dweiss commented on a change in pull request #1121: SOLR-11207: Add OWASP
dependency checker to gradle build
URL: https://github.com/apache/lucene-solr/pull/1121#discussion_r361869974
##########
File path: gradle/validation/dependency-check.gradle
##########
@@ -0,0 +1,12 @@
+// This adds OWASP vulnerability validation of project dependencies
+
+// This should be false only for debugging.
+def failOnError = true
Review comment:
It can be a property. Then you can only warn on default builds but have it
fail the build if requested ("-Pvalidation.failOn=owasp,..."). A CI job could
run these so that we get a warning.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@lucene.apache.org
For additional commands, e-mail: issues-h...@lucene.apache.org
