search

hyperledger / fabric-gateway

Go, Node and Java client API for Hyperledger Fabric v2.4+
https://hyperledger.github.io/fabric-gateway/
Apache License 2.0
150 stars 88 forks source link

Fix Java OSV-Scanner scan #606

Closed bestbeforetoday closed 1 year ago

bestbeforetoday commented 1 year ago

Transitive dependencies were missed from the effective POM generated using the Maven Help plugin. Instead, generate a CycloneDX Software Bill of Materials (SBOM), and run OSV-Scanner on that SBOM.