The list of dependencies to be ignored by the recommendation algorithm. The dependency pattern is matched against the 'group:artifact:version' or the purl of a dependency. An asterisk (*) at the end in the dependency pattern acts as a wildcard and matches zero or more characters.
The maximum Common Vulnerability Scoring System Version 2 (CVSS V2) score. An artifact with a CVSS V2 score below this value is not considered for patching. Note: Numbers greater than Number.MAX_SAFE_INTEGER will result in rounding issues.
The maximum Common Vulnerability Scoring System Version 3 (CVSS V3) score. An artifact with a CVSS V3 score below this value is not considered for patching. Note: Numbers greater than Number.MAX_SAFE_INTEGER will result in rounding issues.
The maximum ADM Severity. An artifact with an ADM Severity below this value is not considered for patching.
The upgrade policy for recommendations. The {@code Nearest} upgrade policy upgrades a dependency to the oldest version that meets both of the following criteria: it is newer than the current version and it is not affected by a vulnerability.
A configuration to define the constraints when detecting vulnerable dependencies.