Details
-
Task
-
Status: Resolved
-
Minor
-
Resolution: Fixed
-
None
-
None
-
None
Description
The Apache NiFi website has separate pages for NiFi and NiFi Registry Security Reports based on historical separation of source code repositories and release cycles.
Both security reporting pages should be merged and the NiFi Registry page should be redirected to the primary NiFi Security page.
In addition to these improvements, notifications for vulnerabilities impacting dependencies should be removed. Historical notices highlighted selected direct and transitive vulnerabilities, but did not include a comprehensive summary. Separate efforts may evaluate automated reporting based on the OWASP Dependency Check report workflow, but those notices should not be mingled together with vulnerabilities that apply to the project itself.
Attachments
Issue Links
- links to