Skip to content

Allow scanning of all dependencies #383

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 17, 2025
Merged

Allow scanning of all dependencies #383

merged 1 commit into from
Jul 17, 2025

Conversation

@bestbeforetoday
Copy link
Member

@bestbeforetoday bestbeforetoday commented Jul 16, 2025

The default vulnerability scan, run with make scan, checks only the runtimeClasspath dependencies. This change add a scan-all Makefile target that checks all dependencies, including test and plugin dependencies.

@bestbeforetoday
Allow scanning of all dependencies
cdd728c 
The default vulnerability scan, run with `make scan`, checks only the
runtimeClasspath dependencies. This change add a `scan-all` Makefile
target that checks all dependencies, including test and plugin
dependencies.

Signed-off-by: Mark S. Lewis <[email protected]>
@sonarqubecloud
Copy link

sonarqubecloud bot commented Jul 16, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@bestbeforetoday bestbeforetoday marked this pull request as ready for review July 16, 2025 16:26
@bestbeforetoday bestbeforetoday requested a review from a team as a code owner July 16, 2025 16:26
@bestbeforetoday bestbeforetoday enabled auto-merge (squash) July 16, 2025 16:27
@bestbeforetoday bestbeforetoday merged commit 01c5dd9 into hyperledger:main Jul 17, 2025
10 checks passed
@bestbeforetoday bestbeforetoday deleted the scan branch July 17, 2025 17:18
Thomas-Leung pushed a commit to Thomas-Leung/fabric-chaincode-java that referenced this pull request Jul 23, 2025
@bestbeforetoday
Allow scanning of all dependencies (hyperledger#383)
1b1e43c 
The default vulnerability scan, run with `make scan`, checks only the
runtimeClasspath dependencies. This change add a `scan-all` Makefile
target that checks all dependencies, including test and plugin
dependencies.

Signed-off-by: Mark S. Lewis <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@denyeart denyeart denyeart approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@bestbeforetoday @denyeart