mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-14 15:53:36 +01:00

Files

Will Stranathan 07e6477686 Fixed two discrepancies in the CLI options

1) Proxy port and Properties files were both using -p. Now the
properties file uses -P.
2) Nexus Proxy was defaulting to true, even if the properties said
false, so moved the check for its setting to happen after the properties
were merged and had it default to checking the properties file and
setting it to true if the properties didn't say.


Former-commit-id: 9dd50ca9af906a15143dae153b807700bb385054

2014-03-08 18:58:39 -05:00

config

updated header to check for cli instead of core

2014-01-25 11:02:10 -05:00

src

Fixed two discrepancies in the CLI options

2014-03-08 18:58:39 -05:00

LICENSE.txt

updated license to Apache 2.0

2014-01-16 18:34:02 -05:00

NOTICE.txt

releasing updates from private repo

2013-07-31 10:21:31 -04:00

pom.xml

updated version to 1.1.3-SNAPSHOT

2014-03-04 07:33:27 -05:00

README.md

updated license to Apache 2.0

2014-01-16 18:34:02 -05:00

README.md

Dependency-Check Command Line

Dependency-Check Command Line can be used to check project dependencies for published security vulnerabilities. The checks performed are a "best effort" and as such, there could be false positives as well as false negatives. However, vulnerabilities in 3rd party components is a well-known problem and is currently documented in the 2013 OWASP Top 10 as A9 - Using Components with Known Vulnerabilities.

Documentation and links to production binary releases can be found on the github pages.

Mailing List

Subscribe: dependency-check+subscribe@googlegroups.com

Post: dependency-check@googlegroups.com

Copyright & License

Permission to modify and redistribute is granted under the terms of the Apache 2.0 license. See the LICENSE.txt file for the full license.

Dependency-Check Command Line makes use of other open source libraries. Please see the NOTICE.txt file for more information.