Closed adhikasp closed 5 years ago
adhikasp
commented
5 years ago CI dependency check failing...
[ERROR] Failed to execute goal org.owasp:dependency-check-maven:3.1.0:check (default-cli) on project sonar-stash-plugin:
[ERROR]
[ERROR] One or more dependencies were identified with vulnerabilities:
[ERROR]
[ERROR] sonar-plugin-api-6.0.jar/META-INF/maven/com.google.guava/guava/pom.xml: CVE-2018-10237
t-8ch
commented
5 years ago Thanks for this!
I changed to base to point to the new issue/190 branch where I created an end-to-end testcase (and the matching testing framework, which I wanted to create for some time now).
t-8ch
commented
5 years ago Also the dependency-check warning is triggered by our sonar-api dependency and not our own.
I will try to configure dependency-check to ignore provided dependencies.
adhikasp
commented
5 years ago Welp, seems the git history got messed up because issues/194 doesn't get rebased to current master. Trying to use issues/194 base branch fails the CI check, so I branch of from master again. I doesn't exactly know what to do here 😅
Here is my list of commit, feel free to cherry pick it or whatever you think is convenient.
adhikasp
commented
5 years ago @t-8ch oh and I think you misnamed issue 194 as 190?
t-8ch
commented
5 years ago Yes I did. I will just cherrypick your stuff and do the minor style cleanups myself.
t-8ch
commented
5 years ago This is on master now. Thanks again!
Fixes https://github.com/AmadeusITGroup/sonar-stash/issues/194