mirror of
https://github.com/ysoftdevs/DependencyCheck.git
synced 2026-01-14 07:43:40 +01:00
19 lines
559 B
Plaintext
19 lines
559 B
Plaintext
About:
|
|
DependencyCheck is a simple utility that attempts to determine if there is a
|
|
Common Product Enumeration (CPE) identifier for a given project dependency.
|
|
If found, it will generate a report linking to the associated CVE entries.
|
|
|
|
Usage:
|
|
Still under development: mvn package site
|
|
|
|
java -jar dependencycheck-0.1.jar -h
|
|
|
|
TODO:
|
|
Add CVE download/indexing and CPE lookup.
|
|
Finish report generation (xml).
|
|
Consider utilizing the OSVDB in addition to CPE/CVE.
|
|
|
|
Author: Jeremy Long (jeremy.long@gmail.com)
|
|
|
|
Copyright (c) 2012 Jeremy Long. All Rights Reserved.
|