[
https://issues.apache.org/jira/browse/CALCITE-2467?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16581496#comment-16581496
]
ASF GitHub Bot commented on CALCITE-2467:
-----------------------------------------
Github user julianhyde commented on a diff in the pull request:
https://github.com/apache/calcite-avatica/pull/66#discussion_r210375621
--- Diff: pom.xml ---
@@ -776,5 +786,28 @@ limitations under the License.
<javadoc-link>https://docs.oracle.com/javase/9/docs/api/</javadoc-link>
</properties>
</profile>
+ <profile>
+ <!-- Extra checks that are disabled in the regular build, enabled for
+ releases and on demand. -->
+ <id>pedantic</id>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.owasp</groupId>
+ <artifactId>dependency-check-maven</artifactId>
+ <configuration>
+ <failBuildOnCVSS>${failBuildOnCVSS}</failBuildOnCVSS>
--- End diff --
Please review
https://github.com/julianhyde/calcite-avatica/commit/aabf8b935cb1ceecce4337df782f4463ecefb1bd.
I added a suppressions file.
> Upgrade owasp-dependency-check maven plugin to 3.3.1
> ----------------------------------------------------
>
> Key: CALCITE-2467
> URL: https://issues.apache.org/jira/browse/CALCITE-2467
> Project: Calcite
> Issue Type: Improvement
> Components: build
> Affects Versions: 1.17.0, avatica-1.12.0
> Reporter: Albert Baker
> Assignee: Julian Hyde
> Priority: Minor
>
> In pom.xml, upgrade <owasp-dependency-check.version> maven plugin from 2.1.1
> to 3.3.1 (current version).
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
