![]() |
|
|
|
|
Issue Type:
|
![Bug]() Bug
|
|
Assignee:
|
Unassigned |
|
Components:
|
dependency-check-jenkins |
|
Created:
|
11/Feb/14 1:26 PM
|
|
Description:
|
Dependency Check Plugin run Dependency Check core and scan all workspace contents, including local maven repositories.
This raise many false positive about vulnerabilities in artifacts not bundled in product but used in scope test, provided, runtime and even Maven plugins (ie Maven site using vulnerable Struts).
Maven support is allready available in Dependency Check core and Jenkins integration in Dependency Check Plugin, this one should be able to use Jenkins/Maven integration fluently
|
|
Project:
|
Jenkins
|
|
Priority:
|
![Major]() Major
|
|
Reporter:
|
Henri Gomez
|
|
|
|
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators.
For more information on JIRA, see: http://www.atlassian.com/software/jira
|
--
You received this message because you are subscribed to the Google Groups "Jenkins Issues" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com.
For more options, visit
https://groups.google.com/groups/opt_out.
