fdd5b9f8d5
Fixed timestamp parsing
2020-01-31 13:43:12 +01:00
822bb956d1
Fix outdated vulnerability database check
2020-01-31 07:34:11 +01:00
c537a5c5c5
Adapt for new version of ODC database
2020-01-31 02:19:48 +01:00
52c3228ac3
Add support for newer ODC
2020-01-31 00:53:40 +01:00
237f6638a0
Revert "Added some tests"
...
This reverts commit 70984229f0
2020-01-24 12:26:41 +01:00
70984229f0
Added some tests
2020-01-23 10:02:26 +01:00
2db75d0617
Switch to PostgreSQL
2020-01-23 10:02:05 +01:00
7dfe71b8b9
Added Maven internal dependencies to API
2019-06-05 16:00:04 +02:00
f7d6fa0f8e
Filter profiles on a better place
2019-01-21 13:00:48 +01:00
8077c249c9
Blacklist some directories as framework names
2019-01-21 10:24:44 +01:00
8b8c072510
Added support for scanning of non-JAR packages from Maven
2018-10-22 12:49:17 +02:00
ef5d7e911d
Update for support of ODC 3.3.2
2018-09-26 15:35:02 +02:00
181a4c596c
Adjusted formatting of library identifiers in vulnerability details
2018-04-16 10:34:50 +02:00
a2a4ee01c7
Report proper error messages when filter is wrong project or wrong team
2018-03-21 10:45:11 +01:00
e6e9d4c940
Added API endpoint for statistics.
2018-03-21 10:15:28 +01:00
dcc109a729
Added support for scanning transitive dependencies for .NET libraries (except those with unlimited set of supported TMFs).
2018-03-07 13:59:43 +01:00
d87535df84
Added warning for WebJars other than NPM.
2018-03-02 15:57:42 +01:00
15f8319de9
Added API for lisling vulnerabilities
2018-03-02 07:43:07 +01:00
d56ffbccc6
Makes also working directory fixed for a single scan. Also, ODC path is resolved from working directory. As a result, one can atomically swap symlinks without affecting ongoing scans.
2018-02-28 17:16:07 +01:00
bc2e6589fb
Make ODC installation fixed during a single scan. As a result, one can atomically swap symlinks without affecting ongoing scans.
2018-02-28 13:07:36 +01:00
9836c5040f
Fix support for empty CVSS score tags.
2018-02-14 15:42:03 +01:00
e766abf38c
Adapted for current ODC output format
2018-02-14 09:21:42 +01:00
8095deae70
Fixed handling of slightly diverging dependencies (e.g., different filename) when comparing scans. It used to be considered as two separate dependencies. This caused such dependencies to appear in both added and removed dependencies.
2018-02-05 10:36:47 +01:00
d57b9aeb97
Added support for installed plugins in Maven scans.
2017-12-20 15:06:12 +01:00
5f9546934e
When comparing, also list vulnerable dependencies
2017-12-08 17:08:59 +01:00
644bd3b539
Give more information when comparing commits.
2017-12-08 15:58:08 +01:00
9343619ca9
Initial support for virtual dependencies.
...
Well, they will probably not work anyway, because they don't have hashes. But at this point, at least the parser does not crash at isVirtual="false"
2017-12-08 12:20:07 +01:00
39ba123efc
Added support for comparison of scans
2017-12-08 10:18:25 +01:00
2e21f78105
Added search for newer NuGet
2017-11-15 16:28:31 +01:00
0735ef5dd2
Added a minor comment
2017-11-15 16:28:02 +01:00
53890026b4
Removed unneeded library
2017-10-16 16:56:57 +02:00
65232504cb
Updated confidence highlighting
2017-10-16 09:24:55 +02:00
2a95b07b54
Added more fail safety for vulnerability export.
...
This should affect all exports when a vulnerability disappears.
2017-10-11 16:54:40 +02:00
cdb31dcc4e
Failsafe behavior for e-mail notifications.
...
If the vulnerability is not found, it now does its best for providing relevant information. Even if no additional information (other than vulnerability identifier) can be provided, it does not cause an exception when sending e-mail. Which is the main point of this improvement.
2017-10-11 15:48:20 +02:00
8688ffd730
Added identifier confidence
2017-10-09 15:46:23 +02:00
1097e77d1c
Preffer CPE identifiers
2017-10-09 15:01:04 +02:00
e43cee7743
E-mail export: More descriptive error message when some vulnerability is missing
2017-10-06 11:05:57 +02:00
876086ce3f
Fixed issue with newlines in JIRA export
2017-10-06 10:06:53 +02:00
629b42d943
Added throttling to JIRA in order to make it more server friendly
2017-09-11 23:48:38 +02:00
a155188fec
Fixed affected projects not appearing in some views
2017-08-02 09:55:41 +02:00
f8e073cc54
.NET scans are now able to detect a missing library
2017-08-01 16:26:55 +02:00
4ac4b7b501
Improved main library detection for .NET
2017-08-01 16:14:55 +02:00
9a93099f60
Added config option for NuGet -source
2017-08-01 16:04:19 +02:00
22e4cff12b
Added .NET scans.
2017-08-01 15:28:34 +02:00
b23cc3e3dc
Menu made smaller in order to better fit all the items
2017-08-01 09:47:04 +02:00
5534b442dc
Removed a legacy buildfile
2017-07-31 16:20:22 +02:00
bff5478355
Added a missing note for ODC config
2017-07-31 16:19:49 +02:00
2d1198d7cc
Changed plot descriptions
2017-07-31 16:19:28 +02:00
0ec8928ff7
Moved Status to “…”
2017-07-31 16:19:13 +02:00
2049759430
Added new ODC scans for Java libraries. Those can scan even transitive dependencies and can be run before adding a new library to a project.
2017-07-31 14:35:03 +02:00
Šesták Vít