Same here, was usable before using the Gradle plugin. I was then using the cmd
line and adding excludes.
With Gradle it's impossible, too much (false) dependencies loaded. Having all the dependencies is though useful while debugging, you have all the
source...
Jacques
Le 25/09/2017 à 19:45, Brian Demers a écrit :
Every time I use that plugin I end up with a bunch of false positive
excludes (I haven't switched to 2.x yet)
On Mon, Sep 25, 2017 at 12:23 PM, Tilman Hausherr <[email protected]>
wrote:
If anybody is using OWASP dependency-check for their builds, the new
version 2.1.1 is over-sensitive compared to 2.1.0. I've opened an issue here
https://github.com/jeremylong/DependencyCheck/issues/894
Besides fontbox, it also reports javamail.
Tilman
