4.0.0 org.owasp dependency-check-parent 3.0.3-SNAPSHOT pom dependency-check-core dependency-check-cli dependency-check-ant dependency-check-maven dependency-check-utils dependency-check-plugin build-reporting Dependency-Check https://github.com/jeremylong/DependencyCheck.git dependency-check is a utility that identifies project dependencies and checks if there are any known, publicly disclosed vulnerabilities. This tool can be part of the solution to the OWASP Top 10 2013: A9 - Using Components with Known Vulnerabilities. 2012 OWASP http://www.owasp.org Jeremy Long jeremy.long@owasp.org OWASP https://www.owasp.org/ architect developer Steve Springett Steve.Springett@owasp.org OWASP https://www.owasp.org/ developer Will Stranathan Will.Stranathan@owasp.org OWASP https://www.owasp.org/ developer Dale Visser dvisser@ida.org Institute for Defense Analyses https://www.ida.org/ developer Hugo Costa OWASP https://www.owasp.org/ logo design scm:git:git@github.com:jeremylong/DependencyCheck.git https://github.com/jeremylong/DependencyCheck scm:git:git@github.com:jeremylong/DependencyCheck.git HEAD github https://github.com/jeremylong/DependencyCheck/issues travis-ci https://travis-ci.org/jeremylong/DependencyCheck Dependency Check dependency-check+subscribe@googlegroups.com dependency-check+unsubscribe@googlegroups.com dependency-check@googlegroups.com https://groups.google.com/forum/?fromgroups#!forum/dependency-check The Apache Software License, Version 2.0 http://www.apache.org/licenses/LICENSE-2.0.txt UTF-8 UTF-8 github 4.7.2 1.9.8 1.7.24 1.2.0 3.0 2.17 3.6 1.7 1.8 2.10 2.10.4 2.5 2.9 2.19.1 0.7.9 3.0.4 2.4 2.3 1.6 3.0.1u2 2.4 1.4.196 1.4 2.5 3.4 1.5.6 4.12 1.3 1.27 1.10.2 1.14 3.0.0 3.3.0 3.5 3.0 3.2.2 1.7 1.4 2.2 1.0.4 0.9.0 snapshot snapshot https://dependencycheck.jfrog.io/dependencycheck/libs-snapshot-local release release https://dependencycheck.jfrog.io/dependencycheck/libs-release-local gh-pages gh-pages https://jeremylong.github.io/DependencyCheck/ clean install org.codehaus.mojo appassembler-maven-plugin 1.10 org.jacoco jacoco-maven-plugin 0.7.9 org.apache.maven.plugins maven-assembly-plugin 3.0.0 org.apache.maven.plugins maven-clean-plugin 3.0.0 org.apache.maven.plugins maven-compiler-plugin 3.6.1 org.apache.maven.plugins maven-dependency-plugin 3.0.0 org.apache.maven.plugins maven-enforcer-plugin 1.4.1 org.codehaus.mojo animal-sniffer-maven-plugin 1.15 org.apache.maven.plugins maven-deploy-plugin 2.8.2 org.apache.maven.plugins maven-failsafe-plugin 2.20 org.apache.maven.plugins maven-gpg-plugin 1.6 org.apache.maven.plugins maven-install-plugin 2.5.2 org.apache.maven.plugins maven-jar-plugin 3.0.2 org.apache.maven.plugins maven-release-plugin 2.5.3 org.apache.maven.plugins maven-resources-plugin 3.0.2 org.apache.maven.plugins maven-site-plugin 3.6 org.apache.maven.plugins maven-surefire-plugin 2.20 org.apache.maven.plugins maven-antrun-plugin 1.8 org.apache.maven.plugins maven-source-plugin 3.0.1 org.apache.maven.plugins maven-javadoc-plugin 2.10.4 org.apache.maven.plugins maven-invoker-plugin 3.0.1 org.codehaus.groovy groovy-all 2.4.11 org.codehaus.mojo versions-maven-plugin 2.5 pre-clean update-properties false org.apache.maven.shared:maven-dependency-tree joda-time:joda-time org.apache.commons:commons-lang3 org.apache.lucene org.apache.maven.plugins maven-compiler-plugin -Xlint true 1.7 1.7 org.apache.maven.plugins maven-jar-plugin true **/checkstyle* org.apache.maven.plugins maven-enforcer-plugin enforce-java enforce 1.7.0 true org.apache.maven.plugins maven-enforcer-plugin enforce-maven-3 enforce [3.1,] true org.codehaus.mojo animal-sniffer-maven-plugin signature-check verify check org.codehaus.mojo.signature java17 1.0 org.jacoco jacoco-maven-plugin pre-unit-test prepare-agent ${project.build.directory}/coverage-reports/jacoco-ut.exec surefireArgLine pre-integration-test pre-integration-test prepare-agent ${project.build.directory}/coverage-reports/jacoco-it.exec failsafeArgLine org.codehaus.gmaven gmaven-plugin 1.5 add-dynamic-properties pre-integration-test execute project.properties['invoker.mavenOpts']=project.properties.failsafeArgLine org.apache.maven.plugins maven-surefire-plugin ${surefireArgLine} -Dfile.encoding=UTF-8 data.directory ${project.build.directory}/data temp.directory ${project.build.directory}/temp org.apache.maven.plugins maven-failsafe-plugin ${failsafeArgLine} temp.directory ${project.build.directory}/temp **/*MySqlIT.java integration-test verify org.apache.maven.plugins maven-resources-plugin site-filtering-hack pre-site copy-resources false ${project.build.directory}/site/ src/main/site-resources/ true UTF-8 org.apache.maven.plugins maven-site-plugin org.apache.maven.doxia doxia-module-markdown ${doxia-module-markdown.version} true false org.apache.maven.plugins maven-antrun-plugin ${maven-antrun-plugin.version} copy-xsd compile run org.apache.maven.plugins maven-dependency-plugin ${maven-dependency-plugin.version} org.apache.maven.plugins maven-javadoc-plugin ${maven-javadoc-plugin.version} false Copyright© 2012-17 Jeremy Long. All Rights Reserved. default javadoc org.apache.maven.plugins maven-jxr-plugin ${maven-jxr-plugin.version} org.apache.maven.plugins maven-project-info-reports-plugin ${maven-project-info-reports-plugin.version} cim summary mailing-list issue-tracking modules project-team scm license org.apache.maven.plugins maven-surefire-report-plugin ${maven-surefire-report-plugin.version} report-only org.jacoco jacoco-maven-plugin ${jacoco-maven-plugin.version} target/coverage-reports/jacoco-ut.exec target/coverage-reports/jacoco-it.exec report-aggregate org.codehaus.mojo findbugs-maven-plugin ${findbugs-maven-plugin.version} org.codehaus.mojo taglist-maven-plugin ${taglist-maven-plugin.version} Todo Work todo ignoreCase FIXME exact org.codehaus.mojo versions-maven-plugin ${versions-maven-plugin.version} dependency-updates-report plugin-updates-report joda-time joda-time ${joda-time.version} com.google.code.findbugs annotations ${com.google.code.findbugs.annotations.version} com.google.code.gson gson ${com.google.code.gson.version} com.h2database h2 ${com.h2database.version} commons-cli commons-cli ${commons-cli.version} commons-io commons-io ${commons-io.version} org.apache.commons commons-lang3 ${commons-lang3.version} com.sun.mail mailapi ${com.sun.mail.mailapi.version} ch.qos.logback logback-core ${logback.version} ch.qos.logback logback-classic ${logback.version} junit junit ${junit.version} test org.apache.commons commons-compress ${commons-compress.version} org.apache.ant ant ${apache.ant.version} org.apache.ant ant-testutil ${apache.ant.version} org.apache.lucene lucene-analyzers-common ${apache.lucene.version} org.apache.lucene lucene-core ${apache.lucene.version} org.apache.lucene lucene-queryparser ${apache.lucene.version} org.apache.lucene lucene-test-framework ${apache.lucene.version} org.apache.maven maven-core ${maven.api.version} org.apache.maven maven-plugin-api ${maven.api.version} org.apache.maven.shared file-management ${org.apache.maven.shared.file-management.version} org.apache.maven maven-settings ${maven.api.version} org.apache.maven.plugin-testing maven-plugin-testing-harness ${maven-plugin-testing-harness.version} org.apache.maven.plugin-tools maven-plugin-annotations ${maven-plugin-annotations.version} org.apache.maven.reporting maven-reporting-api ${maven-reporting-api.version} commons-collections commons-collections ${commons-collections.version} org.apache.velocity velocity ${org.apache.velocity.version} org.sonatype.plexus plexus-sec-dispatcher ${plexus-sec-dispatcher.version} org.apache.maven.shared maven-dependency-tree ${maven-dependency-tree.version} org.glassfish javax.json ${org.glassfish.javax.json.version} org.hamcrest hamcrest-core ${hamcrest-core.version} test org.jmockit jmockit ${org.jmockit.version} test org.jsoup jsoup ${jsoup.version} org.slf4j slf4j-api ${slf4j.version} org.slf4j slf4j-simple ${slf4j.version} org.apache.maven.shared maven-artifact-transfer ${maven-artifact-transfer.version} junit junit test org.hamcrest hamcrest-core test com.google.code.findbugs annotations provided