Uploaded image for project: 'Maven POMs'
  1. Maven POMs
  2. MPOM-210

Adding CVE Checks via OWASP

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Minor
    • Resolution: Won't Fix
    • MAVEN-33
    • None
    • maven
    • None

    Description

      We should add a configuration for CVS checks for example via OWASP maven plugin.

      I think the first step should be add at least an entry in pluginManagement:

          <plugin>
              <groupId>org.owasp</groupId>
              <artifactId>dependency-check-maven</artifactId>
              <version>3.3.2</version>
  </plugin>

      The other parts would be to add an entry for:

      https://github.com/sonatype/ossindex-maven

      which is not a good idea at the moment, cause it does not support JDK 10...

      Attachments

        Issue Links

          blocks

          Improvement - An improvement or enhancement to an existing feature or task. MNG-6487 Adding CVE Checks via OWASP

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Open

          Activity

            People

              Unassigned Unassigned
              khmarbaise Karl Heinz Marbaise
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: