Analyses your Java applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determine code context and usage for greater accuracy. https://eclipse.github.io/steady/
The workaround to avoid using kaybee merge (for performance issues) requires a copy of the statements pulled by kaybee via the 'cp'. With this PR, the name of the folder where kaybee pulls the data is now built based on the environment variables defining which repository and branch to use (before the official SAP/projectKB was hardcoded).
Moreover, the env variables used by the container steady-kb-importer are now printed at start up (by start.sh).
The workaround to avoid using kaybee merge (for performance issues) requires a copy of the statements pulled by kaybee via the 'cp'. With this PR, the name of the folder where kaybee pulls the data is now built based on the environment variables defining which repository and branch to use (before the official SAP/projectKB was hardcoded). Moreover, the env variables used by the container steady-kb-importer are now printed at start up (by start.sh).