Open sergeykad opened 8 months ago
At the moment - the buildScript
is the only option. We need to implement a new configuration for "plugins" and dependencies for dependency-check.
For future implementation ideas:
With the increasing problems of the NVD API in the last weeks I think more people will start to adopt the central db approach to decouple the the analyze and update steps and run into the same problem.
It would be nice to give this some priority as adding dependencies to the buildScript block has some major drawbacks.
I found the example for configuring DB driver dependency for Maven, but is there a similar explanation for Gradle?
I suppose I can add it to the
buildscript
block, but I think this approach is discouraged in the last Gradle versions. Maybe there is a separate configuration available that allows to specify it like the following?The main issue with using
buildscript
block AFAIK is that dependencies can leak into the project being built or other plugins.