-
Hi,
I have a project which uses a dependency (let's call it `otj-pg-embedded` for now) which does not use any module info. I want to add this to the plugin (so when it scans my dependencies, it cor…
-
minimatch v3.0.4 triggering this waring in our vulnerabiilty scans.
https://nvd.nist.gov/vuln/detail/CVE-2022-3517#:~:text=A%20vulnerability%20was%20found%20in,in%20a%20Denial%20of%20Service.
-
/kind feature
**Describe the solution you'd like**
After a brief review of the vulnerabilities in an SCA scan, I'm curious if SCA scanning takes place for this repo? Using one SCA tool, 16 critica…
-
I built a project that uses the CmdMessenger library from http://playground.arduino.cc/Code/CmdMessenger. This library uses the Streaming library from http://arduiniana.org/libraries/streaming/. I'v…
-
We need a way for language servers to figure out what file an "absolute path" resolves to.
As in, if I write `import my_project::foo`, which folder does the language server look at?
## `wesl.toml`…
-
### Describe the bug
When I do a scan, the output of the scan shows duplicates.
![image](https://github.com/jfrog/frogbot/assets/619530/c35ae769-b066-44d8-b8c4-4b9b72c87cf1)
### Current behavior
…
-
-
https://github.com/davglass/license-checker/blob/master/lib/index.js#L45
Here, to avoid circular dependencies traversal we also avoid to scan same package version twice.
[read-installed](https://g…
-
### Steps to reproduce the bug with the above code
When specifying a package by path dependency, `cargo` is only willing to use that package's own declared path dependencies and ignores newer SemVe…
-
Providing explicit preprocessor dependencies might be a bit cumbersome for lazy people (like me). Think about a way how to automatically scan possible sources of mixins and variables for currently ope…