patton
patton copied to clipboard
Java raw dependency parser
Add support for searching for vulnerabilities in Java projects.
First we have to resolve the final version of all the components on which the the project depends on. After that we need to map the library name and version to a CPE and finally search for vulnerabilities on those CPEs.
We need support for both Maven and Gradle.
Add support to parse raw dependencies from Maven and Gradle