Awesome Java App

Non-functional example Java application project intended as a specimen for dependency scanning analysis.

The app contains a single, deliberately outdated, dependency, Stanford CoreNLP, at v4.3.2, due to its interesting properties (various transitive dependencies, licenses, and vulnerabilities).

Prerequisites

A JDK is required, recommend at least Java 17. A great way to manage JDK installations is SDKMAN!.

Assembly

Run

./gradlew installDist

to assemble and "install" a distribution of the app under build/install. The dependency JARs will be included under build/install/awesome-java-app/lib.

SBOM

Run

./gradlew cyclonedxBom

to generate an SBOM from the runtime classpath dependency tree, in CycloneDX JSON format. The SBOM file will be created at build/reports/bom.json.

Name		Name	Last commit message	Last commit date
Latest commit History 6 Commits
gradle/wrapper		gradle/wrapper
.gitattributes		.gitattributes
.gitignore		.gitignore
README.md		README.md
build.gradle		build.gradle
gradlew		gradlew
gradlew.bat		gradlew.bat
settings.gradle		settings.gradle

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Awesome Java App

Prerequisites

Assembly

SBOM

About

psibre/java-app-vuln-license-sbom-mwe

Folders and files

Latest commit

History

Repository files navigation

Awesome Java App

Prerequisites

Assembly

SBOM

About

Resources

Stars

Watchers

Forks