Inspectopedia 2024.3 Help

Vulnerable declared dependency

Reports vulnerabilities in Gradle, Maven, NPM and PyPI dependencies declared in your project. A full list of Gradle and Maven dependencies is shown in the Project tool window under External Libraries.

Fixing the reported problems helps prevent your software from being compromised by an attacker.

To solve a problem, you can update to a version where the vulnerability is fixed (if available) or switch to a dependency that doesn't have the vulnerability.

The quick-fixes available may suggest updating to a safe version or visiting the website to learn more about a particular vulnerability.

Locating this inspection

By ID

Can be used to locate inspection in e.g. Qodana configuration files, where you can quickly enable or disable it, or adjust its settings.

VulnerableLibrariesLocal
Via Settings dialog

Path to the inspection settings via IntelliJ Platform IDE Settings dialog, when you need to adjust inspection settings directly from your IDE.

Settings or Preferences | Editor | Inspections | Security

Inspection options

Here you can find the description of settings available for the Vulnerable declared dependency inspection, and the reference of their default values.

Ignoring dependencies

Not selected

Ignored dependencies

None

Inspection Details

By default bundled with:

GoLand 2024.3, IntelliJ IDEA 2024.3, PhpStorm 2024.3, PyCharm 2024.3, Qodana for Go 2024.3, Qodana for JS 2024.3, Qodana for JVM 2024.3, Qodana for PHP 2024.3, WebStorm 2024.3

Can be installed with plugin:

Package Checker, 243.23139

Last modified: 03 December 2024