4.0.0 org.owasp dependency-check-parent 3.0.3-SNAPSHOT pom dependency-check-core dependency-check-cli dependency-check-ant dependency-check-maven dependency-check-utils dependency-check-plugin build-reporting Dependency-Check https://github.com/jeremylong/DependencyCheck.git dependency-check is a utility that identifies project dependencies and checks if there are any known, publicly disclosed vulnerabilities. This tool can be part of the solution to the OWASP Top 10 2013: A9 - Using Components with Known Vulnerabilities. 2012 OWASP http://www.owasp.org Jeremy Long jeremy.long@owasp.org OWASP https://www.owasp.org/ architect developer Steve Springett Steve.Springett@owasp.org OWASP https://www.owasp.org/ developer Will Stranathan Will.Stranathan@owasp.org OWASP https://www.owasp.org/ developer Dale Visser dvisser@ida.org Institute for Defense Analyses https://www.ida.org/ developer Hugo Costa OWASP https://www.owasp.org/ logo design scm:git:git@github.com:jeremylong/DependencyCheck.git https://github.com/jeremylong/DependencyCheck scm:git:git@github.com:jeremylong/DependencyCheck.git HEAD github https://github.com/jeremylong/DependencyCheck/issues travis-ci https://travis-ci.org/jeremylong/DependencyCheck Dependency Check dependency-check+subscribe@googlegroups.com dependency-check+unsubscribe@googlegroups.com dependency-check@googlegroups.com https://groups.google.com/forum/?fromgroups#!forum/dependency-check The Apache Software License, Version 2.0 http://www.apache.org/licenses/LICENSE-2.0.txt UTF-8 UTF-8 github 4.7.2 1.9.9 1.7.25 1.2.3 3.5.2 2.17 3.6 1.7 1.8 3.0.2 3.0.0-M1 2.5 2.9 2.20.1 0.7.9 3.0.5 2.4 2.5 1.6 3.0.1u2 2.8.2 1.4.196 1.4 2.6 3.4 1.6.0 4.12 1.3 1.37 1.11.2 1.15 3.0.0 3.3.0 3.5 3.0 3.2.2 1.7 1.4 2.2 1.0.4 0.9.1 snapshot snapshot https://dependencycheck.jfrog.io/dependencycheck/libs-snapshot-local release release https://dependencycheck.jfrog.io/dependencycheck/libs-release-local gh-pages gh-pages https://jeremylong.github.io/DependencyCheck/ clean install org.codehaus.mojo appassembler-maven-plugin 1.10 org.jacoco jacoco-maven-plugin 0.7.9 org.apache.maven.plugins maven-assembly-plugin 3.0.0 org.apache.maven.plugins maven-clean-plugin 3.0.0 org.apache.maven.plugins maven-compiler-plugin 3.6.1 org.apache.maven.plugins maven-dependency-plugin 3.0.0 org.apache.maven.plugins maven-enforcer-plugin 3.0.0-M1 org.codehaus.mojo animal-sniffer-maven-plugin 1.16 org.apache.maven.plugins maven-deploy-plugin 2.8.2 org.apache.maven.plugins maven-failsafe-plugin 2.20 org.apache.maven.plugins maven-gpg-plugin 1.6 org.apache.maven.plugins maven-install-plugin 2.5.2 org.apache.maven.plugins maven-jar-plugin 3.0.2 org.apache.maven.plugins maven-release-plugin 2.5.3 org.apache.maven.plugins maven-resources-plugin 3.0.2 org.apache.maven.plugins maven-site-plugin 3.6 org.apache.maven.plugins maven-surefire-plugin 2.20 org.apache.maven.plugins maven-antrun-plugin 1.8 org.apache.maven.plugins maven-source-plugin 3.0.1 org.apache.maven.plugins maven-javadoc-plugin 2.10.4 org.apache.maven.plugins maven-invoker-plugin 3.0.1 org.codehaus.groovy groovy-all 2.4.11 org.codehaus.mojo versions-maven-plugin 2.5 pre-clean update-properties false org.apache.maven.shared:maven-dependency-treeÏ org.apache.commons:commons-lang3 org.apache.lucene commons-collections:commons-collections joda-time:joda-time org.slf4j org.apache.ant org.glassfish:javax.json org.apache.maven.plugins maven-compiler-plugin -Xlint true 1.7 1.7 org.apache.maven.plugins maven-jar-plugin true **/checkstyle* org.apache.maven.plugins maven-enforcer-plugin org.owasp.maven.enforcer class-file-format-rule 1.0.0 true enforce-java enforce 1.7.0 enforce-classfileformat 51 enforce enforce-maven-3 enforce [3.1,] true org.codehaus.mojo animal-sniffer-maven-plugin signature-check verify check org.codehaus.mojo.signature java17 1.0 org.jacoco jacoco-maven-plugin pre-unit-test prepare-agent ${project.build.directory}/coverage-reports/jacoco-ut.exec surefireArgLine pre-integration-test pre-integration-test prepare-agent ${project.build.directory}/coverage-reports/jacoco-it.exec failsafeArgLine org.codehaus.gmaven gmaven-plugin 1.5 add-dynamic-properties pre-integration-test execute project.properties['invoker.mavenOpts']=project.properties.failsafeArgLine org.apache.maven.plugins maven-surefire-plugin ${surefireArgLine} -Dfile.encoding=UTF-8 data.directory ${project.build.directory}/data temp.directory ${project.build.directory}/temp org.apache.maven.plugins maven-failsafe-plugin ${failsafeArgLine} temp.directory ${project.build.directory}/temp **/*MySqlIT.java integration-test verify org.apache.maven.plugins maven-resources-plugin site-filtering-hack pre-site copy-resources false ${project.build.directory}/site/ src/main/site-resources/ true UTF-8 org.apache.maven.plugins maven-site-plugin org.apache.maven.doxia doxia-module-markdown ${doxia-module-markdown.version} true false org.apache.maven.plugins maven-antrun-plugin ${maven-antrun-plugin.version} copy-xsd compile run org.apache.maven.plugins maven-dependency-plugin ${maven-dependency-plugin.version} org.apache.maven.plugins maven-javadoc-plugin ${maven-javadoc-plugin.version} false Copyright© 2012-17 Jeremy Long. All Rights Reserved. default javadoc org.apache.maven.plugins maven-jxr-plugin ${maven-jxr-plugin.version} org.apache.maven.plugins maven-project-info-reports-plugin ${maven-project-info-reports-plugin.version} cim summary mailing-list issue-tracking modules project-team scm license org.apache.maven.plugins maven-surefire-report-plugin ${maven-surefire-report-plugin.version} report-only org.jacoco jacoco-maven-plugin ${jacoco-maven-plugin.version} target/coverage-reports/jacoco-ut.exec target/coverage-reports/jacoco-it.exec report-aggregate org.codehaus.mojo findbugs-maven-plugin ${findbugs-maven-plugin.version} org.codehaus.mojo taglist-maven-plugin ${taglist-maven-plugin.version} Todo Work todo ignoreCase FIXME exact org.codehaus.mojo versions-maven-plugin ${versions-maven-plugin.version} dependency-updates-report plugin-updates-report joda-time joda-time ${joda-time.version} com.google.code.findbugs annotations ${com.google.code.findbugs.annotations.version} com.google.code.gson gson ${com.google.code.gson.version} com.h2database h2 ${com.h2database.version} commons-cli commons-cli ${commons-cli.version} commons-io commons-io ${commons-io.version} org.apache.commons commons-lang3 ${commons-lang3.version} com.sun.mail mailapi ${com.sun.mail.mailapi.version} ch.qos.logback logback-core ${logback.version} ch.qos.logback logback-classic ${logback.version} junit junit ${junit.version} test org.apache.commons commons-compress ${commons-compress.version} org.apache.ant ant ${apache.ant.version} org.apache.ant ant-testutil ${apache.ant.version} org.apache.lucene lucene-analyzers-common ${apache.lucene.version} org.apache.lucene lucene-core ${apache.lucene.version} org.apache.lucene lucene-queryparser ${apache.lucene.version} org.apache.lucene lucene-test-framework ${apache.lucene.version} org.apache.maven maven-core ${maven.api.version} org.apache.maven maven-plugin-api ${maven.api.version} org.apache.maven.shared file-management ${org.apache.maven.shared.file-management.version} org.apache.maven maven-settings ${maven.api.version} org.apache.maven.plugin-testing maven-plugin-testing-harness ${maven-plugin-testing-harness.version} org.apache.maven.plugin-tools maven-plugin-annotations ${maven-plugin-annotations.version} org.apache.maven.reporting maven-reporting-api ${maven-reporting-api.version} commons-collections commons-collections ${commons-collections.version} org.apache.velocity velocity ${org.apache.velocity.version} org.sonatype.plexus plexus-sec-dispatcher ${plexus-sec-dispatcher.version} org.apache.maven.shared maven-dependency-tree ${maven-dependency-tree.version} org.glassfish javax.json ${org.glassfish.javax.json.version} org.hamcrest hamcrest-core ${hamcrest-core.version} test org.jmockit jmockit ${org.jmockit.version} test org.jsoup jsoup ${jsoup.version} org.slf4j slf4j-api ${slf4j.version} org.slf4j slf4j-simple ${slf4j.version} org.apache.maven.shared maven-artifact-transfer ${maven-artifact-transfer.version} junit junit test org.hamcrest hamcrest-core test com.google.code.findbugs annotations provided