I want to build a pom.xml every time a project is run in the dev profile, how can I accomplish this with deps?
Thanks. Aikido combines outputs of Trivy, Syft and Grype with penetration testing of Zaproxy (also behind authentication!) or Nuclei while removing false positives and displaying it in easy dashboard. It’s a few hundred bucks a month but saves us loads of times integrating the tools ourselves…
So it combines multiple type of scans
The CLI does not have a feature to run tasks automatically but you can gen the pom with clj -X:deps mvn-pom
If you're willing to add a build.clj file and do more of your run/test/etc that way, you could have all the tasks call a fn to update the pom.xml file.
Thanks! The reason I wanted to generate a pom.xml was because then it could be scanned by the Aikido vulnerability scanner. But they just added support for deps.edn yesterday 🤯 so no more need 🙂.
FWIW, there's clj-watson and nvd-clojure for vulnerability scanning as well. The former does both the NIST NVD and the GitHub Advisory database.
(disclaimer: I maintain and use clj-watson)
i.e. the equivalent of Leiningen’s :prep-tasks ["pom"]