jeremylong

Follow

Jeremy Long jeremylong

Follow

Founder and project lead for dependency-check.

823 followers · 4 following

Sponsors

Achievements

BetaSend feedback

Achievements

BetaSend feedback

Highlights

Pro

Organizations

Block or Report

Block or report jeremylong

Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

Pinned

DependencyCheck Public

OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.

Java 4.6k 1k
dependency-check/dependency-check-gradle Public

The dependency-check gradle plugin allows projects to monitor dependent libraries for known, published vulnerabilities.

Groovy 283 77
vuln-tools Public

A Java library and CLI for the NVD API.

Java 5 1

1,597 contributions in the last year

Learn how we count contributions

Less More

Contribution activity

December 2022

Created 33 commits in 8 repositories

Created 2 repositories

jeremylong/cdn-jscan Java Dec 6
jeremylong/commons-jcs Java Dec 1

Created a pull request in Homebrew/homebrew-core that received 2 comments

dependency-check 7.4.0

Have you followed the guidelines for contributing? Have you ensured that your commits follow the commit style guide? Have you checked that the…

+2 −2 • 2 comments

Opened 12 other pull requests in 5 repositories

jeremylong/DependencyCheck 6 merged 1 open

Release 7.4.1 Dec 9
fix: correct node_module path Dec 8
fix: broken links Dec 8
fix: ensure suppression file is not removed during publish Dec 6
Release 7.4.0 Dec 4
fix: upgrade to JCS3 Dec 4
fix: update build badge Dec 2

apache/commons-jcs 1 merged 1 closed

Homebrew/homebrew-core 1 closed

dependency-check 7.4.1 Dec 9

dependency-check/dependency-check-gradle 1 merged

feat: release 7.4.0 Dec 4

jeremylong/vuln-tools 1 merged

feat: reproducible builds Dec 3

Reviewed 9 pull requests in 2 repositories

jeremylong/DependencyCheck 8 pull requests

build(deps): bump annotations from 23.0.0 to 23.1.0 Dec 9
Remove unused dependencies on maven libraries Dec 9
fix: Links Dec 8
Fp fixes Dec 8
fix: document scanning dependency-check with dependency-check Dec 4
feat: Add CISA Known Exploited Vulnerability Catalog Dec 4
build(deps): bump maven-dependency-plugin from 3.3.0 to 3.4.0 Dec 2
Optimize file checksums calculation Dec 2

apache/commons-jcs 1 pull request

fix: handle ServiceConfigurationError Dec 3

Created an issue in jeremylong/DependencyCheck that received 4 comments

[FP]: JAR file with minimal content is identified as multiple maven packages

Package URl pkg:maven/com.palantir.atlasdb/timelock-server-distribution@0.779.0-rc2 CPE cpe:2.3:a:jetbrains:kotlin:0.1.1 CVE No response ODC Integr…

4 comments