You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@nutch.apache.org by "Sebastian Nagel (JIRA)" <ji...@apache.org> on 2018/12/07 17:02:00 UTC

[jira] [Resolved] (NUTCH-2668) Integrate OWASP dependency checks as ant target

     [ https://issues.apache.org/jira/browse/NUTCH-2668?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Sebastian Nagel resolved NUTCH-2668.
------------------------------------
    Resolution: Fixed

> Integrate OWASP dependency checks as ant target
> -----------------------------------------------
>
>                 Key: NUTCH-2668
>                 URL: https://issues.apache.org/jira/browse/NUTCH-2668
>             Project: Nutch
>          Issue Type: Improvement
>          Components: build
>    Affects Versions: 2.4, 1.16
>            Reporter: Sebastian Nagel
>            Assignee: Sebastian Nagel
>            Priority: Major
>             Fix For: 2.4, 1.16
>
>         Attachments: 1x-dependency-check-report.html, 1x-dependency-check-vulnerability.html, 2x-dependency-check-report.html, 2x-dependency-check-vulnerability.html
>
>
> [OWASP|http://www.owasp.org/] provides the [ant tool "dependency-check"|https://jeremylong.github.io/DependencyCheck/dependency-check-ant/index.html] which lists potential vulnerabilities of library dependencies. We should integrate the generation of vulnerability reports into our build system as an optional task/target recommended to be run from time to time and especially shortly before releases are prepared.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)