software-composition-analysis

Description

These files need some review as there are some weird licenses detected:

• https://raw.githubusercontent.com/twbs/bootstrap/v3.3.6/docs/dist/css/bootstrap.min.css.map
• https://raw.githubusercontent.com/twbs/bootstrap/v3.3.6/dist/css/bootstrap-theme.min.css.map
• https://raw.githubusercontent.com/eclipse/org.aspectj/V1_8_7/weaver/src/aspectj_1_5_0.dtd
• https://raw.githubuserco

The current swagger definition is autogenerated. The automatically generated definitions rely on reflection and annotations to create the documentation. The reflection capabilities are poor at best and lead to missing API parameters. Annotations can help in some cases, but the only fix for Swagger is to create individual POJOs for every possible request. This will lead to unnecessary large number

Description
This task is contingent on merging task #995 into main. Now that we have a list of tests to invoke, we will implement invoking them.

To Do

1. Modify the file ci/release_tests.py to invoke each of the tests in the list tests.

import subprocess  # nosec

tests = [...] <-- changes to be included in #995 

for t in tests:
    subprocess.check_output(t, shell=Tr

This would be handy and could come pre-populated with some data from the current project such as the project name, pipeline(s) and download URL(s)

Current output from the findings goal looks like the example below. It would be useful to have the Name of the issue in the output too.

Current:

[INFO] MEDIUM: org.apache.struts:struts-core:1.3.5
[INFO] 
[INFO] ** DISPUTED ** The DebuggingInterceptor component in Apache Struts befor
[INFO] e 2.3.1.1, when developer mode is used, allows remote attackers to execu
[INFO] te arbitrary c