Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-13198

Add support for OWASP's dependency-check

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 2.6.4
    • Fix Version/s: 2.8.0, 3.0.0-alpha1
    • Component/s: build, security
    • Labels:
      None
    • Target Version/s:

      Description

      OWASP's Dependency-Check is a utility that identifies project
      dependencies and checks if there are any known, publicly disclosed,
      vulnerabilities.

      See https://www.owasp.org/index.php/OWASP_Dependency_Check

      This is very useful to stay on top of known vulnerabilities in third party jars. Since it's a maven plugin it's pretty easy to drop in.

        Attachments

          Activity

            People

            • Assignee:
              yoderme Mike Yoder
              Reporter:
              yoderme Mike Yoder
            • Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: