Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-13198

Add support for OWASP's dependency-check

VotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Minor
    • Resolution: Fixed
    • 2.6.4
    • 2.8.0, 3.0.0-alpha1
    • build, security
    • None

    Description

      OWASP's Dependency-Check is a utility that identifies project
      dependencies and checks if there are any known, publicly disclosed,
      vulnerabilities.

      See https://www.owasp.org/index.php/OWASP_Dependency_Check

      This is very useful to stay on top of known vulnerabilities in third party jars. Since it's a maven plugin it's pretty easy to drop in.

      Attachments

        1. HADOOP-13198.001.patch
          2 kB
          Mike Yoder

        Issue Links

        contains

        New Feature - A new feature of the product, which has yet to be developed. HADOOP-15653 Please add OWASP Dependency Check to the build (pom.xml)

        • Major - Major loss of function.
        • Resolved

        Activity
          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            yoderme Mike Yoder
            yoderme Mike Yoder
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment