[
https://issues.apache.org/jira/browse/YETUS-441?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16464585#comment-16464585
]
Yetus QA commented on YETUS-441:
--------------------------------
(!) A patch to the testing environment has been detected.
Re-executing against the patched versions to perform further tests.
The console is at
https://builds.apache.org/job/PreCommit-YETUS-Build/717/console in case of
problems.
> Add a precommit check for known CVEs from dependencies
> ------------------------------------------------------
>
> Key: YETUS-441
> URL: https://issues.apache.org/jira/browse/YETUS-441
> Project: Yetus
> Issue Type: New Feature
> Components: Test Patch
> Reporter: Sean Busbey
> Assignee: Sean Busbey
> Priority: Major
> Attachments: YETUS-441.0.patch, YETUS-441.1.patch
>
>
> Add in a precommit test that makes use of [The OWASP Dependency
> Check|https://www.owasp.org/index.php/OWASP_Dependency_Check] to look for
> known bad dependencies.
> there's a maven plugin, ant task, and command line tool. So we should be able
> to build similar support to what we have for RAT.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
