evyaroshevich
evyaroshevich
### Current Behavior While scanning the Flutter project, I discovered a false positive. DependencyTrack incorrectly identified the package pkg:pub/[email protected] as belonging to the npm repository and issued the vulnerability CVE-2020-28423....
In the cdxgen update, a new function, mvn dependency:copy-dependencies, was added after the makeAggregateBom task. This addition has completely broken my pipelines because makeAggregateBom was working with the pom.xml file...
After updating cdxgen to version 10.8.0+ and the addition of multi-module support, I can no longer exclude certain modules. I have a multi-project on Maven, but one of its submodules...
I noticed that guassp cannot find the project_id from the returned list (by default 20 projects) because there were many more results, and due to pagination, they didn't fit in...