Categorygithub.com/smithy-security/smithycomponentsproducersdependency-check
package
0.59.2
Repository: https://github.com/smithy-security/smithy.git
Documentation: pkg.go.dev
Overview
Versions
1
Dependencies
9
Dependents
0
Files
111 SLOC

# README

JAVA Dependency Check Producer

This producer is configured to be used specifically with the PURL ingestion feature for Java. It creates a minimal pom.xml out of the incoming dependency and its version and proceeds to scan it with dependency check.

Future improvements

Make this generic, a dedicated binary needs to create package manager specific config and provide it.

# Packages

No description provided by the author

# Functions

UnmarshalJSON returns a list of Dependency Vulns from dependency check json.

# Structs

DependencyVulnerability represents the Vulnerability block of Dependency check scan json output format.