owasp-depscan 5.1.2__tar.gz → 5.1.4__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of owasp-depscan might be problematic. Click here for more details.

Files changed (86) hide show
  1. {owasp-depscan-5.1.2/owasp_depscan.egg-info → owasp-depscan-5.1.4}/PKG-INFO +33 -2
  2. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/README.md +31 -0
  3. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/depscan/cli.py +1 -0
  4. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/depscan/lib/logger.py +8 -3
  5. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/depscan/lib/normalize.py +4 -5
  6. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4/owasp_depscan.egg-info}/PKG-INFO +33 -2
  7. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/owasp_depscan.egg-info/requires.txt +1 -1
  8. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/pyproject.toml +2 -2
  9. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/LICENSE +0 -0
  10. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/MANIFEST.in +0 -0
  11. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/depscan/__init__.py +0 -0
  12. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/depscan/lib/__init__.py +0 -0
  13. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/depscan/lib/analysis.py +0 -0
  14. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/depscan/lib/audit.py +0 -0
  15. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/depscan/lib/bom.py +0 -0
  16. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/depscan/lib/config.py +0 -0
  17. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/depscan/lib/csaf.py +0 -0
  18. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/depscan/lib/explainer.py +0 -0
  19. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/depscan/lib/github.py +0 -0
  20. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/depscan/lib/license.py +0 -0
  21. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/depscan/lib/pkg_query.py +0 -0
  22. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/depscan/lib/utils.py +0 -0
  23. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/owasp_depscan.egg-info/SOURCES.txt +0 -0
  24. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/owasp_depscan.egg-info/dependency_links.txt +0 -0
  25. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/owasp_depscan.egg-info/entry_points.txt +0 -0
  26. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/owasp_depscan.egg-info/top_level.txt +0 -0
  27. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/setup.cfg +0 -0
  28. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/test/test_analysis.py +0 -0
  29. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/test/test_bom.py +0 -0
  30. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/test/test_csaf.py +0 -0
  31. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/test/test_explainer.py +0 -0
  32. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/test/test_github.py +0 -0
  33. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/test/test_license.py +0 -0
  34. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/test/test_norm.py +0 -0
  35. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/test/test_pkg_query.py +0 -0
  36. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/test/test_utils.py +0 -0
  37. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/__init__.py +0 -0
  38. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_data/fields.yml +0 -0
  39. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_data/meta.yml +0 -0
  40. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_data/rules.yml +0 -0
  41. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/0bsd.txt +0 -0
  42. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/afl-3.0.txt +0 -0
  43. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/agpl-3.0.txt +0 -0
  44. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/apache-2.0.txt +0 -0
  45. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/artistic-2.0.txt +0 -0
  46. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/bsd-2-clause.txt +0 -0
  47. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/bsd-3-clause-clear.txt +0 -0
  48. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/bsd-3-clause.txt +0 -0
  49. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/bsd-4-clause.txt +0 -0
  50. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/bsl-1.0.txt +0 -0
  51. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/cc-by-4.0.txt +0 -0
  52. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/cc-by-sa-4.0.txt +0 -0
  53. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/cc0-1.0.txt +0 -0
  54. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/cecill-2.1.txt +0 -0
  55. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/cern-ohl-p-2.0.txt +0 -0
  56. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/cern-ohl-s-2.0.txt +0 -0
  57. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/cern-ohl-w-2.0.txt +0 -0
  58. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/ecl-2.0.txt +0 -0
  59. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/epl-1.0.txt +0 -0
  60. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/epl-2.0.txt +0 -0
  61. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/eupl-1.1.txt +0 -0
  62. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/eupl-1.2.txt +0 -0
  63. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/gfdl-1.3.txt +0 -0
  64. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/gpl-2.0.txt +0 -0
  65. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/gpl-3.0.txt +0 -0
  66. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/isc.txt +0 -0
  67. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/lgpl-2.1.txt +0 -0
  68. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/lgpl-3.0.txt +0 -0
  69. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/lppl-1.3c.txt +0 -0
  70. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/mit-0.txt +0 -0
  71. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/mit.txt +0 -0
  72. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/mpl-2.0.txt +0 -0
  73. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/ms-pl.txt +0 -0
  74. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/ms-rl.txt +0 -0
  75. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/mulanpsl-2.0.txt +0 -0
  76. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/ncsa.txt +0 -0
  77. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/odbl-1.0.txt +0 -0
  78. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/ofl-1.1.txt +0 -0
  79. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/osl-3.0.txt +0 -0
  80. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/postgresql.txt +0 -0
  81. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/unlicense.txt +0 -0
  82. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/upl-1.0.txt +0 -0
  83. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/vim.txt +0 -0
  84. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/wtfpl.txt +0 -0
  85. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/choosealicense.com/_licenses/zlib.txt +0 -0
  86. {owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/vendor/spdx/json/licenses.json +0 -0
{owasp-depscan-5.1.2/owasp_depscan.egg-info → owasp-depscan-5.1.4}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: owasp-depscan
3
- Version: 5.1.2
3
+ Version: 5.1.4
4
4
  Summary: Fully open-source security audit for project dependencies based on known vulnerabilities and advisories.
5
5
  Author-email: Team AppThreat <cloud@appthreat.com>
6
6
  License: MIT
@@ -20,7 +20,7 @@ Classifier: Topic :: Utilities
20
20
  Requires-Python: >=3.8
21
21
  Description-Content-Type: text/markdown
22
22
  License-File: LICENSE
23
- Requires-Dist: appthreat-vulnerability-db>=5.5.6
23
+ Requires-Dist: appthreat-vulnerability-db>=5.5.7
24
24
  Requires-Dist: defusedxml
25
25
  Requires-Dist: oras
26
26
  Requires-Dist: PyYAML
@@ -46,6 +46,37 @@ OWASP dep-scan is a next-generation security and risk audit tool based on known
46
46
  [![release](https://github.com/owasp-dep-scan/dep-scan/actions/workflows/pythonpublish.yml/badge.svg)](https://github.com/owasp-dep-scan/dep-scan/actions/workflows/pythonpublish.yml)
47
47
  [![Discord](https://img.shields.io/badge/-Discord-lime?style=for-the-badge&logo=discord&logoColor=white&color=black)](https://discord.gg/pF4BYWEJcS)
48
48
 
49
+ ## Contents
50
+ - [Features](#features)
51
+ - [Vulnerability Data sources](#vulnerability-data-sources)
52
+ - [Linux distros](#linux-distros)
53
+ - [Usage](#usage)
54
+ - [OCI Artifacts via ORAS cli](#oci-artifacts-via-oras-cli)
55
+ - [Single binary executables](#single-binary-executables)
56
+ - [Server mode](#server-mode)
57
+ - [Scanning projects locally (Python version)](#scanning-projects-locally-python-version)
58
+ - [Scanning containers locally (Python version)](#scanning-containers-locally-python-version)
59
+ - [Scanning projects locally (Docker container)](#scanning-projects-locally-docker-container)
60
+ - [Supported languages and package format](#supported-languages-and-package-format)
61
+ - [Reachability analysis](#reachability-analysis)
62
+ - [Example analysis for a Java project](#example-analysis-for-a-java-project)
63
+ - [Example analysis for a JavaScript project](#example-analysis-for-a-javascript-project)
64
+ - [Customization through environment variables](#customization-through-environment-variables)
65
+ - [GitHub Security Advisory](#github-security-advisory)
66
+ - [Suggest mode](#suggest-mode)
67
+ - [Package Risk audit](#package-risk-audit)
68
+ - [Automatic adjustment](#automatic-adjustment)
69
+ - [Configuring weights](#configuring-weights)
70
+ - [Live OS scan](#live-os-scan)
71
+ - [License scan](#license-scan)
72
+ - [Kubernetes and Cloud apps](#kubernetes-and-cloud-apps)
73
+ - [PDF reports](#pdf-reports)
74
+ - [Custom reports](#custom-reports)
75
+ - [Performance tuning](#performance-tuning)
76
+ - [Use nydus to speed up the initial vdb download](#use-nydus-to-speed-up-the-initial-vdb-download)
77
+ - [Discord support](#discord-support)
78
+ - [License](#license)
79
+
49
80
  ## Features
50
81
 
51
82
  - Scan most application code - local repos, Linux container images, Kubernetes manifests, and OS - to identify known CVEs with prioritization
{owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/README.md RENAMED
@@ -7,6 +7,37 @@ OWASP dep-scan is a next-generation security and risk audit tool based on known
7
7
  [![release](https://github.com/owasp-dep-scan/dep-scan/actions/workflows/pythonpublish.yml/badge.svg)](https://github.com/owasp-dep-scan/dep-scan/actions/workflows/pythonpublish.yml)
8
8
  [![Discord](https://img.shields.io/badge/-Discord-lime?style=for-the-badge&logo=discord&logoColor=white&color=black)](https://discord.gg/pF4BYWEJcS)
9
9
 
10
+ ## Contents
11
+ - [Features](#features)
12
+ - [Vulnerability Data sources](#vulnerability-data-sources)
13
+ - [Linux distros](#linux-distros)
14
+ - [Usage](#usage)
15
+ - [OCI Artifacts via ORAS cli](#oci-artifacts-via-oras-cli)
16
+ - [Single binary executables](#single-binary-executables)
17
+ - [Server mode](#server-mode)
18
+ - [Scanning projects locally (Python version)](#scanning-projects-locally-python-version)
19
+ - [Scanning containers locally (Python version)](#scanning-containers-locally-python-version)
20
+ - [Scanning projects locally (Docker container)](#scanning-projects-locally-docker-container)
21
+ - [Supported languages and package format](#supported-languages-and-package-format)
22
+ - [Reachability analysis](#reachability-analysis)
23
+ - [Example analysis for a Java project](#example-analysis-for-a-java-project)
24
+ - [Example analysis for a JavaScript project](#example-analysis-for-a-javascript-project)
25
+ - [Customization through environment variables](#customization-through-environment-variables)
26
+ - [GitHub Security Advisory](#github-security-advisory)
27
+ - [Suggest mode](#suggest-mode)
28
+ - [Package Risk audit](#package-risk-audit)
29
+ - [Automatic adjustment](#automatic-adjustment)
30
+ - [Configuring weights](#configuring-weights)
31
+ - [Live OS scan](#live-os-scan)
32
+ - [License scan](#license-scan)
33
+ - [Kubernetes and Cloud apps](#kubernetes-and-cloud-apps)
34
+ - [PDF reports](#pdf-reports)
35
+ - [Custom reports](#custom-reports)
36
+ - [Performance tuning](#performance-tuning)
37
+ - [Use nydus to speed up the initial vdb download](#use-nydus-to-speed-up-the-initial-vdb-download)
38
+ - [Discord support](#discord-support)
39
+ - [License](#license)
40
+
10
41
  ## Features
11
42
 
12
43
  - Scan most application code - local repos, Linux container images, Kubernetes manifests, and OS - to identify known CVEs with prioritization
{owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/depscan/cli.py RENAMED
@@ -536,6 +536,7 @@ def download_rafs_based_image():
536
536
  nydus_download_command,
537
537
  check=True,
538
538
  stdout=subprocess.DEVNULL,
539
+ stderr=subprocess.DEVNULL,
539
540
  )
540
541
  if os.path.exists(os.path.join(data_dir, "vdb.tar")):
541
542
  rafs_image_downloaded = True
{owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/depscan/lib/logger.py RENAMED
@@ -57,11 +57,16 @@ logging.basicConfig(
57
57
  ],
58
58
  )
59
59
  LOG = logging.getLogger(__name__)
60
- for _ in ("httpx", "oras"):
61
- logging.getLogger(_).disabled = True
62
60
 
63
61
  # Set logging level
64
- if os.getenv("SCAN_DEBUG_MODE") == "debug" or os.getenv("AT_DEBUG_MODE") == "debug":
62
+ if (
63
+ os.getenv("SCAN_DEBUG_MODE") == "debug"
64
+ or os.getenv("AT_DEBUG_MODE") == "debug"
65
+ ):
65
66
  LOG.setLevel(logging.DEBUG)
66
67
 
67
68
  DEBUG = logging.DEBUG
69
+
70
+ for log_name, log_obj in logging.Logger.manager.loggerDict.items():
71
+ if log_name != __name__:
72
+ log_obj.disabled = True
{owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/depscan/lib/normalize.py RENAMED
@@ -54,11 +54,10 @@ def create_pkg_variations(pkg_dict):
54
54
  if purl_obj:
55
55
  pkg_type = purl_obj.get("type")
56
56
  qualifiers = purl_obj.get("qualifiers", {})
57
- namespace = purl_obj.get("namespace")
58
- # npm is known for packages with no group
59
- # To reduce false positives we retain such empty groups here
60
- if pkg_type in ("npm",) and namespace is None:
61
- vendor_aliases.add("")
57
+ # npm is resulting in false positives
58
+ # Let's disable aliasing for now. See #194, #195, #196
59
+ if pkg_type in ("npm",):
60
+ return pkg_list
62
61
  if qualifiers and qualifiers.get("distro_name"):
63
62
  os_distro_name = qualifiers.get("distro_name")
64
63
  name_aliases.add(f"""{os_distro_name}/{name}""")
{owasp-depscan-5.1.2 → owasp-depscan-5.1.4/owasp_depscan.egg-info}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: owasp-depscan
3
- Version: 5.1.2
3
+ Version: 5.1.4
4
4
  Summary: Fully open-source security audit for project dependencies based on known vulnerabilities and advisories.
5
5
  Author-email: Team AppThreat <cloud@appthreat.com>
6
6
  License: MIT
@@ -20,7 +20,7 @@ Classifier: Topic :: Utilities
20
20
  Requires-Python: >=3.8
21
21
  Description-Content-Type: text/markdown
22
22
  License-File: LICENSE
23
- Requires-Dist: appthreat-vulnerability-db>=5.5.6
23
+ Requires-Dist: appthreat-vulnerability-db>=5.5.7
24
24
  Requires-Dist: defusedxml
25
25
  Requires-Dist: oras
26
26
  Requires-Dist: PyYAML
@@ -46,6 +46,37 @@ OWASP dep-scan is a next-generation security and risk audit tool based on known
46
46
  [![release](https://github.com/owasp-dep-scan/dep-scan/actions/workflows/pythonpublish.yml/badge.svg)](https://github.com/owasp-dep-scan/dep-scan/actions/workflows/pythonpublish.yml)
47
47
  [![Discord](https://img.shields.io/badge/-Discord-lime?style=for-the-badge&logo=discord&logoColor=white&color=black)](https://discord.gg/pF4BYWEJcS)
48
48
 
49
+ ## Contents
50
+ - [Features](#features)
51
+ - [Vulnerability Data sources](#vulnerability-data-sources)
52
+ - [Linux distros](#linux-distros)
53
+ - [Usage](#usage)
54
+ - [OCI Artifacts via ORAS cli](#oci-artifacts-via-oras-cli)
55
+ - [Single binary executables](#single-binary-executables)
56
+ - [Server mode](#server-mode)
57
+ - [Scanning projects locally (Python version)](#scanning-projects-locally-python-version)
58
+ - [Scanning containers locally (Python version)](#scanning-containers-locally-python-version)
59
+ - [Scanning projects locally (Docker container)](#scanning-projects-locally-docker-container)
60
+ - [Supported languages and package format](#supported-languages-and-package-format)
61
+ - [Reachability analysis](#reachability-analysis)
62
+ - [Example analysis for a Java project](#example-analysis-for-a-java-project)
63
+ - [Example analysis for a JavaScript project](#example-analysis-for-a-javascript-project)
64
+ - [Customization through environment variables](#customization-through-environment-variables)
65
+ - [GitHub Security Advisory](#github-security-advisory)
66
+ - [Suggest mode](#suggest-mode)
67
+ - [Package Risk audit](#package-risk-audit)
68
+ - [Automatic adjustment](#automatic-adjustment)
69
+ - [Configuring weights](#configuring-weights)
70
+ - [Live OS scan](#live-os-scan)
71
+ - [License scan](#license-scan)
72
+ - [Kubernetes and Cloud apps](#kubernetes-and-cloud-apps)
73
+ - [PDF reports](#pdf-reports)
74
+ - [Custom reports](#custom-reports)
75
+ - [Performance tuning](#performance-tuning)
76
+ - [Use nydus to speed up the initial vdb download](#use-nydus-to-speed-up-the-initial-vdb-download)
77
+ - [Discord support](#discord-support)
78
+ - [License](#license)
79
+
49
80
  ## Features
50
81
 
51
82
  - Scan most application code - local repos, Linux container images, Kubernetes manifests, and OS - to identify known CVEs with prioritization
{owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/owasp_depscan.egg-info/requires.txt RENAMED
@@ -1,4 +1,4 @@
1
- appthreat-vulnerability-db>=5.5.6
1
+ appthreat-vulnerability-db>=5.5.7
2
2
  defusedxml
3
3
  oras
4
4
  PyYAML
{owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/pyproject.toml RENAMED
@@ -1,12 +1,12 @@
1
1
  [project]
2
2
  name = "owasp-depscan"
3
- version = "5.1.2"
3
+ version = "5.1.4"
4
4
  description = "Fully open-source security audit for project dependencies based on known vulnerabilities and advisories."
5
5
  authors = [
6
6
  {name = "Team AppThreat", email = "cloud@appthreat.com"},
7
7
  ]
8
8
  dependencies = [
9
- "appthreat-vulnerability-db>=5.5.6",
9
+ "appthreat-vulnerability-db>=5.5.7",
10
10
  "defusedxml",
11
11
  "oras",
12
12
  "PyYAML",
{owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/LICENSE RENAMED
File without changes
{owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/MANIFEST.in RENAMED
File without changes
{owasp-depscan-5.1.2 → owasp-depscan-5.1.4}/setup.cfg RENAMED
File without changes