4.0.0 org.owasp dependency-check 0.3.2.4-SNAPSHOT jar DependencyCheck https://github.com/jeremylong/DependencyCheck.git Dependency-Check is a utility that attempts to detect publicly disclosed vulnerabilities contained within project dependencies. It does this by determining if there is a Common Platform Enumeration (CPE) identifier for a given dependency. If found, it will generate a report linking to the associated CVE entries. 2012 owasp Jeremy Long jeremy.long@owasp.org OWASP https://www.owasp.org/index.php/OWASP_Dependency_Check architect developer Steve Springett Steve.Springett@owasp.org OWASP https://www.owasp.org/index.php/OWASP_Dependency_Check contributor scm:git:git@github.com:jeremylong/DependencyCheck.git https://github.com/jeremylong/DependencyCheck.git scm:git:git@github.com:jeremylong/DependencyCheck.git github https://github.com/jeremylong/DependencyCheck/issues Dependency Check dependency-check+subscribe@googlegroups.com dependency-check+unsubscribe@googlegroups.com dependency-check@googlegroups.com https://groups.google.com/forum/?fromgroups#!forum/dependency-check GNU General Public License version 3 http://www.gnu.org/licenses/ UTF-8 UTF-8 src/main/resources **/*.properties true src/main/resources **/*.properties **/*.gif **/*.js **/schema/**/*.xsd **/schema/**/*.xml **/schema/**/*.bat **/schema/**/*.sh false org.apache.maven.plugins maven-release-plugin 2.4.1 org.apache.maven.plugins maven-javadoc-plugin 2.9 Copyright© 2012 Jeremy Long. All Rights Reserved. org.apache.maven.plugins maven-dependency-plugin 2.7 package copy-dependencies ${project.build.directory}/lib provided org.apache.maven.plugins maven-jar-plugin 2.4 org.owasp.dependencycheck.App true true lib/ **/checkstyle* org.codehaus.mojo cobertura-maven-plugin 2.5.2 *$KEYS.class *$Element.class *$KEYS.class *$Element.class 85 85 false 85 85 85 85 .*\$.* 0 0 org.owasp.dependencycheck.data.cpe.Fields 0 0 org.owasp.dependencycheck.App 0 0 clean org.apache.maven.plugins maven-surefire-plugin 2.14 net.sourceforge.cobertura.datafile ${project.build.directory}/cobertura/cobertura.ser target cve target/data/cve cpe target/data/cpe **/*IntegrationTest.java org.apache.maven.plugins maven-failsafe-plugin 2.14 cve target/data/cve cpe target/data/cpe **/*IntegrationTest.java integration-test verify org.apache.maven.plugins maven-site-plugin 3.2 org.apache.maven.plugins maven-project-info-reports-plugin 2.6 mailing-list index summary license scm issue-tracking dependencies plugin-management project-team org.codehaus.mojo versions-maven-plugin 2.0 dependency-updates-report plugin-updates-report org.apache.maven.plugins maven-jxr-plugin 2.3 org.apache.maven.plugins maven-surefire-report-plugin 2.14 report-only org.codehaus.mojo cobertura-maven-plugin 2.5.2 org.apache.maven.plugins maven-pmd-plugin 3.0.1 1.6 true utf-8 **/generated/*.java org.codehaus.mojo taglist-maven-plugin 2.4 Todo Work todo ignoreCase FIXME exact org.apache.maven.plugins maven-javadoc-plugin 2.9 default javadoc org.apache.maven.plugins maven-checkstyle-plugin 2.10 false src/main/config/checkstyle-checks.xml org.apache.maven.plugins maven-surefire-report-plugin 2.14 integration-tests report-only failsafe-report-only org.codehaus.mojo findbugs-maven-plugin 2.5.2 com.google.code.findbugs annotations 2.0.1 provided commons-cli commons-cli 1.2 commons-io commons-io 2.4 commons-lang commons-lang 2.5 junit junit 4.11 test jar org.apache.lucene lucene-core 4.3.0 org.apache.lucene lucene-analyzers-common 4.3.0 org.apache.lucene lucene-queryparser 4.3.0 org.apache.velocity velocity 1.7 org.apache.velocity velocity-tools 2.0 commons-chain commons-chain javax.servlet servlet-api commons-validator commons-validator dom4j dom4j sslext sslext org.apache.struts struts-core antlr antlr org.apache.struts struts-taglib org.apache.struts struts-tiles com.h2database h2 1.3.172 org.jsoup jsoup 1.7.2 jar