Jeremy Long
Jeremy Long
Thanks for ping me on this one: https://github.com/jeremylong/DependencyCheck/pull/4905
Likely one of the dependencies has an embedded DLL file that is being picked up by the .net assembly analyzer. You can disable the analyzer: ```groovy dependencyCheck { analyzers {...
@dependabot ignore this dependency
See the sample suppression file: https://jeremylong.github.io/DependencyCheck/general/suppression.html (line 38). Is this what you are looking for? It might not work as expected as the suppression rules are currently `or` conditions...
We are not a plugin for apache. Not sure what you are asking for.
Maybe add `--log odc.log` to see the log file. As stated above - the provided output does not show any errors. If I had to guess - running ODC multiple...
This should be fixed with the next release (patched via #4935).
We accept PR ;) Honestly, most of the other language/tech stacks have come from PRs.
One of the best ways is to look at the analyzer for a language that is similar. I'm not sure if there is a lock file that declares the dependencies...
@sticksen additional documentation would be great.