nutch-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hudson (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (NUTCH-2668) Integrate OWASP dependency checks as ant target
Date Mon, 19 Nov 2018 21:39:00 GMT

    [ https://issues.apache.org/jira/browse/NUTCH-2668?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16692315#comment-16692315
] 

Hudson commented on NUTCH-2668:
-------------------------------

FAILURE: Integrated in Jenkins build Nutch-nutchgora #1622 (See [https://builds.apache.org/job/Nutch-nutchgora/1622/])
NUTCH-2668 Integrate OWASP dependency checks as ant target - add ant (snagel: [https://github.com/apache/nutch/commit/f88d73d07db4f12fb009240d0f76977fb4cb50cf])
* (add) ivy/dependency-check-ant/dependency-check-suppressions.xml
* (edit) build.xml


> Integrate OWASP dependency checks as ant target
> -----------------------------------------------
>
>                 Key: NUTCH-2668
>                 URL: https://issues.apache.org/jira/browse/NUTCH-2668
>             Project: Nutch
>          Issue Type: Improvement
>          Components: build
>    Affects Versions: 2.4, 1.16
>            Reporter: Sebastian Nagel
>            Priority: Major
>             Fix For: 2.4, 1.16
>
>         Attachments: 1x-dependency-check-report.html, 1x-dependency-check-vulnerability.html,
2x-dependency-check-report.html, 2x-dependency-check-vulnerability.html
>
>
> [OWASP|http://www.owasp.org/] provides the [ant tool "dependency-check"|https://jeremylong.github.io/DependencyCheck/dependency-check-ant/index.html]
which lists potential vulnerabilities of library dependencies. We should integrate the generation
of vulnerability reports into our build system as an optional task/target recommended to be
run from time to time and especially shortly before releases are prepared.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message