This is an automated email from the ASF dual-hosted git repository. zabetak pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/calcite.git
The following commit(s) were added to refs/heads/master by this push: new c9520c3 [CALCITE-3314] CVSS dependency-check-maven fails for calcite-pig, calcite-piglet, calcite-spark c9520c3 is described below commit c9520c35899fe5ac363053e9fb9b292989b1176c Author: Stamatis Zampetakis <zabe...@gmail.com> AuthorDate: Fri Aug 30 12:24:46 2019 +0200 [CALCITE-3314] CVSS dependency-check-maven fails for calcite-pig, calcite-piglet, calcite-spark Never fail the build due to OWASP dependency-check for pig, piglet, and spark modules. --- pig/pom.xml | 8 ++++++++ piglet/pom.xml | 11 +++++++++++ spark/pom.xml | 8 ++++++++ 3 files changed, 27 insertions(+) diff --git a/pig/pom.xml b/pig/pom.xml index 70c8d41..de69253 100644 --- a/pig/pom.xml +++ b/pig/pom.xml @@ -159,6 +159,14 @@ limitations under the License. </execution> </executions> </plugin> + <plugin> + <groupId>org.owasp</groupId> + <artifactId>dependency-check-maven</artifactId> + <configuration> + <!-- Never fail the build for this module but still check for vulnerabilities. --> + <failBuildOnCVSS>11</failBuildOnCVSS> + </configuration> + </plugin> </plugins> </build> diff --git a/piglet/pom.xml b/piglet/pom.xml index 243d9ae..20ab46d 100644 --- a/piglet/pom.xml +++ b/piglet/pom.xml @@ -188,6 +188,17 @@ limitations under the License. </execution> </executions> </plugin> + <plugin> + <groupId>org.owasp</groupId> + <artifactId>dependency-check-maven</artifactId> + <configuration> + <!-- Never fail the build for this module but still check for vulnerabilities. --> + <failBuildOnCVSS>11</failBuildOnCVSS> + <!-- Skip system dependencies; otherwise fails to find + jdk.tools:jdk.tools:jar:1.8:system dependency. --> + <skipSystemScope>true</skipSystemScope> + </configuration> + </plugin> </plugins> </build> </project> diff --git a/spark/pom.xml b/spark/pom.xml index f9a5b73..2defe94 100644 --- a/spark/pom.xml +++ b/spark/pom.xml @@ -158,6 +158,14 @@ limitations under the License. </execution> </executions> </plugin> + <plugin> + <groupId>org.owasp</groupId> + <artifactId>dependency-check-maven</artifactId> + <configuration> + <!-- Never fail the build for this module but still check for vulnerabilities. --> + <failBuildOnCVSS>11</failBuildOnCVSS> + </configuration> + </plugin> </plugins> </build> </project>