Support for vulnerability analysis of gradle version catalog #376
Description
Gradle introduced version catalog as part of gradle 7. This plugin is capable of determining dependency vulnerabilities in projects that utilize a version catalog. What I propose is the ability to determine vulnerabilities on the libraries and plugins declared in a version catalog project. This would allow for a gradle version catalog to maintain vulnerability information instead of depending on downstream projects to report a vulnerability.
This functionality could be added to the task 'dependencyCheckAnalyze'. Alternatively a new task something like 'catalogCheckAnalyze' could be utilized to perform this operation. Wanted to discuss the proposal to gauge interest.