Jacek Lewandowski created CASSANDRA-19213:
---------------------------------------------
Summary: Incorporate updated OWASP checks in CircleCI
Key: CASSANDRA-19213
URL: https://issues.apache.org/jira/browse/CASSANDRA-19213
Project: Cassandra
Issue Type: Task
Components: Build
Reporter: Jacek Lewandowski
CASSANDRA-19146 updated and refactored a bit the OWASP analysis. Now we can add
a new task to CircleCI which runs OWASP analysis and presents the results; That
task should run after the build, independently to other tests.
Refactored dependencies check produces JUnit XML report which can be published
by CircleCI just like after any other tests run.
We need to add NVD API key somewhere because otherwise the database would not
be downloaded. We also should leverage CircleCI caching to store the NVD
database and reuse it for various runs. Downloading it each time would be
painful and may lead to block the api key.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org
