[GitHub] nifi pull request #2963: NIFI-5541 - Added OWASP profile for dependency chec...

Fri, 24 Aug 2018 05:43:09 -0700 

GitHub user pvillard31 opened a pull request:

    https://github.com/apache/nifi/pull/2963

    NIFI-5541 - Added OWASP profile for dependency check

    Added a profile allowing people to run the OWASP maven plugin. I had to add 
``<nspAnalyzerEnabled>false</nspAnalyzerEnabled>`` to get things working 
without failure.
    
    I'm running the following command:
    ````shell
    mvn -Powasp -Dtest=false -DfailIfNoTests=false 
org.owasp:dependency-check-maven:aggregate
    ````
    
    ````
    Project: nifi
    org.apache.nifi:nifi:1.8.0-SNAPSHOT
    Scan Information (show less):
    
        dependency-check version: 3.3.1
        Report Generated On: Aug 24, 2018 at 14:27:56 +02:00
        Dependencies Scanned: 1855 (1181 unique)
        Vulnerable Dependencies: 141
        Vulnerabilities Found: 509
        Vulnerabilities Suppressed: 0
        NVD CVE 2002: 23/08/2018 09:24:06
        NVD CVE 2003: 24/08/2018 13:00:49
        NVD CVE 2004: 15/08/2018 10:16:37
        NVD CVE 2005: 15/08/2018 10:14:46
        NVD CVE 2006: 15/08/2018 10:11:39
        NVD CVE 2007: 15/08/2018 10:06:55
        NVD CVE 2008: 15/08/2018 10:02:24
        NVD CVE 2009: 15/08/2018 09:57:28
        NVD CVE 2010: 15/08/2018 09:53:24
        NVD CVE 2011: 24/08/2018 13:00:48
        NVD CVE 2012: 24/08/2018 13:00:48
        NVD CVE 2013: 24/08/2018 13:00:48
        NVD CVE 2014: 24/08/2018 13:00:47
        NVD CVE 2015: 24/08/2018 13:00:47
        NVD CVE 2016: 24/08/2018 13:00:47
        NVD CVE 2017: 24/08/2018 13:00:47
        NVD CVE 2018: 24/08/2018 13:00:48
        NVD CVE Checked: 24/08/2018 13:46:11
        NVD CVE Modified: 24/08/2018 12:01:53
        VersionCheckOn: 1535111171413
    ````
    
    Full report here: http://jsfiddle.net/4jk90tqo/embedded/result/

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/pvillard31/nifi NIFI-5541

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/nifi/pull/2963.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #2963
    
----
commit 871598742ad26e585da73a1d8bb506972a1ace43
Author: Pierre Villard <pierre.villard.fr@...>
Date:   2018-08-24T12:36:36Z

    NIFI-5541 - Added OWASP profile for dependency check

----


---

Reply via email to