hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mike Yoder (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HADOOP-13732) Upgrade OWASP dependency-check plugin version
Date Fri, 21 Oct 2016 20:27:58 GMT

     [ https://issues.apache.org/jira/browse/HADOOP-13732?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

Mike Yoder updated HADOOP-13732:
    Attachment: HADOOP-13732.002.patch

> Upgrade OWASP dependency-check plugin version
> ---------------------------------------------
>                 Key: HADOOP-13732
>                 URL: https://issues.apache.org/jira/browse/HADOOP-13732
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: security
>            Reporter: Mike Yoder
>            Assignee: Mike Yoder
>            Priority: Minor
>         Attachments: HADOOP-13732.001.patch, HADOOP-13732.002.patch
> For reasons I don't fully understand, the current version (1.3.6) of the OWASP dependency-check
plugin produces an essentially empty report on trunk (3.0.0).  After some research, it appears
that this plugin has undergone significant work in the latest version, 1.4.3. Upgrading to
this version produces the expected full report.
> The only gotcha is that a new-ish version of maven is required. I'm using 3.2.2; I know
that 3.0.x fails with a strange error.
> This plugin was introduced in HADOOP-13198.

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org

View raw message