[
https://issues.apache.org/jira/browse/NUTCH-2668?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16692315#comment-16692315
]
Hudson commented on NUTCH-2668:
-------------------------------
FAILURE: Integrated in Jenkins build Nutch-nutchgora #1622 (See
[https://builds.apache.org/job/Nutch-nutchgora/1622/])
NUTCH-2668 Integrate OWASP dependency checks as ant target - add ant (snagel:
[https://github.com/apache/nutch/commit/f88d73d07db4f12fb009240d0f76977fb4cb50cf])
* (add) ivy/dependency-check-ant/dependency-check-suppressions.xml
* (edit) build.xml
> Integrate OWASP dependency checks as ant target
> -----------------------------------------------
>
> Key: NUTCH-2668
> URL: https://issues.apache.org/jira/browse/NUTCH-2668
> Project: Nutch
> Issue Type: Improvement
> Components: build
> Affects Versions: 2.4, 1.16
> Reporter: Sebastian Nagel
> Priority: Major
> Fix For: 2.4, 1.16
>
> Attachments: 1x-dependency-check-report.html,
> 1x-dependency-check-vulnerability.html, 2x-dependency-check-report.html,
> 2x-dependency-check-vulnerability.html
>
>
> [OWASP|http://www.owasp.org/] provides the [ant tool
> "dependency-check"|https://jeremylong.github.io/DependencyCheck/dependency-check-ant/index.html]
> which lists potential vulnerabilities of library dependencies. We should
> integrate the generation of vulnerability reports into our build system as an
> optional task/target recommended to be run from time to time and especially
> shortly before releases are prepared.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
