Fix Bug in Resolving Package Version in Maven POM with Dependency Management #425
Description
Just starting to evaluate vet and I have encountered problem that may result in not valid report.
I start scan with:
vet scan -D /tmp/test-test/transactionservice --report-json report.json
and my results contains something like this:
"packages": [
{
"package": {
"ecosystem": "Maven",
"name": "io.swagger.core.v3:swagger-annotations",
"version": "0"
},
"manifests": [
"e7de49b70dae8f0e"
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.projectlombok:lombok",
"version": "0"
},
is there a way to fix version 0 problem and instead detect proper one?