✨ Description
Add vulnerable Java dependencies compatible with Java 21 to enable testing of GitHub Advanced Security (GHAS), covering both exploitable and non-exploitable cases while keeping the project build intact.
🎯 Why is this needed?
GitHub Advanced Security (GHAS) requires real vulnerable dependencies to demonstrate and validate its security scanning capabilities. Without these, it is not possible to showcase Dependabot dependency vulnerability detection in a meaningful way.
📐 Proposed Solution
- Add known vulnerable Java libraries compatible with Java 21 to the project's
build.gradle
- Include both exploitable and non-exploitable cases to exercise different GHAS alert types
- Ensure the project still compiles and builds successfully with these dependencies
✍️ Enhanced by Copilot. Original author: @0GiS0
Generated by Issue Quality Enhancer for issue #89 · sonnet46 490.1K · ◷
✨ Description
Add vulnerable Java dependencies compatible with Java 21 to enable testing of GitHub Advanced Security (GHAS), covering both exploitable and non-exploitable cases while keeping the project build intact.
🎯 Why is this needed?
GitHub Advanced Security (GHAS) requires real vulnerable dependencies to demonstrate and validate its security scanning capabilities. Without these, it is not possible to showcase Dependabot dependency vulnerability detection in a meaningful way.
📐 Proposed Solution
build.gradle