You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@camel.apache.org by igarashitm <gi...@git.apache.org> on 2016/10/31 02:16:38 UTC
[GitHub] camel pull request #1237: CAMEL-10354 OWASP Dependency Check
GitHub user igarashitm opened a pull request:
https://github.com/apache/camel/pull/1237
CAMEL-10354 OWASP Dependency Check
Added dependencycheck profile to run OWASP dependency check plugin
Note that some recent OpenJDK distribution in such as fedora, RHEL, CentOS doesn't contain ECDHE cipher which is required to download from nvd.nist.gov. In order to run this plugin on these environment, you'd need to install a JCE crypto provider like bouncycastle (e.g. dnf install bouncycastle on fedora24) and remove ECDHE from jdk.tls.disabledAlgorithms property defined in the jre/lib/security/java.security.
https://github.com/jeremylong/DependencyCheck/issues/523
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/igarashitm/camel CAMEL-10354
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/camel/pull/1237.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #1237
----
commit bdc958bc46dc78c627571513805a425f3596adfc
Author: Tomohisa Igarashi <tm...@gmail.com>
Date: 2016-10-12T11:00:29Z
CAMEL-10354 OWASP Dependency Check
Added dependencycheck profile to run OWASP dependency check plugin
----
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] camel pull request #1237: CAMEL-10354 OWASP Dependency Check
Posted by igarashitm <gi...@git.apache.org>.
Github user igarashitm closed the pull request at:
https://github.com/apache/camel/pull/1237
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---