Fraunhofer-AISEC / codyze

Codyze is a static analyzer for Java, C, C++ based on code property graphs
https://www.codyze.io
Apache License 2.0
87 stars 18 forks source link

Dependency Dashboard #250

Open renovate[bot] opened 3 years ago

renovate[bot] commented 3 years ago

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Config Migration Needed

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

Ignored or Blocked

These are blocked by an existing closed PR and will not be recreated unless you click a checkbox below.

Detected dependencies

dockerfile
Dockerfile - `eclipse-temurin 17.0.13_11-jre`
docs/Dockerfile
github-actions
.github/workflows/build.yml - `actions/checkout v4` - `actions/setup-java v4` - `gradle/actions v4` - `softprops/action-gh-release v2`
.github/workflows/codecov.yml - `actions/checkout v4` - `actions/setup-java v4` - `gradle/actions v4` - `actions/upload-artifact v4` - `codecov/codecov-action v4`
.github/workflows/detekt.yml - `actions/checkout v4` - `actions/setup-java v4` - `gradle/actions v4` - `github/codeql-action v3`
.github/workflows/docs.yml - `actions/checkout v4` - `actions/setup-java v4` - `gradle/actions v4` - `actions/setup-python v5`
.github/workflows/upgrade.yml - `actions/checkout v4` - `actions/setup-java v4` - `gradle/actions v4` - `actions/upload-artifact v4` - `actions/download-artifact v4` - `actions/github-script v7`
gradle
gradle.properties
settings.gradle.kts
build.gradle.kts
buildSrc/settings.gradle.kts
buildSrc/build.gradle.kts
buildSrc/src/main/kotlin/code-quality.gradle.kts
buildSrc/src/main/kotlin/documented-module.gradle.kts
buildSrc/src/main/kotlin/documented.gradle.kts
buildSrc/src/main/kotlin/features.gradle.kts
buildSrc/src/main/kotlin/metadata.gradle.kts
buildSrc/src/main/kotlin/module.gradle.kts
buildSrc/src/main/kotlin/publish.gradle.kts
code-coverage-report/build.gradle.kts
codyze-backends/cpg/build.gradle.kts
codyze-cli/build.gradle.kts
codyze-core/build.gradle.kts
codyze-plugins/build.gradle.kts - `com.github.spotbugs:spotbugs 4.8.6` - `com.h3xstream.findsecbugs:findsecbugs-plugin 1.13.0` - `net.sourceforge.pmd:pmd-core 7.7.0` - `net.sourceforge.pmd:pmd-java 7.7.0`
codyze-specification-languages/coko/coko-core/build.gradle.kts
codyze-specification-languages/coko/coko-dsl/build.gradle.kts
gradle/libs.versions.toml - `io.github.detekt.sarif4k:sarif4k 0.6.0` - `org.jetbrains.kotlinx:kotlinx-serialization-json 1.7.3` - `org.jetbrains.kotlin:kotlin-reflect 1.9.25` - `de.fraunhofer.aisec:cpg-core 8.3.0` - `de.fraunhofer.aisec:cpg-analysis 8.3.0` - `de.fraunhofer.aisec:cpg-language-cxx 8.3.0` - `de.fraunhofer.aisec:cpg-language-java 8.3.0` - `io.github.oshai:kotlin-logging-jvm 7.0.0` - `org.apache.logging.log4j:log4j-slf4j2-impl 2.24.1` - `com.github.ajalt.clikt:clikt 5.0.1` - `io.insert-koin:koin-core 4.0.0` - `io.insert-koin:koin-test 4.0.0` - `io.insert-koin:koin-test-junit5 4.0.0` - `org.jetbrains.kotlin:kotlin-scripting-common 1.9.25` - `org.jetbrains.kotlin:kotlin-scripting-jvm 1.9.25` - `org.jetbrains.kotlin:kotlin-scripting-jvm-host 1.9.25` - `org.jetbrains.kotlin:kotlin-scripting-dependencies 1.9.25` - `io.gitlab.arturbosch.detekt:detekt-formatting 1.23.7` - `org.junit:junit-bom 5.11.3` - `io.mockk:mockk 1.13.13` - `org.jetbrains.kotlin:kotlin-gradle-plugin 1.9.25` - `org.jetbrains.dokka:dokka-gradle-plugin 1.9.20` - `com.diffplug.spotless:spotless-plugin-gradle 6.25.0` - `io.gitlab.arturbosch.detekt:detekt-gradle-plugin 1.23.7` - `org.jetbrains.dokka:dokka-base 1.9.20` - `org.jetbrains.kotlin.plugin.serialization 1.9.25` - `org.jetbrains.dokka 1.9.20` - `com.diffplug.spotless 6.25.0`
gradle-wrapper
gradle/wrapper/gradle-wrapper.properties - `gradle 8.10.2`

oxisto commented 2 years ago

We should probably exclude dependencies in the script folder (or maybe get rid of those scripts anyway).

fwendland commented 2 years ago

I would like to keep the work in script but it might be better served elsewhere 🤔 I think that the tools are good for our own testing and third party users can use them as well.