Add google/osv-scanner pre-commit hook

.github/workflows/security.yml

@@ -15,5 +15,7 @@ jobs:
       security-events: write
     uses: fabasoad/reusable-workflows/.github/workflows/wf-security-sast.yml@main
     with:
+      code-scanning: true
       code-scanning-languages: "java"
       code-scanning-build-mode: "manual"
+      sca: true

.pre-commit-config.yaml

@@ -46,6 +46,14 @@ repos:
           - --grype-args=--by-cve --fail-on=low
           - --hook-args=--log-level debug
         stages: ["pre-push"]
+  - repo: https://github.com/google/osv-scanner
+    rev: v1.9.1
+    hooks:
+      - id: osv-scanner
+        args:
+          - --lockfile=gradle.lockfile
+        verbose: true
+        stages: ["pre-push"]
   # Java
   - repo: https://github.com/dustinsand/pre-commit-jvm
     rev: v0.11.0

README.md

@@ -5,7 +5,6 @@
 ![unit-tests](https://github.com/fabasoad/pojo/actions/workflows/unit-tests.yml/badge.svg)
 ![security](https://github.com/fabasoad/pojo/actions/workflows/security.yml/badge.svg)
 ![linting](https://github.com/fabasoad/pojo/actions/workflows/linting.yml/badge.svg)
-[![Known Vulnerabilities](https://snyk.io/test/github/fabasoad/pojo/badge.svg)](https://snyk.io/test/github/fabasoad/pojo)
 
 ## Import
 
@@ -70,3 +69,7 @@ class PojoSpec extends Specification {
   }
 }
 ```
+
+## Contributions
+
+![Alt](https://repobeats.axiom.co/api/embed/7a892bda2ac0a8dbfc492b849fb9030a6ed37ea4.svg "Repobeats analytics image")

build.gradle

@@ -18,6 +18,10 @@ dependencies {
     testImplementation 'org.spockframework:spock-core:2.4-M4-groovy-4.0'
 }
 
+dependencyLocking {
+    lockAllConfigurations()
+}
+
 test {
     useJUnitPlatform()
 }

gradle.lockfile

@@ -0,0 +1,67 @@
+# This is a Gradle generated file for dependency locking.
+# Manual edits can break the build and are not advised.
+# This file is expected to be part of source control.
+com.fasterxml.jackson.core:jackson-annotations:2.18.1=runtimeClasspath,testRuntimeClasspath
+com.fasterxml.jackson.core:jackson-core:2.18.1=runtimeClasspath,testRuntimeClasspath
+com.fasterxml.jackson.core:jackson-databind:2.18.1=runtimeClasspath,testRuntimeClasspath
+com.fasterxml.jackson.dataformat:jackson-dataformat-yaml:2.18.1=runtimeClasspath,testRuntimeClasspath
+com.fasterxml.jackson:jackson-bom:2.18.1=runtimeClasspath,testRuntimeClasspath
+com.github.javaparser:javaparser-core:3.26.2=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+com.google.code.findbugs:jsr305:3.0.2=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+com.google.errorprone:error_prone_annotations:2.36.0=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+com.google.guava:failureaccess:1.0.2=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+com.google.guava:guava:33.4.0-jre=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+com.google.j2objc:j2objc-annotations:3.0.0=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+com.thoughtworks.qdox:qdox:1.12.1=runtimeClasspath,testRuntimeClasspath
+info.picocli:picocli:4.7.6=runtimeClasspath,testRuntimeClasspath
+io.leangen.geantyref:geantyref:1.3.15=testRuntimeClasspath
+jline:jline:2.14.6=runtimeClasspath,testRuntimeClasspath
+junit:junit:4.13.2=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+org.abego.treelayout:org.abego.treelayout.core:1.0.3=runtimeClasspath,testRuntimeClasspath
+org.apache.ant:ant-antlr:1.10.15=runtimeClasspath,testRuntimeClasspath
+org.apache.ant:ant-junit:1.10.15=runtimeClasspath,testRuntimeClasspath
+org.apache.ant:ant-launcher:1.10.15=runtimeClasspath,testRuntimeClasspath
+org.apache.ant:ant:1.10.15=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+org.apache.groovy:groovy-all:4.0.24=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+org.apache.groovy:groovy-ant:4.0.24=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+org.apache.groovy:groovy-bom:4.0.24=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+org.apache.groovy:groovy-cli-picocli:4.0.24=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+org.apache.groovy:groovy-console:4.0.24=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+org.apache.groovy:groovy-datetime:4.0.24=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+org.apache.groovy:groovy-docgenerator:4.0.24=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+org.apache.groovy:groovy-groovydoc:4.0.24=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+org.apache.groovy:groovy-groovysh:4.0.24=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+org.apache.groovy:groovy-jmx:4.0.24=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+org.apache.groovy:groovy-json:4.0.24=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+org.apache.groovy:groovy-jsr223:4.0.24=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+org.apache.groovy:groovy-macro:4.0.24=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+org.apache.groovy:groovy-nio:4.0.24=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+org.apache.groovy:groovy-servlet:4.0.24=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+org.apache.groovy:groovy-sql:4.0.24=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+org.apache.groovy:groovy-swing:4.0.24=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+org.apache.groovy:groovy-templates:4.0.24=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+org.apache.groovy:groovy-test-junit5:4.0.24=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+org.apache.groovy:groovy-test:4.0.24=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+org.apache.groovy:groovy-xml:4.0.24=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+org.apache.groovy:groovy-yaml:4.0.24=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+org.apache.groovy:groovy:4.0.24=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+org.apache.ivy:ivy:2.5.2=runtimeClasspath,testRuntimeClasspath
+org.apiguardian:apiguardian-api:1.1.2=testCompileClasspath
+org.checkerframework:checker-qual:3.43.0=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+org.hamcrest:hamcrest-core:1.3=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+org.hamcrest:hamcrest:2.2=testCompileClasspath,testRuntimeClasspath
+org.junit.jupiter:junit-jupiter-api:5.11.3=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+org.junit.jupiter:junit-jupiter-engine:5.11.3=runtimeClasspath,testRuntimeClasspath
+org.junit.platform:junit-platform-commons:1.11.3=runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+org.junit.platform:junit-platform-engine:1.11.3=runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+org.junit.platform:junit-platform-launcher:1.11.3=runtimeClasspath,testRuntimeClasspath
+org.junit:junit-bom:5.11.3=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+org.opentest4j:opentest4j:1.3.0=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+org.ow2.asm:asm-analysis:9.7.1=runtimeClasspath,testRuntimeClasspath
+org.ow2.asm:asm-tree:9.7.1=runtimeClasspath,testRuntimeClasspath
+org.ow2.asm:asm-util:9.7.1=runtimeClasspath,testRuntimeClasspath
+org.ow2.asm:asm:9.7.1=runtimeClasspath,testRuntimeClasspath
+org.spockframework:spock-core:2.4-M4-groovy-4.0=testCompileClasspath,testRuntimeClasspath
+org.yaml:snakeyaml:2.3=runtimeClasspath,testRuntimeClasspath
+empty=annotationProcessor,testAnnotationProcessor