Jeremy Long

icon indicating a website link https://infosec.exchange/@ctxt icon indicating an email [email protected]

icon location Oak Hill, VA icon location Founder and project lead for dependency-check.

Results 106 comments of Jeremy Long

Empty license column in report.

Many technology stacks will likely have a blank license as identification of the license is a best effort. In most cases this may only be populated on Java libraries.

Poetry and Archive analyzers fail when run together after building project

Have you considered not scanning the dist directory?

Poetry and Archive analyzers fail when run together after building project

Any suggestion on where this should be documented?

Make skipTestGroups resolution logic configurable

resolved with comment https://github.com/dependency-check/dependency-check-gradle/issues/22#issuecomment-575568801. Leaving #22 open for now as documentation - until I get a chance to update the official documentation.

How to use this with Android projects?

Anyone have an example project that fails? From the above question - I have no clue what is going on. If we have a concrete example I can help.

Regex support for scanConfigurations and skipConfigurations

The solution to the problem is the above comment: https://github.com/dependency-check/dependency-check-gradle/issues/22#issuecomment-575568801