Inspectopedia Help

Vulnerable declared dependency

Reports vulnerabilities in Gradle, Maven, NPM and PyPI dependencies declared in your project. A full list of Gradle and Maven dependencies is shown in the Project tool window under External Libraries.

Fixing the reported problems helps prevent your software from being compromised by an attacker.

To solve a problem, you can update to a version where the vulnerability is fixed (if available) or switch to a dependency that doesn't have the vulnerability.

The quick-fixes available may suggest updating to a safe version or visiting the Checkmarx website to learn more about a particular vulnerability.

Vulnerability data provided by Checkmarx (c).

Inspection options

Here you can find the description of settings available for the Vulnerable declared dependency inspection, and the reference of their default values.

Ignoring dependencies

Not selected

Ignored dependencies


Inspection Details

By default bundled with:

GoLand 2024.1, IntelliJ IDEA 2024.1, PhpStorm 2024.1, PyCharm 2024.1, Qodana for Go 2024.1, Qodana for JS 2024.1, Qodana for JVM 2024.1, Qodana for PHP 2024.1, WebStorm 2024.1

Can be installed with plugin:

Package Checker, 241.16690

Last modified: 29 April 2024