail mailapi com.google.code.gson gson org.apache.maven.scm maven-scm-provider-cvsexe 1.8.1 test true org.springframework spring-webmvc 2.5.5 test true org.springframework.security spring-security-web 3.0.0.RELEASE test true com.hazelcast hazelcast 2.5 test true net.sf.ehcache ehcache-core 2.2.0 test true org.apache.struts struts2-core 2.1.2 test true org.mortbay.jetty jetty 6.1.0 test true org.apache.axis2 axis2-spring 1.4.1 test true org.apache.axis2 axis2-adb 1.4.1 test true org.apache.geronimo.daytrader daytrader-ear 2.1.7 ear test true org.glassfish.main.admingui war 4.0 war test true org.dojotoolkit dojo-war 1.3.0 war test true org.apache.openjpa openjpa 2.0.1 test true com.google.inject guice 3.0 test true org.springframework.retry spring-retry 1.1.0.RELEASE test true uk.ltd.getahead dwr 1.1.1 test true xalan xalan 2.7.0 test true com.thoughtworks.xstream xstream 1.4.8 test true MySQL-IntegrationTest mysql org.apache.maven.plugins maven-failsafe-plugin data.driver_path ${driver_path} data.driver_name ${driver_name} data.connection_string ${connection_string} **/*MySqlIT.java integration-test verify Postgresql-IntegrationTest postgresql org.postgresql postgresql 9.4-1204-jdbc42 org.apache.maven.plugins maven-failsafe-plugin data.driver_path ${driver_path} data.driver_name ${driver_name} data.connection_string ${connection_string} **/*MySqlIT.java integration-test verify