Jeremy Long

icon indicating a website link https://infosec.exchange/@ctxt icon indicating an email [email protected]

icon location Oak Hill, VA icon location Founder and project lead for dependency-check.

Results 16 issues of Jeremy Long

build(deps): bump com.h2database:h2 from 2.1.214 to 2.2.224

11 comment

Pending a resolution to https://github.com/gradle/gradle/issues/27156

False Positive on jenkins.war: LTS versions

2 comment

False positives exist due to how LTS versions are listed in the NVD. See https://github.com/jeremylong/DependencyCheck/issues/3364#issuecomment-888560473

enhancement
FP Report

feat: consolidate proxy configuration

Currently two proxy configurations are used. System properties and the original proxy configuration. This should be consolidated to use just the system properties used by the open-vulnerability-client.

enhancement

Add Dependency Source

6 comment

Currently, ODC primarily tracks the file path of the dependency - not necessarily the "source". If scanning a pom.xml we do not provide the path to the pom. We do...

enhancement

feat: upgrade to dotnet 8.0

1 comment

Upgrade to dotnet 8.0.

tests
core

Add Support for Open Source Insights

While not specifically vulnerability data - this could be useful to a lot of projects that utilize vulnerability data. https://deps.dev/ See https://github.com/jeremylong/DependencyCheck/issues/5871

enhancement