Include Gradle version in generated dependency graph
Opened this issue · 0 comments
bigdaz commented
Unfortunately this isn't so simple, since Gradle isn't a library published to a standard repository.
- Determine correct PURL to use for Gradle Build Tool itself
- Update and release dependency-graph plugin that includes Gradle version in generated graph
- Release gradle/actions using this dependency-graph plugin
- Ensure that Gradle vulnerabilities are reported based on Gradle version used