Grainier Perera created STREAMPIPES-108:
-------------------------------------------
Summary: Integrate CVE maven plugin
Key: STREAMPIPES-108
URL: https://issues.apache.org/jira/browse/STREAMPIPES-108
Project: StreamPipes
Issue Type: Improvement
Components: Backend
Reporter: Grainier Perera
Integrate the CVE maven plugin [1] for StreamPipes core to check security
vulnerabilities during build time. This will help to detect publicly disclosed
vulnerabilities contained within StreamPipes's dependencies.
Further, I think the ASF infra won't open the Github security features
(/network/alerts) to the public. So, this plugin will help external
contributors to identify and fix found vulnerabilities.
[1][https://github.com/jeremylong/DependencyCheck]
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
