Opened 4 years ago
Last modified 4 years ago
#21667 closed defect
[PATCH] Keep maven dependency information for vulnerability scanners — at Initial Version
| Reported by: | taylor.smock | Owned by: | team |
|---|---|---|---|
| Priority: | normal | Milestone: | |
| Component: | Plugin | Version: | |
| Keywords: | Cc: |
Description
It appears that most vulnerability scanners depend upon pom.xml files for the version numbers of dependencies.
The attached patch does the following:
- Keep
META-INF/maven/* - Add
ivy-checkdepsupdateso we can get the newest dependency versions faster
Note:
See TracTickets
for help on using tickets.
