Skip to main content

Fix example direct vulnerability for Gradle

When your build.gradle configuration file specifically references a library, or you add the library to your project as a JAR file, Veracode SCA refers to the library as a direct dependency.

These example steps provide a fix for an Unauthorized Modification of Nodes vulnerability in Apache Kafka, version 0.9.0.1 in the example-java-gradle repository.

To complete this task:

Edit the build.gradle file in the root of the project, and edit the dependencies scope to match this example:
```
compile 'org.apache.kafka:kafka_2.11:0.10.2.1'
```
Validate the fix.

Did you find this helpful?