[
https://issues.apache.org/jira/browse/CASSANDRA-20501?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17939784#comment-17939784
]
Doug Rohrer commented on CASSANDRA-20501:
-----------------------------------------
Note also I don't think we actually _run_ the dependency check in any of our
builds, do we? Otherwise it would have been failing since the end of February
due to the database changes (or we would have been running with old
vulnerability data I suppose).
> Update to latest dependency-check to fix incompatibility with new data feed
> format
> ----------------------------------------------------------------------------------
>
> Key: CASSANDRA-20501
> URL: https://issues.apache.org/jira/browse/CASSANDRA-20501
> Project: Apache Cassandra
> Issue Type: Task
> Components: Build
> Reporter: Doug Rohrer
> Assignee: Stefan Miklosovic
> Priority: Normal
> Fix For: 3.0.x, 3.11.x, 4.0.x, 4.1.x, 5.0.x, 5.x
>
> Attachments: dependency-check-fix.patch
>
>
> The dependency-check task at the version we have is broken due to a change in
> the format of the data from NVD. See
> [https://github.com/dependency-check/DependencyCheck/issues/7463] for more
> information on the need for this change.
>
> Update to latest (12.1.0, from the new location at
> [https://github.com/dependency-check/DependencyCheck/] as it also moved to a
> GitHub org).
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org
