vulcanlee
commented
5 months ago @deviprasad987
I have never used the Black duck tool, and I don’t have the Black duck tool here.
For this Repository https://github.com/vulcanlee/Prism-MAUI-Template, it provides a quick creation of a .NET MAUI project development template, in which commonly used NuGet packages will be specified in the project in advance and created project folder, nothing more.
Regarding the issue you mentioned, "Vulcan.Maui.Template" is a NuGet package name, which is the package name for quickly creating project templates. This "Vulcan.Maui.Template" is not used in the generated project file.
I actually used this package to create a .NET MAUI project, and used the "Vulcan.Maui.Template" keyword to search the entire project source code, and only found this keyword in the "Maui.Template.md" file.
In fact, this "Maui.Template.md" file is just a text file similar to a readme. In fact, you can try to remove this file and scan it again. In principle, the source code content of this project alone should not be It is correct to see any text related to "Vulcan.Maui.Template". The reason is that this "Vulcan.Maui.Template" Package will not be used at all when compiling and executing this project.
We have created project in MAUI, and using Black duck for security vulnerabilities while scanning the MAUI application with Black duck it got detected "Vulcan.Maui.Template" package for Android and MacCatalyst projects but we haven't installed any such packages and there is no references for the same. Could you please help in this.
Please refer the below image for the reference.
Below is the content of the Android and MacCatalyst
Steps to Reproduce Create a MAUI application. Scan the application using Black Duck. The Black duck tool detecting un-known license package "Vulcan.Maui.Template" In Android and MacCatalyst projects.
Could you help me with this