Jeremy Long's repositories
DependencyCheck
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
vuln-tools
A Java library and CLI for the NVD API and GitHub Security Advisories.
dependency-check-plugin
Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).
attack-surface-analyzer
A tool for analyzing the attack surface of an application
commons-jcs
Apache Commons JCS
CPE-Parser
A utility for validating and parsing Common Platform Enumeration (CPE) v2.2 and v2.3 as originally defined by MITRE and maintained by NIST
cx-flow
Checkmarx Scan and Result Orchestration
delete-workflow-runs
An action to delete workflow runs in a repository.
gitgat
Evaluate source control (GitHub) security posture
github-release-maven-plugin
Maven plugin for creating GitHub releases
homebrew-core
🍻 Default formulae for the missing package manager for macOS
jcs3-slf4j
Log adapter for use with JCS3 to bind to slf4j.
jobrunr
An extremely easy way to perform background processing in Java. Backed by persistent storage. Open and free for commercial use.
lein-dependency-check
A leiningen plugin for detecting vulnerable project dependencies
ossindex-public
Sonatype OSS Index - Public
ossinsight
Open Source Software Insights - Analysis, Comparison, Trends, Rankings of Open Source Software. Follow us on Twitter: https://twitter.com/ossinsight
owasp-change.github.io
An Open Letter to the OWASP Board
phosphor
Phosphor: Dynamic Taint Tracking for the JVM
retire.js
scanner detecting the use of JavaScript libraries with known vulnerabilities
sbt-dependency-check
SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs).
semver4j
Semantic versioning for Java apps.
velocity-whitespace-resource-filter
Maven Resource Filter to remove whitespace from Velocity Templates.
violation-comments-lib
Library for commenting things with violations from static code analysis.
violations-lib
Java library for parsing report files from static code analysis.