GitHub user pvillard31 opened a pull request: https://github.com/apache/nifi/pull/2963
NIFI-5541 - Added OWASP profile for dependency check Added a profile allowing people to run the OWASP maven plugin. I had to add ``<nspAnalyzerEnabled>false</nspAnalyzerEnabled>`` to get things working without failure. I'm running the following command: ````shell mvn -Powasp -Dtest=false -DfailIfNoTests=false org.owasp:dependency-check-maven:aggregate ```` ```` Project: nifi org.apache.nifi:nifi:1.8.0-SNAPSHOT Scan Information (show less): dependency-check version: 3.3.1 Report Generated On: Aug 24, 2018 at 14:27:56 +02:00 Dependencies Scanned: 1855 (1181 unique) Vulnerable Dependencies: 141 Vulnerabilities Found: 509 Vulnerabilities Suppressed: 0 NVD CVE 2002: 23/08/2018 09:24:06 NVD CVE 2003: 24/08/2018 13:00:49 NVD CVE 2004: 15/08/2018 10:16:37 NVD CVE 2005: 15/08/2018 10:14:46 NVD CVE 2006: 15/08/2018 10:11:39 NVD CVE 2007: 15/08/2018 10:06:55 NVD CVE 2008: 15/08/2018 10:02:24 NVD CVE 2009: 15/08/2018 09:57:28 NVD CVE 2010: 15/08/2018 09:53:24 NVD CVE 2011: 24/08/2018 13:00:48 NVD CVE 2012: 24/08/2018 13:00:48 NVD CVE 2013: 24/08/2018 13:00:48 NVD CVE 2014: 24/08/2018 13:00:47 NVD CVE 2015: 24/08/2018 13:00:47 NVD CVE 2016: 24/08/2018 13:00:47 NVD CVE 2017: 24/08/2018 13:00:47 NVD CVE 2018: 24/08/2018 13:00:48 NVD CVE Checked: 24/08/2018 13:46:11 NVD CVE Modified: 24/08/2018 12:01:53 VersionCheckOn: 1535111171413 ```` Full report here: http://jsfiddle.net/4jk90tqo/embedded/result/ You can merge this pull request into a Git repository by running: $ git pull https://github.com/pvillard31/nifi NIFI-5541 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/nifi/pull/2963.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #2963 ---- commit 871598742ad26e585da73a1d8bb506972a1ace43 Author: Pierre Villard <pierre.villard.fr@...> Date: 2018-08-24T12:36:36Z NIFI-5541 - Added OWASP profile for dependency check ---- ---