[
https://issues.apache.org/jira/browse/CALCITE-2467?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16581449#comment-16581449
]
ASF GitHub Bot commented on CALCITE-2467:
-----------------------------------------
Github user julianhyde commented on a diff in the pull request:
https://github.com/apache/calcite-avatica/pull/66#discussion_r210362257
--- Diff: pom.xml ---
@@ -776,5 +786,28 @@ limitations under the License.
<javadoc-link>https://docs.oracle.com/javase/9/docs/api/</javadoc-link>
</properties>
</profile>
+ <profile>
+ <!-- Extra checks that are disabled in the regular build, enabled for
+ releases and on demand. -->
+ <id>pedantic</id>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.owasp</groupId>
+ <artifactId>dependency-check-maven</artifactId>
+ <configuration>
+ <failBuildOnCVSS>${failBuildOnCVSS}</failBuildOnCVSS>
--- End diff --
Looks as if the plugin supports a suppression file. I'll investigate using
that.
> Upgrade owasp-dependency-check maven plugin to 3.3.1
> ----------------------------------------------------
>
> Key: CALCITE-2467
> URL: https://issues.apache.org/jira/browse/CALCITE-2467
> Project: Calcite
> Issue Type: Improvement
> Components: build
> Affects Versions: 1.17.0, avatica-1.12.0
> Reporter: Albert Baker
> Assignee: Julian Hyde
> Priority: Minor
>
> In pom.xml, upgrade <owasp-dependency-check.version> maven plugin from 2.1.1
> to 3.3.1 (current version).
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
