Skip to content

Configure dependency-check for apache-release#14686

Closed
AmatyaAvadhanula wants to merge 3 commits intoapache:masterfrom
AmatyaAvadhanula:release-dependency-check
Closed

Configure dependency-check for apache-release#14686
AmatyaAvadhanula wants to merge 3 commits intoapache:masterfrom
AmatyaAvadhanula:release-dependency-check

Conversation

@AmatyaAvadhanula
Copy link
Contributor

@AmatyaAvadhanula AmatyaAvadhanula commented Jul 28, 2023

Add configuration to fail only on vulnerabilities having a severity of at least 7 (and other configs) in the apache-release profile

Also suppress the following CVEs
CVE-2023-3782
CVE-2023-37475

Web-console / Static website vulnerabilities:
package-lock.json?ansi-regex (pkg:npm/ansi-regex@5.0.0) : 1091190
package-lock.json?glob-parent (pkg:npm/glob-parent@5.1.1) : 1091181
package-lock.json?minimatch (pkg:npm/minimatch@3.0.4) : 1092637
package-lock.json?y18n (pkg:npm/y18n@4.0.0) : 1091234

pom.xml Outdated
<plugin>
<groupId>org.owasp</groupId>
<artifactId>dependency-check-maven</artifactId>
<version>7.4.4</version>
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nit: indentation seems off

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed

@kfaraz kfaraz added this to the 27.0 milestone Jul 29, 2023
@AmatyaAvadhanula AmatyaAvadhanula requested a review from kfaraz July 31, 2023 04:30
@AmatyaAvadhanula AmatyaAvadhanula removed this from the 27.0 milestone Jul 31, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants