marcaurele commented on issue #2446: CLOUDSTACK-10271 maven plugin for owasp dependency check added URL: https://github.com/apache/cloudstack/pull/2446#issuecomment-364021031 @DaanHoogland Can't you try to address the dependencies CVE too in this PR by updating them to the fixed ones? Then you'll be able to put flag the build as failed if any new CVE happens. Just to note that a same build can then start to fail even though it did not in the past!
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
