updated docs to better list the languages/technologies supported

jeremylong · Apr 21, 2022 · 501413a · 501413a
1 parent da71814
commit 501413a
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 9 deletions.
diff --git a/src/site/markdown/analyzers/index.md b/src/site/markdown/analyzers/index.md
@@ -6,7 +6,7 @@ to extract identification information from the files analyzed.
 | Analyzer | File Types Scanned | Analysis Method |
 | -------- | ------------------ | --------------- |
 | [Archive](./archive-analyzer.html) | Zip archive format (\*.zip, \*.ear, \*.war, \*.jar, \*.sar, \*.apk, \*.nupkg); Tape Archive Format (\*.tar); Gzip format (\*.gz, \*.tgz); Bzip2 format (\*.bz2, \*.tbz2); RPM format (\*.rpm) | Extracts archive contents, then scans contents with all available analyzers. |
-| [Assembly](./assembly-analyzer.html) | .NET Assemblies (\*.exe, \*.dll) | Uses [GrokAssembly.exe](https://github.com/colezlaw/GrokAssembly), which requires .NET Framework or Mono runtime to be installed. |
+| [Assembly](./assembly-analyzer.html) | .NET Assemblies (\*.exe, \*.dll) | Uses [GrokAssembly.exe](https://github.com/colezlaw/GrokAssembly); requires the dotnet core 6.0 runtime to be installed. |
 | [Jar](./jar-analyzer.html) | Java archive files (\*.jar); Web application archive (\*.war) | Examines archive manifest metadata, and Maven Project Object Model files (pom.xml). |
 | [RetireJS](./retirejs-analyzer.html) | JavaScript files | Analyzes JavaScript files using the [RetireJS](https://github.com/RetireJS/retire.js) database. |
 | [Node.js](./nodejs.html) | NPM package specification files (package.json) | Parses the package.json to gather a bill-of-materials for a Node JS project. |

diff --git a/src/site/markdown/index.md b/src/site/markdown/index.md
@@ -2,15 +2,13 @@ About
 ====================
 OWASP dependency-check is an open source solution to the OWASP Top 10 2021 entry:
 [A06:2021 – Vulnerable and Outdated Components](https://owasp.org/Top10/A06_2021-Vulnerable_and_Outdated_Components/).
-Dependency-check can currently be used to scan Java and .NET applications to 
-identify the use of known vulnerable components. Experimental analyzers for 
-Python, Ruby, PHP (composer), and Node.js applications; these are experimental
-due to the possible false positive and false negative rates. To use the experimental
+Dependency-check can currently be used to scan software to identify the use of 
+known vulnerable components. For a full list of supported languages/technologies
+please see the [File Type Analyzer](analyzers/index.html)
+page). Note that some of the analyzers are experimental and may produce more false 
+positive and false negative rates. To use the experimental
 analyzers they must be specifically enabled via the appropriate _experimental_
-configuration. In addition, dependency-check has experimental analyzers that can 
-be used to scan some C/C++ source code, including OpenSSL source code and projects
-that use [Autoconf](https://www.gnu.org/software/autoconf/) or
-[CMake](http://www.cmake.org/overview/).
+configuration.
 
 The problem with using known vulnerable components was covered in a paper by
 Jeff Williams and Arshan Dabirsiaghi titled, "[The Unfortunate Reality of