fviale
commented
5 years ago One comment in general, could you make the task build depends on audit?
Closed mcompastie closed 5 years ago
fviale
commented
5 years ago One comment in general, could you make the task build depends on audit?
In this PR, we (i) integrate the oss-audit to determine CVE flawing the code of the projet and (ii) update the dependencies identified as vulnerable to their latest maintenance versions.
A contributor can now inspect the project to assess if security updates have to be enforced by executing
./gradlew audit [--info].