Closed bestbeforetoday closed 1 year ago
Transitive dependencies were missed from the effective POM generated using the Maven Help plugin. Instead, generate a CycloneDX Software Bill of Materials (SBOM), and run OSV-Scanner on that SBOM.
Transitive dependencies were missed from the effective POM generated using the Maven Help plugin. Instead, generate a CycloneDX Software Bill of Materials (SBOM), and run OSV-Scanner on that SBOM.