Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/debricked/soot-wrapper

Analyses how you use your dependencies to figure out if you use the vulnerable parts of a vulnerable dependency
https://github.com/debricked/soot-wrapper

Last synced: about 2 months ago
JSON representation

Analyses how you use your dependencies to figure out if you use the vulnerable parts of a vulnerable dependency

Host: GitHub
URL: https://github.com/debricked/soot-wrapper
Owner: debricked
License: mit
Created: 2021-04-08T11:15:48.000Z (almost 4 years ago)
Default Branch: master
Last Pushed: 2024-02-13T13:53:17.000Z (11 months ago)
Last Synced: 2024-05-02T06:15:55.226Z (8 months ago)
Language: Java
Homepage:
Size: 133 KB
Stars: 4
Watchers: 3
Forks: 5
Open Issues: 2
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # ⚠️ BETA QUALITY SOFTWARE! ⚠️

## Vulnerable Functionality

This repo analyses your code to determine what parts of your dependencies you use, and stores this in a file which can be picked up debricked.

This, combined with our information about what parts of dependencies are affected by CVEs, allows us to determine whether you use the parts of a dependency affected by a vulnerability, or if its safe to continue using the dependency in spite of the vulnerability.

## Setup

Go to common java directory: `cd java/common/`

Build SootWrapper: `mvn clean package -X -DskipTests`

You will now have jar-file in the target directory: `java/common/target`.