-
Notifications
You must be signed in to change notification settings - Fork 6
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Project- and version-based false positives when shadow-cljs is a dependency #20
Comments
Which scan method did you use? |
As mentioned, I used the command from the README, namely $ clojure -Tclj-watson scan '{:output "stdout" :dependency-check-properties nil :fail-on-result true :deps-edn-path "deps.edn" :suggest-fix true :aliases ["*"] :database-strategy "dependency-check"}' |
Could you try to execute it using |
I see. Yeah, the issue is not reproducible with that strategy. I'll try to reproduce it with just |
Reported jeremylong/DependencyCheck#4237 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
At the bottom, a trimmed output generated by using the
-Tclj-watson
command from the README is attached.By CVE ID:
v20200224
and below, but the used version is0.0-20211011-0726fdeb
which is newerThe text was updated successfully, but these errors were encountered: