mvn compile dependency:treeto find the dependencies at compile time.
Thursday, November 24, 2022
Identify security vulnerabilities in Intellij environment
Security vulnerabilities are visibile only during the Trivy scan as a part of github actions and that can eat a lot of your time fixing one by one.
Solution is :-
Latest version of Intellij will give you hints about security vulnerabilities for dependencies in the pom and it can automatically upgrade with one click. That will save a lot of your time.
In addition if there some dependency which you are not sure about where it has been used in the application which is flagged by Trivy Scan then you can use
Subscribe to:
Posts (Atom)