[
https://issues.apache.org/jira/browse/HADOOP-13732?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Mike Yoder updated HADOOP-13732:
--------------------------------
Status: Open (was: Patch Available)
> Upgrade OWASP dependency-check plugin version
> ---------------------------------------------
>
> Key: HADOOP-13732
> URL: https://issues.apache.org/jira/browse/HADOOP-13732
> Project: Hadoop Common
> Issue Type: Improvement
> Components: security
> Reporter: Mike Yoder
> Assignee: Mike Yoder
> Priority: Minor
> Attachments: HADOOP-13732.001.patch, HADOOP-13732.002.patch
>
>
> For reasons I don't fully understand, the current version (1.3.6) of the
> OWASP dependency-check plugin produces an essentially empty report on trunk
> (3.0.0). After some research, it appears that this plugin has undergone
> significant work in the latest version, 1.4.3. Upgrading to this version
> produces the expected full report.
> The only gotcha is that a new-ish version of maven is required. I'm using
> 3.2.2; I know that 3.0.x fails with a strange error.
> This plugin was introduced in HADOOP-13198.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-issues-h...@hadoop.apache.org
