seancorfield
commented
10 months ago I've created three other PRs that should be reviewed/approved before this one.
Closed seancorfield closed 10 months ago
seancorfield
commented
10 months ago I've created three other PRs that should be reviewed/approved before this one.
seancorfield
commented
10 months ago This is superseded by #41 (but there are several other PRs that need review before they can be merged).
This updates the project's dependencies, including:
tools.deps.alphatotools.depsThe latter change is breaking: dependency checker 9.0.x requires an API key from NIST and introduces a number of new properties that are replacements for previous properties.
I've been testing this locally with my own API key. I think clj-watson could include a default key but there really needs to be a way to specify and override the
dependency-check.propertiessettings. Perhaps a local, optional properties file could be looked for and merged in? Or perhaps JVM options could be supported?While I have the
nvd.api.delayset to2000which should be the default for the API usage, some people have indicated they have needed to set higher values. It also seemed that omitting it did not work correctly, despite the DC library setting its own default.