You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tika.apache.org by "ASF GitHub Bot (Jira)" <ji...@apache.org> on 2022/02/06 02:06:00 UTC

[jira] [Commented] (TIKA-3648) Fail build if ossindex-maven-plugin violation is detected

    [ https://issues.apache.org/jira/browse/TIKA-3648?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17487611#comment-17487611 ] 

ASF GitHub Bot commented on TIKA-3648:
--------------------------------------

lewismc commented on pull request #480:
URL: https://github.com/apache/tika/pull/480#issuecomment-1030735362


   Any objections to merge?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@tika.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


> Fail build if ossindex-maven-plugin violation is detected
> ---------------------------------------------------------
>
>                 Key: TIKA-3648
>                 URL: https://issues.apache.org/jira/browse/TIKA-3648
>             Project: Tika
>          Issue Type: Improvement
>          Components: build, security
>    Affects Versions: 2.2.1
>            Reporter: Lewis John McGibbney
>            Assignee: Lewis John McGibbney
>            Priority: Critical
>             Fix For: 2.2.2
>
>
> The ossindex-maven-plugin can really assist us in detecting and preventing security vulnerabilities and also mitigating associated risk and exposure.
> I propose to fail the build if ossindex-maven-plugin violation is detected
> https://github.com/apache/tika/blob/main/tika-parent/pom.xml#L639



--
This message was sent by Atlassian Jira
(v8.20.1#820001)