search

sonatype-nexus-community / scan-gradle-plugin

Gradle plugin that scans the dependencies of a Gradle project using Sonatype platforms: OSS Index and Nexus IQ Server.
Apache License 2.0
77 stars 21 forks source link

[FEATURE] Change default output for a table structure #43

Closed guillermo-varela closed 3 years ago

guillermo-varela commented 4 years ago

The current output is a tree/graph showing the dependencies (direct and transitive) and below the vulnerabilities found. An example can be found at: https://github.com/sonatype-nexus-community/scan-gradle-plugin/pull/34

To keep consistency with other OSS Index tools, and make the output easier to read there is the initiative to make the tree/graph as an optional output (requiring a new flag) and use as default a table structure.

Screen Shot 2020-08-20 at 6 08 39 PM

At the end, if any vulnerability is found show a hint on how to get the tree output to start fixing vulnerabilities.

cc @bhamail / @DarthHater / @guillermo-varela

guillermo-varela commented 4 years ago

This is an alternative structure from auditJS

Screen Shot 2020-08-22 at 10 34 15 PM