[TIKA-3648] Fail build if ossindex-maven-plugin violation is detected - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Critical
Resolution: Fixed
Affects Version/s: 2.2.1
Fix Version/s: 2.4.0
Component/s: build, security
Labels:
None

Description

The ossindex-maven-plugin can really assist us in detecting and preventing security vulnerabilities and also mitigating associated risk and exposure.
I propose to fail the build if ossindex-maven-plugin violation is detected
https://github.com/apache/tika/blob/main/tika-parent/pom.xml#L639

Attachments

Issue Links

is related to

TIKA-3651 Activate Dependabot on Tika main branch

Resolved

links to

GitHub Pull Request #480

Activity

People

Assignee:: Lewis John McGibbney

Reporter:: Lewis John McGibbney

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 16/Jan/22 22:15

Updated:: 18/Mar/22 20:51

Resolved:: 10/Feb/22 18:05