sbt-dependency-check
sbt-dependency-check copied to clipboard
albuch
SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). :rainbow:
Updates [com.google.code.gson:gson](https://github.com/google/gson/) from 2.9.0 to 2.9.1. [Changelog](https://github.com/google/gson/blob/master/CHANGELOG.md) I'll automatically update this PR to resolve conflicts as long as you don't change it yourself. If you'd like to skip this version,...
Updates * [org.scala-sbt:sbt](https://github.com/sbt/sbt) * [org.scala-sbt:scripted-plugin](https://github.com/sbt/sbt) from 1.6.2 to 1.7.1. [GitHub Release Notes](https://github.com/sbt/sbt/releases/tag/v1.7.1) - [Version Diff](https://github.com/sbt/sbt/compare/v1.6.2...v1.7.1) I'll automatically update this PR to resolve conflicts as long as you don't change it...
Updates org.owasp:dependency-check-core from 7.1.0 to 7.1.1. I'll automatically update this PR to resolve conflicts as long as you don't change it yourself. If you'd like to skip this version, you...
Public Scala Steward Bot is not available anymore. We need to implement something ourselves: https://github.com/scala-steward-org/scala-steward-action
**Is your feature request related to a problem? Please describe.** If a transitive dependency has a vulnerability it would be great to directly see which actual dependency defined in the...
Updates org.slf4j:slf4j-simple from 1.7.36 to 2.0.1. I'll automatically update this PR to resolve conflicts as long as you don't change it yourself. If you'd like to skip this version, you...
Updates org.owasp:dependency-check-core from 7.1.0 to 7.1.2. I'll automatically update this PR to resolve conflicts as long as you don't change it yourself. If you'd like to skip this version, you...
## About this PR 📦 Updates org.slf4j:slf4j-simple from `2.0.9` to `2.0.12` ## Usage ✅ **Please merge!** I'll automatically update this PR to resolve conflicts as long as you don't change...
## About this PR 📦 Updates [com.github.sbt:sbt-release](https://github.com/sbt/sbt-release) from `1.1.0` to `1.4.0` 📜 [GitHub Release Notes](https://github.com/sbt/sbt-release/releases/tag/v1.4.0) - [Version Diff](https://github.com/sbt/sbt-release/compare/v1.1.0...v1.4.0) ## Usage ✅ **Please merge!** I'll automatically update this PR to resolve...
Would it be possible to foresee an upgrade to [OWASP DependencyCheck v9.0.1](https://github.com/jeremylong/DependencyCheck/releases/tag/v9.0.1)? The main driver for this is the update for the new NVD API which now requires an API...
