Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Provide full dependency tree of a vulnerability #112

Open
manolo opened this issue Oct 17, 2023 · 0 comments
Open

Provide full dependency tree of a vulnerability #112

manolo opened this issue Oct 17, 2023 · 0 comments
Labels
enhancement New feature or request

Comments

@manolo
Copy link
Member

manolo commented Oct 17, 2023

It should be nice if the user can see the dependency tree of a reported vulnerability as well as the route where the version number comes from

Basically a nice UI for inspecting results from:

mvn dependency:tree

...
[INFO] +- org.springframework.boot:spring-boot-starter-validation:jar:3.1.4:compile
[INFO] |  +- org.springframework.boot:spring-boot-starter:jar:3.1.4:compile
[INFO] |  |  +- org.springframework.boot:spring-boot-starter-logging:jar:3.1.4:compile
[INFO] |  |  \- org.yaml:snakeyaml:jar:1.33:compile
...

and

mvn help:effective-pom -Dverbose=true 

...
<artifactId>snakeyaml</artifactId>  <!-- org.springframework.boot:spring-boot-dependencies:3.1.4, line 1910 -->
...
@manolo manolo added the enhancement New feature or request label Oct 17, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@manolo