camel-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CAMEL-10354) OWASP Dependency Check
Date Mon, 31 Oct 2016 02:16:58 GMT

    [ https://issues.apache.org/jira/browse/CAMEL-10354?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15620983#comment-15620983
] 

ASF GitHub Bot commented on CAMEL-10354:
----------------------------------------

GitHub user igarashitm opened a pull request:

    https://github.com/apache/camel/pull/1237

    CAMEL-10354 OWASP Dependency Check

    Added dependencycheck profile to run OWASP dependency check plugin
    
    Note that some recent OpenJDK distribution in such as fedora, RHEL, CentOS doesn't contain
ECDHE cipher which is required to download from nvd.nist.gov. In order to run this plugin
on these environment, you'd need to install a JCE crypto provider like bouncycastle (e.g.
dnf install bouncycastle on fedora24) and remove ECDHE from jdk.tls.disabledAlgorithms property
defined in the jre/lib/security/java.security.
    https://github.com/jeremylong/DependencyCheck/issues/523

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/igarashitm/camel CAMEL-10354

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/camel/pull/1237.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #1237
    
----
commit bdc958bc46dc78c627571513805a425f3596adfc
Author: Tomohisa Igarashi <tm.igarashi@gmail.com>
Date:   2016-10-12T11:00:29Z

    CAMEL-10354 OWASP Dependency Check
    
    Added dependencycheck profile to run OWASP dependency check plugin

----


> OWASP Dependency Check
> ----------------------
>
>                 Key: CAMEL-10354
>                 URL: https://issues.apache.org/jira/browse/CAMEL-10354
>             Project: Camel
>          Issue Type: New Feature
>          Components: build system
>            Reporter: Claus Ibsen
>            Assignee: Tomohisa Igarashi
>             Fix For: Future
>
>
> To add a maven profile that runs the owasp check
> https://github.com/jeremylong/DependencyCheck



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message