Mike Yoder created HADOOP-13732:

             Summary: Upgrade OWASP dependency-check plugin version
                 Key: HADOOP-13732
                 URL: https://issues.apache.org/jira/browse/HADOOP-13732
             Project: Hadoop Common
          Issue Type: Improvement
          Components: security
            Reporter: Mike Yoder
            Assignee: Mike Yoder
            Priority: Minor

For reasons I don't fully understand, the current version (1.3.6) of the OWASP 
dependency-check plugin produces an essentially empty report on trunk (3.0.0).  
After some research, it appears that this plugin has undergone significant work 
in the latest version, 1.4.3. Upgrading to this version produces the expected 
full report.

The only gotcha is that a new-ish version of maven is required. I'm using 
3.2.2; I know that 3.0.x fails with a strange error.

This plugin was introduced in HADOOP-13198.

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: common-dev-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-dev-h...@hadoop.apache.org

Reply via email to