GitHub user igarashitm opened a pull request:
https://github.com/apache/camel/pull/1237
CAMEL-10354 OWASP Dependency Check
Added dependencycheck profile to run OWASP dependency check plugin
Note that some recent OpenJDK distribution in such as fedora, RHEL, CentOS
doesn't contain ECDHE cipher which is required to download from nvd.nist.gov.
In order to run this plugin on these environment, you'd need to install a JCE
crypto provider like bouncycastle (e.g. dnf install bouncycastle on fedora24)
and remove ECDHE from jdk.tls.disabledAlgorithms property defined in the
jre/lib/security/java.security.
https://github.com/jeremylong/DependencyCheck/issues/523
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/igarashitm/camel CAMEL-10354
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/camel/pull/1237.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #1237
----
commit bdc958bc46dc78c627571513805a425f3596adfc
Author: Tomohisa Igarashi <[email protected]>
Date: 2016-10-12T11:00:29Z
CAMEL-10354 OWASP Dependency Check
Added dependencycheck profile to run OWASP dependency check plugin
----
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
