Closed adhikasp closed 5 years ago
CI dependency check failing...
[ERROR] Failed to execute goal org.owasp:dependency-check-maven:3.1.0:check (default-cli) on project sonar-stash-plugin:
[ERROR]
[ERROR] One or more dependencies were identified with vulnerabilities:
[ERROR]
[ERROR] sonar-plugin-api-6.0.jar/META-INF/maven/com.google.guava/guava/pom.xml: CVE-2018-10237
Thanks for this!
I changed to base to point to the new issue/190
branch where I created an end-to-end testcase (and the matching testing framework, which I wanted to create for some time now).
Also the dependency-check warning is triggered by our sonar-api dependency and not our own.
I will try to configure dependency-check to ignore provided
dependencies.
Welp, seems the git history got messed up because issues/194
doesn't get rebased to current master
. Trying to use issues/194
base branch fails the CI check, so I branch of from master
again. I doesn't exactly know what to do here 😅
Here is my list of commit, feel free to cherry pick it or whatever you think is convenient.
@t-8ch oh and I think you misnamed issue 194 as 190?
Yes I did. I will just cherrypick your stuff and do the minor style cleanups myself.
This is on master
now. Thanks again!
Fixes https://github.com/AmadeusITGroup/sonar-stash/issues/194