Uses of Class
org.owasp.dependencycheck.dependency.Dependency

Packages that use Dependency

Package	Description
org.owasp.dependencycheck	Includes the main entry point for dependency-check.
org.owasp.dependencycheck.agent	The agent package holds an agent API that can be used by other applications that have information about dependencies; but would rather implement something in their code directly rather then spawn a process to run the entire dependency-check engine.
org.owasp.dependencycheck.analyzer	Analyzers are used to inspect the identified dependencies, collect Evidence, and process the dependencies.
org.owasp.dependencycheck.data.artifactory	Contains classes related to searching Artifactory Maven repository. These are used to abstractArtifactory searching away from OWASP Dependency Check so they can be reused elsewhere.
org.owasp.dependencycheck.data.golang	Contains classes for working with the Go Lang project data.
org.owasp.dependencycheck.dependency	Contains the core Dependency implementation.
org.owasp.dependencycheck.processing	Classes used to process the output of external tools.
org.owasp.dependencycheck.reporting	Contains classes used to generate reports.
org.owasp.dependencycheck.xml.pom	This package contains classes used to parse pom.xml files.
org.owasp.dependencycheck.xml.suppression	Contains classes used to suppress findings.

Uses of Dependency in org.owasp.dependencycheck

Methods in org.owasp.dependencycheck that return Dependency

Modifier and Type	Method	Description
Dependency[]	Engine.getDependencies()	Returns a copy of the dependencies as an array.
protected Dependency	Engine.scanFile(@NotNull java.io.File file)	Scans a specified file.
protected Dependency	Engine.scanFile(@NotNull java.io.File file, @Nullable java.lang.String projectReference)	Scans a specified file.

Methods in org.owasp.dependencycheck that return types with arguments of type Dependency

Modifier and Type	Method	Description
@Nullable java.util.List<Dependency>	Engine.scan(@NotNull java.io.File file, java.lang.String projectReference)	Scans a given file or directory.
java.util.List<Dependency>	Engine.scan(@NotNull java.lang.String path)	Scans a given file or directory.
java.util.List<Dependency>	Engine.scan(@NotNull java.lang.String[] paths)	Scans an array of files or directories.
java.util.List<Dependency>	Engine.scan(@NotNull java.lang.String[] paths, @Nullable java.lang.String projectReference)	Scans an array of files or directories.
java.util.List<Dependency>	Engine.scan(@NotNull java.lang.String path, java.lang.String projectReference)	Scans a given file or directory.
java.util.List<Dependency>	Engine.scan(java.io.File file)	Scans a given file or directory.
java.util.List<Dependency>	Engine.scan(java.io.File[] files)	Scans an array of files or directories.
java.util.List<Dependency>	Engine.scan(java.io.File[] files, java.lang.String projectReference)	Scans an array of files or directories.
java.util.List<Dependency>	Engine.scan(java.util.Collection<java.io.File> files)	Scans a collection of files or directories.
java.util.List<Dependency>	Engine.scan(java.util.Collection<java.io.File> files, java.lang.String projectReference)	Scans a collection of files or directories.
protected java.util.List<Dependency>	Engine.scanDirectory(@NotNull java.io.File dir, @Nullable java.lang.String projectReference)	Recursively scans files and directories.
protected java.util.List<Dependency>	Engine.scanDirectory(java.io.File dir)	Recursively scans files and directories.

Methods in org.owasp.dependencycheck with parameters of type Dependency

Modifier and Type	Method	Description
void	Engine.addDependency(Dependency dependency)	Adds a dependency.
void	Engine.removeDependency(@NotNull Dependency dependency)	Removes the dependency.

Method parameters in org.owasp.dependencycheck with type arguments of type Dependency

Modifier and Type	Method	Description
void	Engine.setDependencies(@NotNull java.util.List<Dependency> dependencies)	Sets the dependencies.

Constructors in org.owasp.dependencycheck with parameters of type Dependency

Constructor	Description
AnalysisTask(Analyzer analyzer, Dependency dependency, Engine engine, java.util.List<java.lang.Throwable> exceptions)	Creates a new analysis task.

Uses of Dependency in org.owasp.dependencycheck.agent

Methods in org.owasp.dependencycheck.agent that return types with arguments of type Dependency

Modifier and Type	Method	Description
java.util.List<Dependency>	DependencyCheckScanAgent.getDependencies()	Returns a list of pre-determined dependencies.

Methods in org.owasp.dependencycheck.agent with parameters of type Dependency

Modifier and Type	Method	Description
static void	DependencyCheckScanAgent.showSummary(java.lang.String projectName, Dependency[] dependencies)	Generates a warning message listing a summary of dependencies and their associated CPE and CVE entries.
static void	DependencyCheckScanAgent.showSummary(Dependency[] dependencies)	Generates a warning message listing a summary of dependencies and their associated CPE and CVE entries.

Method parameters in org.owasp.dependencycheck.agent with type arguments of type Dependency

Modifier and Type	Method	Description
void	DependencyCheckScanAgent.setDependencies(java.util.List<Dependency> dependencies)	Sets the list of dependencies to scan.

Uses of Dependency in org.owasp.dependencycheck.analyzer

Methods in org.owasp.dependencycheck.analyzer that return Dependency

Modifier and Type	Method	Description
protected Dependency	AbstractNpmAnalyzer.createDependency(Dependency dependency, java.lang.String name, java.lang.String version, java.lang.String scope)	Construct a dependency object.
protected Dependency	AbstractNpmAnalyzer.findDependency(Engine engine, java.lang.String name, java.lang.String version)	Locates the dependency from the list of dependencies that have been scanned by the engine.
protected Dependency	DependencyMergingAnalyzer.getMainAndroidDependency(Dependency dependency1, Dependency dependency2)	Determines which of the android dependencies should be considered the primary.
protected Dependency	DependencyMergingAnalyzer.getMainDotnetDependency(Dependency dependency1, Dependency dependency2)	Determines which of the dotnet dependencies should be considered the primary.
protected Dependency	DependencyMergingAnalyzer.getMainGemspecDependency(Dependency dependency1, Dependency dependency2)	Ruby gems installed by "bundle install" can have zero or more *.gemspec files, all of which have the same packagePath and should be grouped.
protected Dependency	DependencyMergingAnalyzer.getMainSwiftDependency(Dependency dependency1, Dependency dependency2)	Determines which of the swift dependencies should be considered the primary.
protected Dependency	DependencyMergingAnalyzer.getMainVirtualDependency(Dependency dependency1, Dependency dependency2)	Determines which of the virtual dependencies should be considered the primary.

Methods in org.owasp.dependencycheck.analyzer with parameters of type Dependency

Modifier and Type	Method	Description
static java.lang.String	JarAnalyzer.addDescription(Dependency dependency, java.lang.String description, java.lang.String source, java.lang.String key)	Adds a description to the given dependency.
protected static void	AssemblyAnalyzer.addMatchingValues(java.util.List<java.lang.String> packages, java.lang.String value, Dependency dep, EvidenceType type)	Cycles through the collection of class name information to see if parts of the package names are contained in the provided value.
protected static void	JarAnalyzer.addMatchingValues(java.util.List<JarAnalyzer.ClassNameInformation> classes, java.lang.String value, Dependency dep, EvidenceType type)	Cycles through the collection of class name information to see if parts of the package names are contained in the provided value.
void	AbstractAnalyzer.analyze(Dependency dependency, Engine engine)	Analyzes a given dependency.
void	Analyzer.analyze(Dependency dependency, Engine engine)	Analyzes the given dependency.
protected abstract void	AbstractAnalyzer.analyzeDependency(Dependency dependency, Engine engine)	Analyzes a given dependency.
protected void	AbstractDependencyComparingAnalyzer.analyzeDependency(Dependency ignore, Engine engine)	Analyzes a set of dependencies.
protected void	AbstractSuppressionAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
void	ArchiveAnalyzer.analyzeDependency(Dependency dependency, Engine engine)	Analyzes a given dependency.
void	ArtifactoryAnalyzer.analyzeDependency(Dependency dependency, Engine engine)	Performs the analysis.
void	AssemblyAnalyzer.analyzeDependency(Dependency dependency, Engine engine)	Performs the analysis on a single Dependency.
protected void	AutoconfAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
protected void	CarthageAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
void	CentralAnalyzer.analyzeDependency(Dependency dependency, Engine engine)	Performs the analysis.
protected void	CMakeAnalyzer.analyzeDependency(Dependency dependency, Engine engine)	Analyzes python packages and adds evidence to the dependency.
protected void	CocoaPodsAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
protected void	ComposerLockAnalyzer.analyzeDependency(Dependency dependency, Engine engine)	Entry point for the analyzer.
protected void	CPEAnalyzer.analyzeDependency(Dependency dependency, Engine engine)	Analyzes a dependency and attempts to determine if there are any CPE identifiers for this dependency.
protected void	CpeSuppressionAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
protected void	DartAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
protected void	ElixirMixAuditAnalyzer.analyzeDependency(Dependency dependency, Engine engine)	Determines if the analyzer can analyze the given file type.
protected void	FalsePositiveAnalyzer.analyzeDependency(Dependency dependency, Engine engine)	Analyzes the dependencies and removes bad/incorrect CPE associations based on various heuristics.
protected void	FileNameAnalyzer.analyzeDependency(Dependency dependency, Engine engine)	Collects information about the file name.
protected void	GolangDepAnalyzer.analyzeDependency(Dependency dependency, Engine engine)	Analyzes go packages and adds evidence to the dependency.
protected void	GolangModAnalyzer.analyzeDependency(Dependency dependency, Engine engine)	Analyzes go packages and adds evidence to the dependency.
protected void	HintAnalyzer.analyzeDependency(Dependency dependency, Engine engine)	The HintAnalyzer uses knowledge about a dependency to add additional information to help in identification of identifiers or vulnerabilities.
void	JarAnalyzer.analyzeDependency(Dependency dependency, Engine engine)	Loads a specified JAR file and collects information from the manifest and checksums to identify the correct CPE information.
protected void	KnownExploitedVulnerabilityAnalyzer.analyzeDependency(Dependency dependency, Engine engine)	Adds information about the known exploited vulnerabilities to the analysis.
void	LibmanAnalyzer.analyzeDependency(Dependency dependency, Engine engine)	Performs the analysis.
protected void	MSBuildProjectAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
void	NexusAnalyzer.analyzeDependency(Dependency dependency, Engine engine)	Performs the analysis.
protected void	NodeAuditAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
protected void	NodePackageAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
protected void	NpmCPEAnalyzer.analyzeDependency(Dependency dependency, Engine engine)	Analyzes a dependency and attempts to determine if there are any CPE identifiers for this dependency.
void	NugetconfAnalyzer.analyzeDependency(Dependency dependency, Engine engine)	Performs the analysis.
void	NuspecAnalyzer.analyzeDependency(Dependency dependency, Engine engine)	Performs the analysis.
protected void	NvdCveAnalyzer.analyzeDependency(Dependency dependency, Engine engine)	Analyzes a dependency and attempts to determine if there are any CPE identifiers for this dependency.
protected void	OpenSSLAnalyzer.analyzeDependency(Dependency dependency, Engine engine)	Analyzes python packages and adds evidence to the dependency.
protected void	OssIndexAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
protected void	PEAnalyzer.analyzeDependency(Dependency dependency, Engine engine)	Collects information about the file name.
protected void	PerlCpanfileAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
protected void	PinnedMavenInstallAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
protected void	PipAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
protected void	PipfileAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
protected void	PipfilelockAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
protected void	PnpmAuditAnalyzer.analyzeDependency(Dependency dependency, Engine engine)	Analyzes the pnpm lock file to determine vulnerable dependencies.
protected void	PoetryAnalyzer.analyzeDependency(Dependency dependency, Engine engine)	Analyzes poetry packages and adds evidence to the dependency.
protected void	PythonDistributionAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
protected void	PythonPackageAnalyzer.analyzeDependency(Dependency dependency, Engine engine)	Analyzes python packages and adds evidence to the dependency.
void	RetireJsAnalyzer.analyzeDependency(Dependency dependency, Engine engine)	Analyzes the specified JavaScript file.
protected void	RubyBundleAuditAnalyzer.analyzeDependency(Dependency dependency, Engine engine)	Determines if the analyzer can analyze the given file type.
protected void	RubyBundlerAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
protected void	RubyGemspecAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
protected void	SwiftPackageManagerAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
protected void	SwiftPackageResolvedAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
protected void	UnusedSuppressionRuleAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
protected void	VersionFilterAnalyzer.analyzeDependency(Dependency dependency, Engine engine)	The HintAnalyzer uses knowledge about a dependency to add additional information to help in identification of identifiers or vulnerabilities.
protected void	VulnerabilitySuppressionAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
protected void	YarnAuditAnalyzer.analyzeDependency(Dependency dependency, Engine engine)	Analyzes the yarn lock file to determine vulnerable dependencies.
protected void	JarAnalyzer.analyzePackageNames(java.util.List<JarAnalyzer.ClassNameInformation> classNames, Dependency dependency, boolean addPackagesAsEvidence)	Analyzes the path information of the classes contained within the JarAnalyzer to try and determine possible vendor or product names.
protected boolean	JarAnalyzer.analyzePOM(Dependency dependency, java.util.List<JarAnalyzer.ClassNameInformation> classes, Engine engine)	Attempts to find a pom.xml within the JAR file.
protected java.util.List<JarAnalyzer.ClassNameInformation>	JarAnalyzer.collectClassNames(Dependency dependency)	Cycles through an enumeration of JarEntries, contained within the dependency, and returns a list of the class names.
protected Dependency	AbstractNpmAnalyzer.createDependency(Dependency dependency, java.lang.String name, java.lang.String version, java.lang.String scope)	Construct a dependency object.
protected void	CPEAnalyzer.determineCPE(Dependency dependency)	Searches the data store of CPE entries, trying to identify the CPE for the given dependency based on the evidence contained within.
protected boolean	CPEAnalyzer.determineIdentifiers(Dependency dependency, java.lang.String vendor, java.lang.String product, Confidence currentConfidence)	Retrieves a list of CPE values from the CveDB based on the vendor and product passed in.
protected abstract boolean	AbstractDependencyComparingAnalyzer.evaluateDependencies(Dependency dependency, Dependency nextDependency, java.util.Set<Dependency> dependenciesToRemove)	Evaluates the dependencies
protected boolean	DependencyBundlingAnalyzer.evaluateDependencies(Dependency dependency, Dependency nextDependency, java.util.Set<Dependency> dependenciesToRemove)	Evaluates the dependencies
protected boolean	DependencyMergingAnalyzer.evaluateDependencies(Dependency dependency, Dependency nextDependency, java.util.Set<Dependency> dependenciesToRemove)	Evaluates the dependencies
static void	JarAnalyzer.extractLicense(Model pom, Dependency dependency)	Extracts the license information from the pom and adds it to the dependency.
protected java.util.List<MavenArtifact>	CentralAnalyzer.fetchMavenArtifacts(Dependency dependency)	Downloads the corresponding list of MavenArtifacts of the given dependency from MavenCentral.
void	AbstractNpmAnalyzer.gatherEvidence(javax.json.JsonObject json, Dependency dependency)	Collects evidence from the given JSON for the associated dependency.
protected Dependency	DependencyMergingAnalyzer.getMainAndroidDependency(Dependency dependency1, Dependency dependency2)	Determines which of the android dependencies should be considered the primary.
protected Dependency	DependencyMergingAnalyzer.getMainDotnetDependency(Dependency dependency1, Dependency dependency2)	Determines which of the dotnet dependencies should be considered the primary.
protected Dependency	DependencyMergingAnalyzer.getMainGemspecDependency(Dependency dependency1, Dependency dependency2)	Ruby gems installed by "bundle install" can have zero or more *.gemspec files, all of which have the same packagePath and should be grouped.
protected Dependency	DependencyMergingAnalyzer.getMainSwiftDependency(Dependency dependency1, Dependency dependency2)	Determines which of the swift dependencies should be considered the primary.
protected Dependency	DependencyMergingAnalyzer.getMainVirtualDependency(Dependency dependency1, Dependency dependency2)	Determines which of the virtual dependencies should be considered the primary.
protected boolean	DependencyBundlingAnalyzer.isCore(Dependency left, Dependency right)	This is likely a very broken attempt at determining if the 'left' dependency is the 'core' library in comparison to the 'right' library.
protected boolean	DependencyMergingAnalyzer.isSameRubyGem(Dependency dependency1, Dependency dependency2)	Bundling Ruby gems that are identified from different .gemspec files but denote the same package path.
protected boolean	DependencyMergingAnalyzer.isSameSwiftPackage(Dependency dependency1, Dependency dependency2)	Bundling same swift dependencies with the same packagePath but identified by different file type analyzers.
protected boolean	DependencyBundlingAnalyzer.isShadedJar(Dependency dependency, Dependency nextDependency)	Determines if the jar is shaded and the created pom.xml identified the same CPE as the jar - if so, the pom.xml dependency should be removed.
protected boolean	DependencyBundlingAnalyzer.isWebJar(Dependency dependency, Dependency nextDependency)	Determines if a JS file is from a webjar dependency.
static void	DependencyBundlingAnalyzer.mergeDependencies(Dependency dependency, Dependency relatedDependency, java.util.Set<Dependency> dependenciesToRemove)	Adds the relatedDependency to the dependency's related dependencies.
static void	DependencyBundlingAnalyzer.mergeDependencies(Dependency dependency, Dependency relatedDependency, java.util.Set<Dependency> dependenciesToRemove, boolean copyVulnsAndIds)	Adds the relatedDependency to the dependency's related dependencies.
static void	DependencyMergingAnalyzer.mergeDependencies(Dependency dependency, Dependency relatedDependency, java.util.Set<Dependency> dependenciesToRemove)	Adds the relatedDependency to the dependency's related dependencies.
protected boolean	JarAnalyzer.parseManifest(Dependency dependency, java.util.List<JarAnalyzer.ClassNameInformation> classInformation)	Reads the manifest from the JAR file and collects the entries.
protected void	AbstractNpmAnalyzer.processPackage(Engine engine, Dependency dependency, javax.json.JsonArray jsonArray, java.lang.String depType)	Processes a part of package.json (as defined by JsonArray) and update the specified dependency with relevant info.
protected void	AbstractNpmAnalyzer.processPackage(Engine engine, Dependency dependency, javax.json.JsonObject jsonObject, java.lang.String depType)	Processes a part of package.json (as defined by JsonObject) and update the specified dependency with relevant info.
protected void	AbstractNpmAnalyzer.processResults(java.util.List<Advisory> advisories, Engine engine, Dependency dependency, org.apache.commons.collections4.MultiValuedMap<java.lang.String,java.lang.String> dependencyMap)	Processes the advisories creating the appropriate dependency objects and adding the resulting vulnerabilities.
protected void	FalsePositiveAnalyzer.removeBadMatches(Dependency dependency)	Removes bad CPE matches for a dependency.
protected void	AbstractNpmAnalyzer.replaceOrAddVulnerability(Dependency dependency, Vulnerability vuln)	Evaluates if the vulnerability is already present; if it is the vulnerability is not added.
static boolean	JarAnalyzer.setPomEvidence(Dependency dependency, Model pom, java.util.List<JarAnalyzer.ClassNameInformation> classes, boolean isMainPom)	Sets evidence from the pom on the supplied dependency.

Method parameters in org.owasp.dependencycheck.analyzer with type arguments of type Dependency

Modifier and Type	Method	Description
protected abstract boolean	AbstractDependencyComparingAnalyzer.evaluateDependencies(Dependency dependency, Dependency nextDependency, java.util.Set<Dependency> dependenciesToRemove)	Evaluates the dependencies
protected boolean	DependencyBundlingAnalyzer.evaluateDependencies(Dependency dependency, Dependency nextDependency, java.util.Set<Dependency> dependenciesToRemove)	Evaluates the dependencies
protected boolean	DependencyMergingAnalyzer.evaluateDependencies(Dependency dependency, Dependency nextDependency, java.util.Set<Dependency> dependenciesToRemove)	Evaluates the dependencies
static void	DependencyBundlingAnalyzer.mergeDependencies(Dependency dependency, Dependency relatedDependency, java.util.Set<Dependency> dependenciesToRemove)	Adds the relatedDependency to the dependency's related dependencies.
static void	DependencyBundlingAnalyzer.mergeDependencies(Dependency dependency, Dependency relatedDependency, java.util.Set<Dependency> dependenciesToRemove, boolean copyVulnsAndIds)	Adds the relatedDependency to the dependency's related dependencies.
static void	DependencyMergingAnalyzer.mergeDependencies(Dependency dependency, Dependency relatedDependency, java.util.Set<Dependency> dependenciesToRemove)	Adds the relatedDependency to the dependency's related dependencies.

Uses of Dependency in org.owasp.dependencycheck.data.artifactory

Methods in org.owasp.dependencycheck.data.artifactory with parameters of type Dependency

Modifier and Type	Method	Description
protected java.util.List<MavenArtifact>	ArtifactorySearch.processResponse(Dependency dependency, java.net.HttpURLConnection conn)	Process the Artifactory response.
java.util.List<MavenArtifact>	ArtifactorySearch.search(Dependency dependency)	Searches the configured Central URL for the given hash (MD5, SHA1 and SHA256).

Uses of Dependency in org.owasp.dependencycheck.data.golang

Methods in org.owasp.dependencycheck.data.golang that return Dependency

Modifier and Type	Method	Description
Dependency	GoModDependency.toDependency(Dependency parentDependency)	Converts the GoModDependency into a Dependency object.

Methods in org.owasp.dependencycheck.data.golang with parameters of type Dependency

Modifier and Type	Method	Description
Dependency	GoModDependency.toDependency(Dependency parentDependency)	Converts the GoModDependency into a Dependency object.

Uses of Dependency in org.owasp.dependencycheck.dependency

Fields in org.owasp.dependencycheck.dependency with type parameters of type Dependency

Modifier and Type	Field	Description
static java.util.Comparator<Dependency>	Dependency.NAME_COMPARATOR	Simple sorting by display file name and actual file path.

Methods in org.owasp.dependencycheck.dependency that return types with arguments of type Dependency

Modifier and Type	Method	Description
java.util.Set<Dependency>	Dependency.getRelatedDependencies()	Get the unmodifiable set of relatedDependencies.

Methods in org.owasp.dependencycheck.dependency with parameters of type Dependency

Modifier and Type	Method	Description
void	Dependency.addRelatedDependency(Dependency dependency)	Adds a related dependency.
void	Dependency.removeRelatedDependencies(Dependency dependency)	Removes a related dependency.

Uses of Dependency in org.owasp.dependencycheck.processing

Constructors in org.owasp.dependencycheck.processing with parameters of type Dependency

Constructor	Description
BundlerAuditProcessor(Dependency gemDependency, Engine engine)	Constructs a new processor to consume the output of `bundler-audit`.
GoModProcessor(Dependency goDependency, Engine engine)	Constructs a new processor to consume the output of `go list -m -json all`.
MixAuditProcessor(Dependency mixDependency, Engine engine)	Constructs a new processor to consume the output of `mix_audit`.

Uses of Dependency in org.owasp.dependencycheck.reporting

Method parameters in org.owasp.dependencycheck.reporting with type arguments of type Dependency

Modifier and Type	Method	Description
java.util.Collection<SarifRule>	ReportTool.convertToSarifRules(java.util.List<Dependency> dependencies)	Creates a list of SARIF rules for the SARIF report.

Constructor parameters in org.owasp.dependencycheck.reporting with type arguments of type Dependency

Constructor	Description
ReportGenerator(java.lang.String applicationName, java.lang.String groupID, java.lang.String artifactID, java.lang.String version, java.util.List<Dependency> dependencies, java.util.List<Analyzer> analyzers, DatabaseProperties properties, Settings settings)	Deprecated. Please use ReportGenerator(String, String, String, String, List, List, DatabaseProperties, Settings, ExceptionCollection)
ReportGenerator(java.lang.String applicationName, java.lang.String groupID, java.lang.String artifactID, java.lang.String version, java.util.List<Dependency> dependencies, java.util.List<Analyzer> analyzers, DatabaseProperties properties, Settings settings, ExceptionCollection exceptions)	Constructs a new ReportGenerator.
ReportGenerator(java.lang.String applicationName, java.util.List<Dependency> dependencies, java.util.List<Analyzer> analyzers, DatabaseProperties properties, Settings settings)	Deprecated. Please use ReportGenerator(java.lang.String, java.util.List, java.util.List, DatabaseProperties, Settings, ExceptionCollection)
ReportGenerator(java.lang.String applicationName, java.util.List<Dependency> dependencies, java.util.List<Analyzer> analyzers, DatabaseProperties properties, Settings settings, ExceptionCollection exceptions)	Constructs a new ReportGenerator.

Uses of Dependency in org.owasp.dependencycheck.xml.pom

Methods in org.owasp.dependencycheck.xml.pom with parameters of type Dependency

Modifier and Type	Method	Description
static void	PomUtils.analyzePOM(Dependency dependency, java.io.File pomFile)	Reads in the pom file and adds elements as evidence to the given dependency.

Uses of Dependency in org.owasp.dependencycheck.xml.suppression

Methods in org.owasp.dependencycheck.xml.suppression with parameters of type Dependency

Modifier and Type	Method	Description
void	SuppressionRule.process(Dependency dependency)	Processes a given dependency to determine if any CPE, CVE, CWE, or CVSS scores should be suppressed.