4.0.0 org.owasp dependency-check-parent 1.2.7-SNAPSHOT dependency-check-core jar Dependency-Check Core dependency-check-core is the engine and reporting tool used to identify and report if there are any known, publicly disclosed vulnerabilities in the scanned project's dependencies. The engine extracts meta-data from the dependencies and uses this to do fuzzy key-word matching against the Common Platfrom Enumeration (CPE), if any CPE identifiers are found the associated Common Vulnerability and Exposure (CVE) entries are added to the generated report. github-pages-site Deployment through GitHub's site deployment plugin ${basedir}/../target/site/${project.version}/dependency-check-core src/main/resources **/*.properties **/schema/*.xsd true ${basedir}/.. META-INF LICENSE.txt NOTICE.txt src/main/resources **/*.properties **/*.gif **/*.js **/schema/**/*.xsd **/schema/**/*.xml **/schema/**/*.bat **/schema/**/*.sh false src/test/resources **/*.properties true ${basedir}/../src/test/resources false ${basedir}/src/test/resources **/mysql-connector-java-5.1.27-bin.jar false org.apache.maven.plugins maven-dependency-plugin 2.8 generate-resources copy-dependencies ${project.build.directory}/test-classes provided org.apache.maven.plugins maven-jar-plugin 2.4 jar package jar test-jar package test-jar true **/checkstyle* org.codehaus.mojo cobertura-maven-plugin 2.6 true .*\$KEYS\.class .*\$Element\.class .*\$KEYS\.class .*\$Element\.class 85 85 false 85 85 85 85 .*\$.* 0 0 org.owasp.dependencycheck.data.cpe.Fields 0 0 org.owasp.dependencycheck.App 0 0 clean org.apache.maven.plugins maven-surefire-plugin 2.16 data.directory ${project.build.directory}/data temp.directory ${project.build.directory}/temp **/*IntegrationTest.java **/*MySQLTest.java org.apache.maven.plugins maven-failsafe-plugin 2.16 data.directory ${project.build.directory}/data temp.directory ${project.build.directory}/temp **/*IntegrationTest.java integration-test verify org.apache.maven.plugins maven-site-plugin 3.3 org.apache.maven.doxia doxia-module-markdown 1.5 true org.apache.maven.plugins maven-project-info-reports-plugin 2.7 index summary license help org.apache.maven.plugins maven-javadoc-plugin 2.9.1 Copyright© 2012-14 Jeremy Long. All Rights Reserved. default javadoc org.codehaus.mojo versions-maven-plugin 2.1 dependency-updates-report plugin-updates-report org.apache.maven.plugins maven-jxr-plugin 2.4 org.codehaus.mojo cobertura-maven-plugin 2.6 org.apache.maven.plugins maven-surefire-report-plugin 2.16 report-only integration-tests report-only failsafe-report-only org.codehaus.mojo taglist-maven-plugin 2.4 Todo Work todo ignoreCase FIXME exact org.apache.maven.plugins maven-checkstyle-plugin 2.11 false ${basedir}/../src/main/config/checkstyle-checks.xml ${basedir}/../src/main/config/checkstyle-header.txt ${basedir}/../src/main/config/checkstyle-suppressions.xml checkstyle.suppressions.file org.apache.maven.plugins maven-pmd-plugin 3.1 1.6 true utf-8 **/generated/*.java ../src/main/config/dcrules.xml /rulesets/java/basic.xml /rulesets/java/imports.xml /rulesets/java/unusedcode.xml org.codehaus.mojo findbugs-maven-plugin 2.5.3 org.codehaus.mojo javancss-maven-plugin 2.0 org.apache.maven.plugins maven-compiler-plugin 3.1 false -Xlint:unchecked 1.6 1.6 org.owasp dependency-check-utils ${project.parent.version} org.apache.lucene lucene-test-framework 4.3.1 test com.google.code.findbugs annotations 2.0.1 true commons-cli commons-cli 1.2 org.apache.commons commons-compress 1.8.1 commons-io commons-io 2.4 commons-lang commons-lang 2.5 org.apache.lucene lucene-core 4.5.1 org.apache.lucene lucene-analyzers-common 4.5.1 org.apache.lucene lucene-queryparser 4.5.1 org.apache.velocity velocity 1.7 com.h2database h2 1.3.172 org.jsoup jsoup 1.7.2 jar org.apache.maven.scm maven-scm-provider-cvsexe 1.8.1 provided true org.springframework spring-webmvc 2.5.5 provided true org.springframework.security spring-security-web 3.0.0.RELEASE provided true com.hazelcast hazelcast 2.5 provided true net.sf.ehcache ehcache-core 2.2.0 provided true org.apache.struts struts2-core 2.1.2 provided true org.mortbay.jetty jetty 6.1.0 provided true org.apache.axis2 axis2-spring 1.4.1 provided true org.apache.axis2 axis2-adb 1.4.1 provided true org.apache.geronimo.daytrader daytrader-ear 2.1.7 ear provided true org.glassfish.main.admingui war 4.0 war provided true org.dojotoolkit dojo-war 1.3.0 war provided true org.apache.openjpa openjpa 2.0.1 provided true com.google.inject guice 3.0 provided true org.springframework.retry spring-retry 1.1.0.RELEASE provided true MySQL-IntegrationTest mysql org.apache.maven.plugins maven-surefire-plugin 2.16 true org.apache.maven.plugins maven-failsafe-plugin 2.16 data.driver_path ${basedir}/${driver_path} data.driver_name ${driver_name} data.connection_string ${connection_string} **/*MySQLTest.java integration-test verify False Positive Tests allTests org.apache.xmlgraphics batik-util 1.7 provided true com.thoughtworks.xstream xstream 1.4.2 provided true org.apache.ws.security wss4j 1.5.7 provided true com.ganyo gcm-server 1.0.2 provided true org.python jython-standalone 2.7-b1 provided true org.jruby jruby-complete 1.7.4 provided true org.jruby jruby 1.6.3 provided true org.glassfish.jersey.core jersey-client 2.12 provided true com.sun.jersey jersey-client 1.11.1 provided true com.sun.faces jsf-impl 2.2.8-02 provided true