-
As being discussed in https://github.com/nexB/scancode.io/issues/885, we need to improve the Package and Dependency relationships to support transitive dependencies.
During this, should a dependenc…
-
I encountered an error after downloading the dependencies and starting the project. I checked three.js version 1.66 and could not find LinearEncoding. Is there an issue with the version of three.js I …
-
If I have dependencies defined in a specific order (see reproducer) a capability conflict is not detected.
### Expected Behavior
The capability conflict is detected and resolved as defined in the …
-
### Current Behavior
There is a confusing error when a `@Nested` task input has private visibility.
```
* What went wrong:
Could not determine the dependencies of task ':myCustomTask'.
> Null value …
-
Scan should work offline (without internet connectivity) for SAST scanning. For dependency scanning, it has to pull vulnerability databases from NVD and GitHub. This issue involves testing scan withou…
-
Recently, we updated our Kotlin version from 1.9.10 to 2.0, after this change dependencyCheck stopped working.
Both the 9.0.10 and 10.0.3 versions plugin gives the error as follows,
`> Task :depen…
-
**Describe the bug**
Dependency check operation breaks when run in an Angular app with node-gyp dependency installed
**Version of dependency-check used**
The problem occurs using version 10.0.2
…
-
### Current Behavior
I created a new project and imported an SBOM of an old version of debian-slim. Trivy reports vulnerabilities but dependencyTrack doesn't. I created a Sonatype OSS account and con…
-
MEND.io code scanning tool has identified that the latest available [PyGithub 2.3.0](https://pypi.org/project/PyGithub/2.3.0/) (released 2024-03-24) has a dependency on a vulnerable urllib3 package < …
-
- [x] Acunetix Scanner
- [ ] Anchore-Engine
- [ ] Aqua
- [ ] Anchore Grype
- [x] Arachni Scanner
- [ ] AppSpider (Rapid7)
- [ ] AuditJS (OSSIndex)
- [ ] AWS Security Hub
- [ ] AWS Prowler Scan…