hadoop-common-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From w...@apache.org
Subject hadoop git commit: HADOOP-13198. Add support for OWASP's dependency-check. Contributed by Mike Yoder.
Date Wed, 25 May 2016 01:30:06 GMT
Repository: hadoop
Updated Branches:
  refs/heads/branch-2 afe603d97 -> 2ea17f457


HADOOP-13198. Add support for OWASP's dependency-check. Contributed by Mike Yoder.

(cherry picked from commit 09b866fd45664ff977702b58b6338ce209729a97)


Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/2ea17f45
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/2ea17f45
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/2ea17f45

Branch: refs/heads/branch-2
Commit: 2ea17f4578fcada8c1bcc5e97f085ca878ec5ec4
Parents: afe603d
Author: Andrew Wang <wang@apache.org>
Authored: Tue May 24 18:29:45 2016 -0700
Committer: Andrew Wang <wang@apache.org>
Committed: Tue May 24 18:29:48 2016 -0700

----------------------------------------------------------------------
 pom.xml | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/hadoop/blob/2ea17f45/pom.xml
----------------------------------------------------------------------
diff --git a/pom.xml b/pom.xml
index e703f9c..1a23a08 100644
--- a/pom.xml
+++ b/pom.xml
@@ -105,6 +105,7 @@ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xs
     <maven-bundle-plugin.version>2.5.0</maven-bundle-plugin.version>
     <maven-checkstyle-plugin.version>2.15</maven-checkstyle-plugin.version>
     <checkstyle.version>6.6</checkstyle.version>
+    <dependency-check-maven.version>1.3.6</dependency-check-maven.version>
 
     <shell-executable>bash</shell-executable>
   </properties>
@@ -215,6 +216,11 @@ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xs
             <outputFile>${project.build.directory}/test/checkstyle-errors.xml</outputFile>
           </configuration>
         </plugin>
+        <plugin>
+          <groupId>org.owasp</groupId>
+          <artifactId>dependency-check-maven</artifactId>
+          <version>${dependency-check-maven.version}</version>
+        </plugin>
       </plugins>
     </pluginManagement>
 
@@ -286,6 +292,17 @@ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xs
         <artifactId>maven-checkstyle-plugin</artifactId>
         <version>${maven-checkstyle-plugin.version}</version>
       </plugin>
+      <plugin>
+        <!-- OWASP's dependency-check plugin will scan the third party
+             dependencies of this project for known CVEs (security
+             vulnerabilities against them). It will produce a report
+             in target/dependency-check-report.html. To invoke, run
+             'mvn dependency-check:aggregate'
+        -->
+        <groupId>org.owasp</groupId>
+        <artifactId>dependency-check-maven</artifactId>
+        <version>${dependency-check-maven.version}</version>
+      </plugin>
     </plugins>
   </build>
 


---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-commits-help@hadoop.apache.org


Mime
View raw message