You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by su...@apache.org on 2016/10/25 02:26:28 UTC
[18/50] [abbrv] hadoop git commit: HADOOP-13732. Upgrade OWASP
dependency-check plugin version. Contributed by Mike Yoder.
HADOOP-13732. Upgrade OWASP dependency-check plugin version. Contributed by Mike Yoder.
Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/c473490d
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/c473490d
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/c473490d
Branch: refs/heads/YARN-2915
Commit: c473490da01c5909209b138034e1a1c85e174247
Parents: 2543852
Author: Andrew Wang <wa...@apache.org>
Authored: Fri Oct 21 16:41:30 2016 -0700
Committer: Andrew Wang <wa...@apache.org>
Committed: Fri Oct 21 16:41:39 2016 -0700
----------------------------------------------------------------------
BUILDING.txt | 8 ++++++++
pom.xml | 5 +++--
2 files changed, 11 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/hadoop/blob/c473490d/BUILDING.txt
----------------------------------------------------------------------
diff --git a/BUILDING.txt b/BUILDING.txt
index 9d297f7..1fbf8bb 100644
--- a/BUILDING.txt
+++ b/BUILDING.txt
@@ -212,6 +212,14 @@ Maven build goals:
and it ignores the -Disal.prefix option. If -Disal.lib isn't given, the
bundling and building will fail.
+ Special plugins: OWASP's dependency-check:
+
+ OWASP's dependency-check plugin will scan the third party dependencies
+ of this project for known CVEs (security vulnerabilities against them).
+ It will produce a report in target/dependency-check-report.html. To
+ invoke, run 'mvn dependency-check:aggregate'. Note that this plugin
+ requires maven 3.1.1 or greater.
+
----------------------------------------------------------------------------------
Building components separately
http://git-wip-us.apache.org/repos/asf/hadoop/blob/c473490d/pom.xml
----------------------------------------------------------------------
diff --git a/pom.xml b/pom.xml
index 1a3cd28..860c2d7 100644
--- a/pom.xml
+++ b/pom.xml
@@ -107,7 +107,7 @@ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xs
<lifecycle-mapping.version>1.0.0</lifecycle-mapping.version>
<maven-checkstyle-plugin.version>2.15</maven-checkstyle-plugin.version>
<checkstyle.version>6.6</checkstyle.version>
- <dependency-check-maven.version>1.3.6</dependency-check-maven.version>
+ <dependency-check-maven.version>1.4.3</dependency-check-maven.version>
<shell-executable>bash</shell-executable>
</properties>
@@ -407,7 +407,8 @@ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xs
dependencies of this project for known CVEs (security
vulnerabilities against them). It will produce a report
in target/dependency-check-report.html. To invoke, run
- 'mvn dependency-check:aggregate'
+ 'mvn dependency-check:aggregate'. Note that this plugin
+ requires maven 3.1.1 or greater.
-->
<groupId>org.owasp</groupId>
<artifactId>dependency-check-maven</artifactId>
---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-commits-help@hadoop.apache.org