OWASP Dependency-Check Jenkins Plugin

I Use This!

Low Activity

Analyzed about 19 hours ago. based on code collected 1 day ago.

Project Summary

The Jenkins plugin for OWASP Dependency-Check. This can be used to monitor the java libraries used in an application and report if there are any known vulnerabilities (e.g. CVEs).

In a Nutshell, OWASP Dependency-Check Jenkins Plugin...

...
has had 1,015 commits made by 38 contributors
representing 81,702 lines of code
...
is mostly written in Java
with an average number of source code comments
...
has a well established, mature codebase
maintained by a large development team
with increasing Y-O-Y commits
...
took an estimated 21 years of effort (COCOMO model)
starting with its first commit in May, 2013
ending with its most recent commit 10 days ago

Quick Reference

Organization:

Open Web Application Security Project (OWASP)

Project Links:

Homepage

Code Locations:

https://github.com/jenkinsci/dep...

Similar Projects:

Managers:

Steve Springett

Licenses

Apache License 2.0

Permitted

Commercial Use

Modify

Distribute

Place Warranty

Sub-License

Private Use

Use Patent Claims

Forbidden

Hold Liable

Use Trademarks

Required

Include Copyright

State Changes

Include License

Include Notice

These details are provided for information only. No information here is legal advice and should not be used as such.

All Licenses

Project Security

Vulnerabilities per Version ( last 10 releases )

Project Vulnerability Report

Security Confidence Index

Poor security track-record

Favorable security track-record

Vulnerability Exposure Index

Many reported vulnerabilities

Few reported vulnerabilities

About Project Vulnerability Report

Did You Know...

...
55% of companies leverage OSS for production infrastructure
...
learn about Open Hub updates and features on the Open Hub blog
...
in 2016, 47% of companies did not have formal process in place to track OS code
...
check out hot projects on the Open Hub