You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "ASF subversion and git services (Jira)" <ji...@apache.org> on 2021/09/18 11:48:00 UTC
[jira] [Commented] (NIFI-9213) Upgrade Maven Dependency Check
Plugin to 6.3.1
[ https://issues.apache.org/jira/browse/NIFI-9213?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17417121#comment-17417121 ]
ASF subversion and git services commented on NIFI-9213:
-------------------------------------------------------
Commit 6f87865e27f5043f51abdcfdb678834206fda74d in nifi's branch refs/heads/main from David Handermann
[ https://gitbox.apache.org/repos/asf?p=nifi.git;h=6f87865 ]
NIFI-9213 Upgraded Dependency Check Plugin to 6.3.1
- Suppressed false positive for ftpserver
- Suppressed false positive for com.metamx:http-client
- Suppressed false positive for Jetty servlet-api
- Suppressed false positive for Testcontainers MySQL
- Suppressed false positive for vorbis-java-tika
This closes #5384
Signed-off-by: Joe Gresock <jg...@gmail.com>
> Upgrade Maven Dependency Check Plugin to 6.3.1
> ----------------------------------------------
>
> Key: NIFI-9213
> URL: https://issues.apache.org/jira/browse/NIFI-9213
> Project: Apache NiFi
> Issue Type: Task
> Components: Security, Tools and Build
> Reporter: David Handermann
> Assignee: David Handermann
> Priority: Minor
> Time Spent: 10m
> Remaining Estimate: 0h
>
> The Maven OWASP Dependency Check Plugin should be upgraded to 6.3.1 in order to leverage performance improvements and bug fixes. The suppression configuration should also be updated to exclude several false positives in the Dependency-Check Report generated for the project.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)