suneet-s commented on a change in pull request #9340: Change security
vulnerability scan to cron job
URL: https://github.com/apache/druid/pull/9340#discussion_r377843921
##########
File path: pom.xml
##########
@@ -1907,6 +1911,26 @@
</execution>
</executions>
</plugin>
+ <plugin>
+ <groupId>org.owasp</groupId>
+ <artifactId>dependency-check-maven</artifactId>
+ <version>${dependency-check-maven.version}</version>
+ <configuration>
+ <cveValidForHours>24</cveValidForHours>
+
<failBuildOnCVSS>${dependency-check-maven.failBuildOnCVSS}</failBuildOnCVSS>
+ <skipProvidedScope>true</skipProvidedScope>
+ <skipSystemScope>true</skipSystemScope> <!-- avoid
error when processing jdk.tools:jdk.tools:jar:1.8:system -->
+
<suppressionFile>owasp-dependency-check-suppressions.xml</suppressionFile>
+ </configuration>
Review comment:
This can be omitted. It looks like the plugin will pick up the configuration
of the `dependency-check-maven` plugin described above so we don't need to
duplicate this in the pom
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
