struts-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From lukaszlen...@apache.org
Subject [struts] branch master updated: Upgrades OWASP Dependency Check plugin to the latest version and reduces CVSS to 7 to detect other important vulnerable libraries
Date Tue, 20 Feb 2018 06:07:35 GMT
This is an automated email from the ASF dual-hosted git repository.

lukaszlenart pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/struts.git


The following commit(s) were added to refs/heads/master by this push:
     new 02c347a  Upgrades OWASP Dependency Check plugin to the latest version and reduces
CVSS to 7 to detect other important vulnerable libraries
02c347a is described below

commit 02c347afd4e83ea147be434739ceaeb83044393a
Author: Lukasz Lenart <lukaszlenart@apache.org>
AuthorDate: Tue Feb 20 07:07:28 2018 +0100

    Upgrades OWASP Dependency Check plugin to the latest version
    and reduces CVSS to 7 to detect other important vulnerable libraries
---
 pom.xml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pom.xml b/pom.xml
index a948f5f..738ddc7 100644
--- a/pom.xml
+++ b/pom.xml
@@ -311,12 +311,12 @@
                 <plugin>
                     <groupId>org.owasp</groupId>
                     <artifactId>dependency-check-maven</artifactId>
-                    <version>3.0.2</version>
+                    <version>3.1.1</version>
                     <configuration>
                         <suppressionFiles>
                             <suppressionFile>src/etc/project-suppression.xml</suppressionFile>
                         </suppressionFiles>
-                        <failBuildOnCVSS>8</failBuildOnCVSS>
+                        <failBuildOnCVSS>7</failBuildOnCVSS>
                         <skipProvidedScope>true</skipProvidedScope>
                         <skipRuntimeScope>true</skipRuntimeScope>
                     </configuration>

-- 
To stop receiving notification emails like this one, please contact
lukaszlenart@apache.org.

Mime
View raw message