This is an automated email from the ASF dual-hosted git repository.
lukaszlenart pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/struts.git
The following commit(s) were added to refs/heads/master by this push:
new 02c347a Upgrades OWASP Dependency Check plugin to the latest version and reduces
CVSS to 7 to detect other important vulnerable libraries
02c347a is described below
commit 02c347afd4e83ea147be434739ceaeb83044393a
Author: Lukasz Lenart <lukaszlenart@apache.org>
AuthorDate: Tue Feb 20 07:07:28 2018 +0100
Upgrades OWASP Dependency Check plugin to the latest version
and reduces CVSS to 7 to detect other important vulnerable libraries
---
pom.xml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pom.xml b/pom.xml
index a948f5f..738ddc7 100644
--- a/pom.xml
+++ b/pom.xml
@@ -311,12 +311,12 @@
<plugin>
<groupId>org.owasp</groupId>
<artifactId>dependency-check-maven</artifactId>
- <version>3.0.2</version>
+ <version>3.1.1</version>
<configuration>
<suppressionFiles>
<suppressionFile>src/etc/project-suppression.xml</suppressionFile>
</suppressionFiles>
- <failBuildOnCVSS>8</failBuildOnCVSS>
+ <failBuildOnCVSS>7</failBuildOnCVSS>
<skipProvidedScope>true</skipProvidedScope>
<skipRuntimeScope>true</skipRuntimeScope>
</configuration>
--
To stop receiving notification emails like this one, please contact
lukaszlenart@apache.org.
|