Jeremy Long
Jeremy Long
@nlassai apply the plugin to the rootProject instead of `allprojects` or `subprojects`?
I completely agree - this is something on the list for both the gradle and maven plugin. Best we've done so far is a hackish solution for Maven: https://gist.github.com/jeremylong/ec5d496f64fc5bba6d47b2524a40ce3f The...
See https://jeremylong.github.io/DependencyCheck/data/index.html
Sorry about the delayed response - we accept PRs... I haven't found a good way to obtain the non-proxy host from gradle itself.
Can someone provide a project that is failing to honor the replace directive? The PR provided did include an example - but obviously there is something else going on. As...
@aikebah I've often wondered how much of the load on the NVD has been caused by this project... > I wonder whether the NVD changes might be triggered by excessive...
I have not looked at this specific issue - however, the question around suppressing items that are not actually part of the build artifacts may come down to not scanning...
We will upgrade the library when it is available. However, this issue is from a dependency: https://github.com/FasterXML/jackson-modules-base/issues/37
I've run scans using the latest docker image and do not see the warning. @calebwhitt to be clear - this is a warning not an error. Disabling afterburner had an...
As [stated previously](https://github.com/jeremylong/DependencyCheck/issues/2793#issuecomment-721742257) when the dependencies are available to resolve the warning we will upgrade. However, we are waiting a solution in the faster xml afterburner library. That being said...