[
https://issues.apache.org/jira/browse/TIKA-3648?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17490460#comment-17490460
]
Hudson commented on TIKA-3648:
------------------------------
SUCCESS: Integrated in Jenkins build Tika ยป tika-main-jdk8 #461 (See
[https://ci-builds.apache.org/job/Tika/job/tika-main-jdk8/461/])
TIKA-3648 -- update build info in README.md to show users how to build Tika
even when there's an ossindex failure. (tallison:
[https://github.com/apache/tika/commit/7c55348df9d30b072f0bd3f1fdac63c1caa29684])
* (delete) .github/workflows/main-jdk8-ossindex-fail-build.yml
* (edit) README.md
> Fail build if ossindex-maven-plugin violation is detected
> ---------------------------------------------------------
>
> Key: TIKA-3648
> URL: https://issues.apache.org/jira/browse/TIKA-3648
> Project: Tika
> Issue Type: Improvement
> Components: build, security
> Affects Versions: 2.2.1
> Reporter: Lewis John McGibbney
> Assignee: Lewis John McGibbney
> Priority: Critical
> Fix For: 2.3.1
>
>
> The ossindex-maven-plugin can really assist us in detecting and preventing
> security vulnerabilities and also mitigating associated risk and exposure.
> I propose to fail the build if ossindex-maven-plugin violation is detected
> https://github.com/apache/tika/blob/main/tika-parent/pom.xml#L639
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
