[
https://issues.apache.org/jira/browse/OOZIE-2946?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16050140#comment-16050140
]
Jan Hentschel commented on OOZIE-2946:
--------------------------------------
[~rkanter] I moved the version of findbugs-maven-plugin to the
pluginManagement, but I was not able to move findsecbugs to it. It seems that
Maven doesn't pick up the version for a dependency of a plugin (had the same
problem with the findbugs dependency of the xml-maven-plugin) if you define it
in the dependencyManagement or pluginManagement.
> Include find-sec-bugs plugin
> ----------------------------
>
> Key: OOZIE-2946
> URL: https://issues.apache.org/jira/browse/OOZIE-2946
> Project: Oozie
> Issue Type: Task
> Components: build, security
> Reporter: Jan Hentschel
> Assignee: Jan Hentschel
> Priority: Minor
> Attachments: OOZIE-2946-1.patch, OOZIE-2946-2.patch
>
>
> The [Find Security Bugs|http://find-sec-bugs.github.io/] plugin looks for
> security bugs in Java web apps, such as Oozie. This plugin should be included
> in the build process.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
