Get a Demo

Patch

dnsjava:dnsjava 3.5.3

Package Version

dnsjava:dnsjava 3.5.3

Github Repository

Package Version Scores

Overall

0

/10

Security

4

Activity

7

Popularity

8

Quality

4

Quality

Pull Requests from Bots

Pull requests from bot accounts indicate that the project is using automation for development tasks.

Quality

Pull Requests from Bots

Pull requests from bot accounts indicate that the project is using automation for development tasks.

Endor Patches

66d76b70868ec0c2e835fce6

CVEs Fixed

C

0

H

1

+1963

-456

Vulnerabilities Fixed

DNSJava DNSSEC Bypass

Get the Patch Instantly Without Upgrading

Fix Without Upgrading

Detect compatible fix

Apply safe remediation

Fix with a single pull request

References

Basic Information

Ecosystem

Release Date

LINES OF CODE CHANGED

+1963

-456

-

on latest patch

License

Patch Available

Get the Patch Instantly

Secure your app without upgrading.

Fix Without Upgrading

{
"items": [
{
"title": "Recent Commit Activity",
"description": "Recent commit activity indicates that the project is active",
"category": "activity",
"type": "upscore"
},
{
"title": "High Ratio of Closed Issues",
"description": "More issues being closed than opened indicates that the project is active",
"category": "activity",
"type": "upscore"
},
{
"title": "Issues with Labels",
"description": "Attaching labels to issues allows for better tracking of issue activity in the project",
"category": "code quality",
"type": "upscore"
},
{
"title": "High Ratio of Issues Created by External Contributors",
"description": "A high ratio of issues opened by external contributors indicates that the project is active",
"category": "activity",
"type": "upscore"
},
{
"title": "High Ratio of Unmerged Pull Requests",
"description": "Significantly more pull requests being submitted than merged indicates that the project may not be maintained",
"category": "activity",
"type": "downscore"
},
{
"title": "High Ratio of Rejected Pull Requests",
"description": "A high ratio of rejected pull requests indicates that the project may not be actively developed",
"category": "activity",
"type": "downscore"
},
{
"title": "Limited Activity From Corporate Accounts",
"description": "Lack of activity from corporate affiliated accounts indicates that the project may not have reliable backing and support",
"category": "activity",
"type": "downscore"
},
{
"title": "First Major Release Milestone Achieved",
"description": "The repository has reached 1.0 release status, this is a sign of maturity",
"category": "code quality",
"type": "upscore"
},
{
"title": "Older Releases are Maintained",
"description": "The repository keeps releasing updates to earlier release trains, this is a sign of a commitment to maintaining and supporting the users of the project",
"category": "activity",
"type": "upscore"
},
{
"title": "Releases Have Popular Artifacts",
"description": "Some of the released artifacts of the repository have been downloaded many times, this means the project is popular",
"category": "popularity",
"type": "upscore"
},
{
"title": "Recent Release Activity",
"description": "The repository has some very recent releases and this shows that it is actively maintained",
"category": "activity",
"type": "upscore"
},
{
"title": "Unusually Fast First Release",
"description": "It is unusual for a repository to have its first release so soon after getting created",
"category": "code quality",
"type": "downscore"
},
{
"title": "Organization Repository",
"description": "When a repository belongs to an organization there is a lower risk of it getting abandoned in the future",
"category": "activity",
"type": "upscore"
},
{
"title": "Unfixed Medium Severity Vulnerabilities",
"description": "Unfixed medium severity vulnerabilities discovered in a repository indicate a somewhat elevated security risk. Analysis only considers vulnerabilities associated with this repository and not its dependencies. Vulnerability information is based on OSV.dev data and Endor's vulnerability database",
"category": "security",
"type": "downscore"
},
{
"title": "Has Stars",
"description": "Having some stars indicates interest in the project. ",
"category": "popularity",
"type": "upscore"
},
{
"title": "Has Forks",
"description": "Having some forks shows an interest in the project",
"category": "popularity",
"type": "neutral"
},
{
"title": "Many Subscribers",
"description": "A very large number of subscribers indicates an active interest in the project",
"category": "popularity",
"type": "upscore"
},
{
"title": "No Automated Build System",
"description": "Reproducible builds using makefiles or CI systems allow verification that no modifications, such as vulnerabilities or backdoors, have been introduced during a package's build process",
"category": "code quality",
"type": "downscore"
},
{
"title": "Repository Contains Binary Files",
"description": "When a repository contains binary files it is harder to analyze and assess its functionality and risks",
"category": "code quality",
"type": "downscore"
},
{
"title": "High Ratio of Test Code",
"description": "High quality projects should use tests",
"category": "code quality",
"type": "upscore"
},
{
"title": "No Best Practices Files",
"description": "The repository does not have any of the files that typically explain basic operational aspects of the project, this may be an indication that the project is not well maintained",
"category": "code quality",
"type": "downscore"
},
{
"title": "Repository has Topics",
"description": "Configuring topics is an indication that the repository is well maintained",
"category": "activity",
"type": "upscore"
},
{
"title": "Repository Uses CI",
"description": "The use of continuous integration is a sign of good developer practices",
"category": "code quality",
"type": "upscore"
},
{
"title": "Repository has a High CI Pass Rate",
"description": "The repository uses CI and a high fraction of commits pass the CI checks which is a sign of good code quality",
"category": "code quality",
"type": "upscore"
}
]
}