AWS inspector medium security documentation change
Summary
Added note about Maven Central being the only supported repository for vulnerability evaluation
Security assessment
This change highlights a security-relevant limitation where third-party repositories aren't evaluated, potentially leaving vulnerabilities undetected in those sources. It documents a security control boundary that impacts vulnerability management.
Diff
diff --git a/inspector/latest/user/sbom-generator-dependency-collection.md b/inspector/latest/user/sbom-generator-dependency-collection.md index c369db249..15efa8cf8 100644 --- a//inspector/latest/user/sbom-generator-dependency-collection.md +++ b//inspector/latest/user/sbom-generator-dependency-collection.md @@ -113,0 +114,4 @@ Programming language | Package manager | Supported artifacts | Toolchain support +###### Note + +Our vulnerability evaluation feature only supports Maven Central repository. Third-party repositories, such as JBoss Enterprise Maven Repository, are not currently supported. +