Uploaded image for project: 'Nutch'
  1. Nutch
  2. NUTCH-2668

Integrate OWASP dependency checks as ant target

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 2.4, 1.16
    • 2.4, 1.16
    • build
    • None
    • Patch Available

    Description

      OWASP provides the ant tool "dependency-check" which lists potential vulnerabilities of library dependencies. We should integrate the generation of vulnerability reports into our build system as an optional task/target recommended to be run from time to time and especially shortly before releases are prepared.

      Attachments

        1. 2x-dependency-check-vulnerability.html
          193 kB
          Sebastian Nagel
        2. 2x-dependency-check-report.html
          2.67 MB
          Sebastian Nagel
        3. 1x-dependency-check-vulnerability.html
          191 kB
          Sebastian Nagel
        4. 1x-dependency-check-report.html
          4.34 MB
          Sebastian Nagel

        Activity

          People

            snagel Sebastian Nagel
            snagel Sebastian Nagel
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: