search

dependency-check / dependency-check-gradle

The dependency-check gradle plugin is a Software Composition Analysis (SCA) tool that allows projects to monitor dependent libraries for known, published vulnerabilities.
http://jeremylong.github.io/DependencyCheck/
Apache License 2.0
361 stars 93 forks source link

Sources link on GPP doesn't point to a URL #380

Open TWiStErRob opened 8 months ago

TWiStErRob commented 8 months ago

See https://plugins.gradle.org/plugin/org.owasp.dependencycheck/9.0.9 Click git@... link.

jeremylong commented 8 months ago

yup - I'd love to know how to fx it.

TWiStErRob commented 8 months ago

Example: https://plugins.gradle.org/plugin/com.github.gmazzo.buildconfig/3.1.0 https://github.com/gmazzo/gradle-buildconfig-plugin/blob/f6cc81bfc0b814b2cf66827d361d9c5995bd3462/plugin/build.gradle.kts#L48

...

Ah, you have the same: https://github.com/dependency-check/dependency-check-gradle/blob/adb51a588d7083490e41e5e12f77e01d2f254612/build.gradle#L184

big difference is pluginBundle vs gradlePlugin, I think you need to re-wire com.gradle.plugin-publish, because it has a new major version: https://plugins.gradle.org/plugin/com.gradle.plugin-publish, this should enable Gradle 8 update too.