You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug****To Reproduce
Steps to reproduce the behavior:
Run gradle build with any of the last 10 versions of the plugin defined. For example:
classpath "org.sonatype.gradle.plugins:scan-gradle-plugin:2.7.0"
apply plugin: 'org.sonatype.gradle.plugins.scan'
First of all, thank you for opening your first issue. Elementary, we appreciate all feedback that helps us continue improving this plugin.
As this is a community project we can't commit to official due dates for reviews and developing, but we're definitely committed to delivering services, integrations and plugins of top quality.
So please be patient, we will review your issue and get back to you as soon as we can!
From what I see, the JGit dependency comes from nexus-platform-api.
The latest version of nexus-platform-api already brings a JGit version without vulnerabilities, although upgrading that library brings a series of issues documented at #146
While I can't provide a due date, I can confirm that such upgrade will definitely be done and thanks to this issue we see now it needs to have a higher priority.
Describe the bug****To Reproduce
Steps to reproduce the behavior:
classpath "org.sonatype.gradle.plugins:scan-gradle-plugin:2.7.0"
apply plugin: 'org.sonatype.gradle.plugins.scan'
Could not GET 'https://nexus.xxx.com/repository/public/org/eclipse/jgit/org.eclipse.jgit/5.8.1.202007141445-r/org.eclipse.jgit- 5.8.1.202007141445-r.jar'. Received status code 403 from server: -------------------->>> REQUESTED ITEM IS QUARANTINED -------------------->>>
Expected behavior
The plugin should reference a version of jgit that does not have any critical vulnerabilities.
Screenshots
Desktop (please complete the following information):
Additional context
The text was updated successfully, but these errors were encountered: