-
-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Conduct scan without existence of files #96
Comments
I completely agree. I'm thinking we could probably use the XML results... --Jeremy On Thu, Mar 20, 2014 at 3:21 PM, Steve Springett
|
Just realized you submitted a PR for this ;) I scanned the PR quickly and might have missed this - but where is the data --Jeremy On Thu, Mar 20, 2014 at 9:30 PM, Jeremy Long jeremy.long@gmail.com wrote:
|
Yeah sorry for creating two issues. I didn't realize a PR would create Anyway, DependencyCheckScanAgent and the few minor changes to the core to For example, Dependency-Track will use the scan agent in the following List dependencies = new ArrayList(); DependencyCheckScanAgent scan = new DependencyCheckScanAgent(); This will allow any application, whether it's Dependency-Track, or some And yes, if you wanted to use a spreadsheet, an XML file or some other type |
Thought I would attach the reports that are generated from the above sample I haven't tested this on Windows. It should work, but I don't know for sure. On Thu, Mar 20, 2014 at 9:33 PM, Steve Springett steve@springett.us wrote:
|
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs. |
If metadata (evidence of a libraries vendor, name, version, etc) has already been obtained by other means and stored elsewhere, dependency-check should be able to leverage existing evidence and easily provide scanning capabilities without having physical access to the filesystem where the libraries are stored.
The text was updated successfully, but these errors were encountered: