OiO.lk Community platform!

Oio.lk is an excellent forum for developers, providing a wide range of resources, discussions, and support for those in the developer community. Join oio.lk today to connect with like-minded professionals, share insights, and stay updated on the latest trends and technologies in the development field.
  You need to log in or register to access the solved answers to this problem.
  • You have reached the maximum number of guest views allowed
  • Please register below to remove this limitation

How to remove provided scope dependencies from gemnasium maven dependency scan in gitlab

  • Thread starter Thread starter priy812
  • Start date Start date
P

priy812

Guest
In gitlab pipeline, I am using include:

  • template: Jobs/Dependency-Scanning.gitlab-ci.yml

On running the pipeline, it is included maven dependencies having "provided" scope as well in the security vulnerability report. Is there any way to exclude the provided scope dependencies?

I have tried using GEMNASIUM_IGNORED_SCOPES: "provided" in the pipeline but it does not work. Also, tried setting DS_INCLUDE_DEV_DEPENDENCIES as false in the CI-CD variables but it also does not work
<p>In gitlab pipeline, I am using
include:</p>
<ul>
<li>template: Jobs/Dependency-Scanning.gitlab-ci.yml</li>
</ul>
<p>On running the pipeline, it is included maven dependencies having "provided" scope as well in the security vulnerability report.
Is there any way to exclude the provided scope dependencies?</p>
<p>I have tried using GEMNASIUM_IGNORED_SCOPES: "provided" in the pipeline but it does not work. Also, tried setting DS_INCLUDE_DEV_DEPENDENCIES as false in the CI-CD variables but it also does not work</p>
Continue reading...
 

Latest posts

Top