hjhamala
commented
5 years ago This is now ready for review. I will squash the commits when this is ready for merge.
Closed hjhamala closed 5 years ago
hjhamala
commented
5 years ago This is now ready for review. I will squash the commits when this is ready for merge.
hjhamala
commented
5 years ago @fsantiag changes have now been made with exception that default values seems to not work on plugin properties. Maybe this could be merged nevertheless.
Adds support for vulnerability detection invoking lein-nvd. Found vulnerabilities are mapped against project.clj.
Vulnerability is not mapped to dependecy name because vulnerabilities are against files - not against dependencies. It should be possible try to match JAR against dependency name. For the transitive dependencies deps tree should be generated and then if match is found back track to original dependency.