We have it in the Scimple pom if you're looking for an example to play with.
________________________________ From: Shawn McKinney <[email protected]> Sent: Monday, August 6, 2018 8:38:22 AM To: Apache Directory Developers List Subject: OWASP Dependency-Check Hello, A new ticket was created, asking us to add OWASP dependency scanning of known vulnerabilities. https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fissues.apache.org%2Fjira%2Fbrowse%2FFC-240&data=02%7C01%7Cses44%40psu.edu%7C3940d62e29aa46487fec08d5fb998772%7C7cf48d453ddb4389a9c1c115526eb52e%7C0%7C0%7C636691559183494189&sdata=t%2B41r6tRT7f%2F8d4%2Fn4ylbBxsd6yidCOiqKNqEH5UiWY%3D&reserved=0 Which points to the OWASP page describing the tool: https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.owasp.org%2Findex.php%2FOWASP_Dependency_Check&data=02%7C01%7Cses44%40psu.edu%7C3940d62e29aa46487fec08d5fb998772%7C7cf48d453ddb4389a9c1c115526eb52e%7C0%7C0%7C636691559183494189&sdata=r7WIuYgsam3fqGDbqLBVxhoUgPjmSbtXj85lnmFoS6M%3D&reserved=0 I am going to investigate usage in fortress. If it checks out, might be worth adding to the others. —Arkanshawn
