Update dependencies to more recent version to reduce security concerns #25
Comments
|
There may be some overlap with #16 which is Git Action based while the above is based on addition of maven plugins to assess things. |
ebresie
added a commit
that referenced
this issue
Oct 29, 2022
- Update dependencies to more recent version to reduce security concerns #25
|
As part of this, additional maven profiles have been added which include:
There are also a few other commented profiles to demonstrate possible used of os, jdk, properties, and/or activation attributes should these be used at a later time. To evaluate this, use the security-test profile which will run security analysis. There may be some overlap with existing GitHub Security and dependabot analysis. |
|
Due to above commit, will close this one for now. In future will need to run it prior to next release (so a "release checklist" item) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Need to update related dependencies to reduce security vulnerabilities.
This will be based on some of the findings found using dependency-check-maven and related checks.
The text was updated successfully, but these errors were encountered: