[HADOOP-13732] Upgrade OWASP dependency-check plugin version - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Minor
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 3.0.0-alpha2
Component/s: security
Labels:
None

Target Version/s:

3.0.0-alpha2

Description

For reasons I don't fully understand, the current version (1.3.6) of the OWASP dependency-check plugin produces an essentially empty report on trunk (3.0.0). After some research, it appears that this plugin has undergone significant work in the latest version, 1.4.3. Upgrading to this version produces the expected full report.

The only gotcha is that a new-ish version of maven is required. I'm using 3.2.2; I know that 3.0.x fails with a strange error.

This plugin was introduced in ~~HADOOP-13198~~.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HADOOP-13732.001.patch
18/Oct/16 18:49
0.6 kB
Mike Yoder
HADOOP-13732.002.patch
21/Oct/16 20:27
2 kB
Mike Yoder

Activity

People

Assignee:: Mike Yoder

Reporter:: Mike Yoder

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 18/Oct/16 18:47

Updated:: 22/Oct/16 00:07

Resolved:: 21/Oct/16 23:41