[NIFI-12393] Upgrade OWASP Dependency Check to 8.4.3 and Address Findings - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Minor
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 2.0.0-M1
Component/s: Tools and Build
Labels:
None

Description

The OWASP Dependency Check Plugin should be upgraded to 8.4.3 and recent findings in the report should be resolved.

Several findings are false positives due to misidentified dependencies, and other findings are related to version settings that are not carried through to the nifi-code-coverage module, which is specific to JaCoCo coverage aggregation.

Attachments

Issue Links

links to

GitHub Pull Request #8054

Activity

People

Assignee:: David Handermann

Reporter:: David Handermann

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 20/Nov/23 18:31

Updated:: 21/Nov/23 17:46

Resolved:: 21/Nov/23 11:16

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

20m