Good catch, Mark. I wouldn't have guessed from the README or the
announcement [1].
Indeed, this implementation seems based on some assumption about central
repository behaviour.
If your repository manager would set that header to the date the
artifact was released, it might be of help. But I, fo
On 21-12-19 21:02, Maarten Mulders wrote:
Maybe this can help you:
https://github.com/portofrotterdam/versiondebt-plugin
As far as I can see, it doesn't allow you to configure "what is old". It
does tell you how old dependencies are.
not really; it seems that it uses the "last modified" from
Maybe this can help you:
https://github.com/portofrotterdam/versiondebt-plugin
As far as I can see, it doesn't allow you to configure "what is old". It
does tell you how old dependencies are.
Important disclaimer at the end of the page: it isn't maintained on a
regular basis.
Cheers,
Maarten
Something like this:
https://www.mojohaus.org/versions-maven-plugin/display-dependency-updates-mojo.html
Hope that helps
Enrico
Il sab 21 dic 2019, 18:31 mark ha scritto:
> On 2019-12-20 13:39, Marlow, Andrew wrote:
> >
> > Hello everyone,
> >
> > I am using the owasp maven dependency plugin to
On 2019-12-20 13:39, Marlow, Andrew wrote:
Hello everyone,
I am using the owasp maven dependency plugin to tell me when I am
using components that have CVEs. That’s great. I was wondering if
there was something similar that would tell me when I am using very
old components (where the judgeme
Hello everyone,
I am using the owasp maven dependency plugin to tell me when I am using
components that have CVEs. That's great. I was wondering if there was something
similar that would tell me when I am using very old components (where the
judgement about what is old is configurable, e.g numb