Jeremy Long's repositories
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
A Java library and CLI for the NVD API and GitHub Security Advisories.
Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).
A tool for analyzing the attack surface of an application
Apache Commons JCS
A utility for validating and parsing Common Platform Enumeration (CPE) v2.2 and v2.3 as originally defined by MITRE and maintained by NIST
Checkmarx Scan and Result Orchestration
An action to delete workflow runs in a repository.
Evaluate source control (GitHub) security posture
Maven plugin for creating GitHub releases
🍻 Default formulae for the missing package manager for macOS
Log adapter for use with JCS3 to bind to slf4j.
An extremely easy way to perform background processing in Java. Backed by persistent storage. Open and free for commercial use.
A leiningen plugin for detecting vulnerable project dependencies
Sonatype OSS Index - Public
Open Source Software Insights - Analysis, Comparison, Trends, Rankings of Open Source Software. Follow us on Twitter: https://twitter.com/ossinsight
An Open Letter to the OWASP Board
Phosphor: Dynamic Taint Tracking for the JVM
SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs).
Semantic versioning for Java apps.
Maven Resource Filter to remove whitespace from Velocity Templates.
Library for commenting things with violations from static code analysis.
Java library for parsing report files from static code analysis.