David Handermann created NIFI-13493: ---------------------------------------
Summary: Disable dependency-check workflow Key: NIFI-13493 URL: https://issues.apache.org/jira/browse/NIFI-13493 Project: Apache NiFi Issue Type: Improvement Components: Tools and Build Reporter: David Handermann Assignee: David Handermann The dependency check workflow executes the OWASP Dependency Check Maven Plugin to evaluate project dependencies against current published vulnerabilities. Although this provides benefits, changes in version 9 of the plugin involve using the new NVD API which has significant rate limits. Additional caching options should be evaluated, but removing the workflow for now avoids false positives. Running the dependency-check profile on a local build still provides value, but other approaches should be evaluated for automated vulnerability scanning. -- This message was sent by Atlassian Jira (v8.20.10#820010)