Analyses your Java applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determine code context and usage for greater accuracy. https://eclipse.github.io/steady/
Apache License 2.0
517
stars
123
forks
source link
Removed digest from instr. code for classes in BOOT-INF/classes #536
Java classes below WEB-INF/classes in a WAR and below BOOT-INF/classes in a Spring-Boot JAR are considered belonging to the application under analysis. For this reason, the digest of the WAR and JAR respectively will not be included in the instrumentation code. This digest should only be set for code in dependencies.
Java classes below
WEB-INF/classesin a WAR and belowBOOT-INF/classesin a Spring-Boot JAR are considered belonging to the application under analysis. For this reason, the digest of the WAR and JAR respectively will not be included in the instrumentation code. This digest should only be set for code in dependencies.TODOs