Skip to content

Analyses how you use your dependencies to figure out if you use the vulnerable parts of a vulnerable dependency

License

Notifications You must be signed in to change notification settings

debricked/soot-wrapper

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 

Repository files navigation

⚠️ BETA QUALITY SOFTWARE! ⚠️

Vulnerable Functionality

This repo analyses your code to determine what parts of your dependencies you use, and stores this in a file which can be picked up debricked.

This, combined with our information about what parts of dependencies are affected by CVEs, allows us to determine whether you use the parts of a dependency affected by a vulnerability, or if its safe to continue using the dependency in spite of the vulnerability.

Setup

Go to common java directory: cd java/common/

Build SootWrapper: mvn clean package -X -DskipTests

You will now have jar-file in the target directory: java/common/target.

About

Analyses how you use your dependencies to figure out if you use the vulnerable parts of a vulnerable dependency

Resources

License

Stars

Watchers

Forks

Packages