You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@drill.apache.org by GitBox <gi...@apache.org> on 2021/01/07 03:45:17 UTC

[GitHub] [drill] cgivre opened a new pull request #2140: DRILL-7840: Add OWASP Dependency Report to Pom.XML

cgivre opened a new pull request #2140:
URL: https://github.com/apache/drill/pull/2140


   # [DRILL-7840](https://issues.apache.org/jira/browse/DRILL-7840): Add OWASP Dependency Report to Pom.XML
   
   ## Description
   
   This PR adds the OWASP Dependency-Check to the master `pom.xml` file. You can generate a report of Drill's dependencies by running the command:
   ```
   mvn clean site
   ```
   This does not affect the regular build process.
   
   ## Documentation
   No user facing changes.  Developers can check whether new dependencies introduced vulnerabilities by running the above command. 
   
   ## Testing
   Built Drill normally and generated report using the `mvn clean site` command.


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [drill] luocooong commented on pull request #2140: DRILL-7840: Add OWASP Dependency Report to Pom.XML

Posted by GitBox <gi...@apache.org>.

luocooong commented on pull request #2140:
URL: https://github.com/apache/drill/pull/2140#issuecomment-757404502


   That's wonderful. Thank you @cgivre 


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [drill] cgivre merged pull request #2140: DRILL-7840: Add OWASP Dependency Report to Pom.XML

Posted by GitBox <gi...@apache.org>.

cgivre merged pull request #2140:
URL: https://github.com/apache/drill/pull/2140


   


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [drill] luocooong commented on pull request #2140: DRILL-7840: Add OWASP Dependency Report to Pom.XML

Posted by GitBox <gi...@apache.org>.

luocooong commented on pull request #2140:
URL: https://github.com/apache/drill/pull/2140#issuecomment-757404502


   That's wonderful. Thank you @cgivre 


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [drill] cgivre commented on pull request #2140: DRILL-7840: Add OWASP Dependency Report to Pom.XML

Posted by GitBox <gi...@apache.org>.

cgivre commented on pull request #2140:
URL: https://github.com/apache/drill/pull/2140#issuecomment-757394394


   @luocooong 
   Thanks again for the review. I updated the file you suggested with the command to run the report. 


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [drill] cgivre commented on pull request #2140: DRILL-7840: Add OWASP Dependency Report to Pom.XML

Posted by GitBox <gi...@apache.org>.

cgivre commented on pull request #2140:
URL: https://github.com/apache/drill/pull/2140#issuecomment-757394394


   @luocooong 
   Thanks again for the review. I updated the file you suggested with the command to run the report. 


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org