[PPP-4582] Use of Vulnerable Component: Components/oauth_client_library_for_java

pentaho / pentaho-platform

Pentaho BA Server Core

http://www.pentaho.com

Other

470 stars 723 forks source link

[PPP-4582] Use of Vulnerable Component: Components/oauth_client_library_for_java #5676

Closed singletonc closed 1 day ago

singletonc commented 1 month ago

PR Set for https://hv-eng.atlassian.net/browse/PPP-4582:

Remove unused plugins with vulnerabilities from assembly:

pentaho-googledrive-vfs
pdi-google-analytics-plugin

hitachivantarasonarqube[bot] commented 1 month ago

Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarQube

buildguy commented 1 month ago

[![👍 Frogbot scanned this pull request and found that it did not add vulnerable dependencies.](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/noVulnerabilityBannerPR.png)](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot)

Note:

---

**Frogbot** also supports **Contextual Analysis, Secret Detection, IaC and SAST Vulnerabilities Scanning**. This features are included as part of the [JFrog Advanced Security](https://jfrog.com/advanced-security) package, which isn't enabled on your system.

[🐸 JFrog Frogbot](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot)

buildguy commented 1 month ago

:white_check_mark: Build finished in 13m 52s

Build command:

mvn clean verify -B -e -Daudit -Djs.no.sandbox -pl \
assemblies/pentaho-solutions

:exclamation: No tests found!

:information_source: This is an automatic message