GitHub user rzo1 opened a pull request:
https://github.com/apache/tomee/pull/298
[BACKPORT 7.0.x] TOMEE-2363 Introduces OWASP dependency check via profile
Backport of TOMEE-2363, see #276
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/rzo1/tomee tomee-7.0.x
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/tomee/pull/298.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #298
----
commit cfa04251c2981030c4c74405dd6713bbb042601f
Author: rzo1 <richard@...>
Date: 2018-12-18T10:20:23Z
TOMEE-2363 Introduces OWASP dependency check via two profiles "owasp-check"
(will fail the build for CVE score > 8.0" and "owasp-report"
----
---
