[
https://issues.apache.org/jira/browse/CAMEL-10354?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15620983#comment-15620983
]
ASF GitHub Bot commented on CAMEL-10354:
----------------------------------------
GitHub user igarashitm opened a pull request:
https://github.com/apache/camel/pull/1237
CAMEL-10354 OWASP Dependency Check
Added dependencycheck profile to run OWASP dependency check plugin
Note that some recent OpenJDK distribution in such as fedora, RHEL, CentOS
doesn't contain ECDHE cipher which is required to download from nvd.nist.gov.
In order to run this plugin on these environment, you'd need to install a JCE
crypto provider like bouncycastle (e.g. dnf install bouncycastle on fedora24)
and remove ECDHE from jdk.tls.disabledAlgorithms property defined in the
jre/lib/security/java.security.
https://github.com/jeremylong/DependencyCheck/issues/523
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/igarashitm/camel CAMEL-10354
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/camel/pull/1237.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #1237
----
commit bdc958bc46dc78c627571513805a425f3596adfc
Author: Tomohisa Igarashi <tm.igara...@gmail.com>
Date: 2016-10-12T11:00:29Z
CAMEL-10354 OWASP Dependency Check
Added dependencycheck profile to run OWASP dependency check plugin
----
> OWASP Dependency Check
> ----------------------
>
> Key: CAMEL-10354
> URL: https://issues.apache.org/jira/browse/CAMEL-10354
> Project: Camel
> Issue Type: New Feature
> Components: build system
> Reporter: Claus Ibsen
> Assignee: Tomohisa Igarashi
> Fix For: Future
>
>
> To add a maven profile that runs the owasp check
> https://github.com/jeremylong/DependencyCheck
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
