tarakg comments

Results 4 comments of


                                            tarakg

Support for "dll" references (non-nuget) projects in .NET based projects

@stevespringett And, I do agree - type, name and version is needed. Will it be feasible to to pick the relative paths (of dynamic link libraries) from the .NET project...

Support for "dll" references (non-nuget) projects in .NET based projects

@coderpatros I would like it to support both. One thing I figured out though is that this tool will not help "identify & add" the CPE information - something that...

Support for "dll" references (non-nuget) projects in .NET based projects

> @tarakg Dependency-Check does not identify CPE's. It performs fuzzy matching against CPEs in hopes of a match. Each match has a confidence score. DC is centered around evidence-based analysis....

Support for "dll" references (non-nuget) projects in .NET based projects

@Steve Do you know if NIST has officially announced a summer 2020 timeframe? I checked https://csrc.nist.gov/Projects/Software-Identification-SWID/news . Didn't see anything new. One more thing, do you have any plans for...