DependencyCheck
DependencyCheck copied to clipboard
Add Dependency Source
Currently, ODC primarily tracks the file path of the dependency - not necessarily the "source". If scanning a pom.xml we do not provide the path to the pom. We do list the project/scope - but that doesn't necessarily get back to the specific pom.xml. This can cause confusion when trying to generate reports - see #5920.