Jeremy Long

I've never seen a configuration that used: ``. I'd expect something more like: ``` org.owasp dependency-check-maven 9.0.7 https://nexsus-server/nexus/repository/binaries/xx/xxx/xxx/owasp-v9/publishedSuppressions/latest/publishedSuppressions-latest.xml check ``` Also, if you add the `-x` argument all of the...

If your nexus requires auth - it could be being blocked.

Is this still an issue?

The long term plan is to-do something along this line. This is one of the enhancements I've had planned for quite some time. Thanks for posting the enhancement request -...

That would work for Maven... There is a CLI, Ant task, and Jenkins plugin also (and possibly a gradle plugin in the future)... I was originally considering something a bit...

I played around with this: https://gist.github.com/jeremylong/ec5d496f64fc5bba6d47b2524a40ce3f

Try running `go list -m -json -all` without the readonly and see if that corrects the problem?

When you are using the semantic versioning - what happens when you run: `go list -json -m all`

At the moment - the `buildScript` is the only option. We need to implement a new configuration for "plugins" and dependencies for dependency-check. For future implementation ideas: - define/extend configuration:...

Most would just setup a scan as part of their CI. For GitHub Actions several use https://github.com/dependency-check/Dependency-Check_Action Creating a separate space for developers to go do security work has become...