[jira] [Commented] (PIG-5462) Always update Owasp version to latest

Rohini Palaniswamy (Jira) Wed, 18 Sep 2024 13:25:06 -0700


    [ 
https://issues.apache.org/jira/browse/PIG-5462?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17882802#comment-17882802
 ]


Rohini Palaniswamy commented on PIG-5462:
-----------------------------------------

+1

> Always update Owasp version to latest 
> --------------------------------------
>
>                 Key: PIG-5462
>                 URL: https://issues.apache.org/jira/browse/PIG-5462
>             Project: Pig
>          Issue Type: Test
>            Reporter: Koji Noguchi
>            Assignee: Koji Noguchi
>            Priority: Trivial
>         Attachments: pig-5462-v01.patch, pig-5462-v02.patch
>
>
> While looking at owasp report, a lot of them were completely off.  
> (Like hadoop-shims-0.10.3 being reported as vulnerable.)
> Using latest org.owasp/dependency-check-ant 
> (https://mvnrepository.com/artifact/org.owasp/dependency-check-ant)
> seems to help cut down the false positives. 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (PIG-5462) Always update Owasp version to latest

Reply via email to