snyksec
commented
2 years ago :tada: This PR is included in version 3.18.1 :tada:
The release is available on:
Your semantic-release bot :package::rocket:
Closed gitphill closed 2 years ago
snyksec
commented
2 years ago :tada: This PR is included in version 3.18.1 :tada:
The release is available on:
Your semantic-release bot :package::rocket:
What this does
When we see multiple JSONDEPS lines, assume the first line was correct and do not throw an exception. We have seen in some more sophisticated project setups this become an issue. There is a flag 'snykDepsConfExecuted' in the init.gradle that should protect against this, but doesn't always.
There is more work todo in order to remove this assumption, but we need to work on a better method of communicating with the Gradle API from the init.gradle script that is guaranteed to produce one consistent graph object.