niccokunzmann
commented
5 years ago This is old now. I close it as I had no further contact.
Closed niccokunzmann closed 5 years ago
niccokunzmann
commented
5 years ago This is old now. I close it as I had no further contact.
Details I am reaching out to you today to invite you and your team to try the latest version Up2Dep to see how we can support developers in keeping their project dependency Up2Dep, and in avoiding insecure library versions.
Unlike any other existing tools, Up2Dep takes into account the compatibility of your code with the newer versions of the third-party libraries. It further maintains a database of vulnerable library versions (publicly disclosed vulnerabilities). It additionally checks for cryptographic misuse in Android libraries. These feature helps you avoid using insecure libraries which in the end makes your applications more secure. More information please visit here.
https://project.cispa.io/up2dep/
Exemplary project
Right after you have installed Up2Dep, you can examine how Up2Dep works and familiarize yourself with Up2Dep in an exemplary project. If you choose “Exemplary Project” at the welcome dialog, Up2Dep will automatically set up a simple Android project with dependencies that show case main features of Up2Dep.
Survey After working with Up2Dep for a while (at least 15 minutes and you have applied at least 5 quickfixes e.g., upgrade dependencies, show dependencies, provide feedback). Up2Dep will ask you in a notification dialog (on the right below corner of your Android Studio) to join our survey to share with us your experience, so that we can improve Up2Dep in our later releases. This is not mandatory but this is the only way for us to improve Up2Dep in later releases, therefore we would really appreciate your help here. The survey would take you roughly 15 minutes.
Please let me know if you have any questions.