Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create analyzer for OWASP Dependency-Track #708

Open
stevespringett opened this issue Apr 22, 2017 · 1 comment
Open

Create analyzer for OWASP Dependency-Track #708

stevespringett opened this issue Apr 22, 2017 · 1 comment
Assignees
@stevespringett
Labels
enhancement

Comments

@stevespringett
Copy link
Collaborator

OWASP Dependency-Track (dev3+) allows the importing and refining of Dependency-Check XML reports. It also allows the importing of SPDX and the manual creation of components.

ODT provides a REST API (similar to Maven Central) that allows the searching of components by MD5/SHA1 hashes and will respond back with the highest confidence metadata available.

This ticket is to track the creation of an analyzer for Dependency-Check so that it can use Dependency-Track as a source of evidence.
@stevespringett stevespringett self-assigned this Apr 22, 2017
@amandel
Copy link
Contributor

amandel commented Oct 11, 2019

I've created #2233 which kind of points into the other direction. IMHO both are valuable.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@stevespringett stevespringett

Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@amandel @stevespringett