[
https://issues.apache.org/jira/browse/OOZIE-2946?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16049518#comment-16049518
]
Robert Kanter commented on OOZIE-2946:
--------------------------------------
[~Jan Hentschel], I just noticed that we define a {{<version>}} for the
findbugs-maven-plugin in the {{<plugins>}} and {{<pluginsManagement>}}
sections. They also don't have the same version. We should define the version
only in {{<pluginsManagement>}}. Can you also fix that while we're adding the
find-sec-bugs plugin; it's kind of related.
Also, the version for {{com.h3xstream.findsecbugs}} should be defined in the
{{<pluginsManagement>}} as well.
> Include find-sec-bugs plugin
> ----------------------------
>
> Key: OOZIE-2946
> URL: https://issues.apache.org/jira/browse/OOZIE-2946
> Project: Oozie
> Issue Type: Task
> Components: build, security
> Reporter: Jan Hentschel
> Assignee: Jan Hentschel
> Priority: Minor
> Attachments: OOZIE-2946-1.patch
>
>
> The [Find Security Bugs|http://find-sec-bugs.github.io/] plugin looks for
> security bugs in Java web apps, such as Oozie. This plugin should be included
> in the build process.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
