Skip to content

Java package miss detector #492

New issue
New issue
Open
Open
Java package miss detector#492
Labels
Consider Fundinghelp wantedExtra attention is neededlang:java
@prabhu

Description

@prabhu
prabhu
opened on Aug 24, 2023

Probably a new contrib script. The approach is as follows:

  1. Clear the maven, gradle, and sbt caches
  2. Generate the SBoM with cdxgen
  3. Manually collect the list of jars from both the application root and the caches directory
  4. Identify package misses
  5. Bonus - Compare hashes of the downloaded files with the ones in the SBoM

Repeat this process for multiple Java and Scala apps.

Metadata

Metadata

Assignees

No one assigned

    Labels

    Consider Fundinghelp wantedExtra attention is neededlang:java

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions