Versions Compared

Old Version 27

changes.mady.by.user Jacques Le Roux

Saved on

compared with

New Version 28

changes.mady.by.user Jacques Le Roux

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Fixes links, info on last check
Info
titleHistory

Please refer to history for information on released and older trunk versions. The links might fail though, since the OFBiz svn repo structure has changed while splitting frameworks from plugins.

 

OWASP Dependency Check is a tool for checking the Java libraries you use have no security issues. We use it through a Gradle plugin.
Once the CVEs references the Gradle dependencies are up to date, as of 2016/09/05, it takes 3,5 minutes on a standard machine to check the dependencies (it was 2+ minutes before Gradle)

...

gradlew -PenableOwasp dependencyCheck

Trunk reports

Here is the last report file for the trunk 

There is also the tools\security folder with some information in OFBiz trunk repo...

...

The other HIGHEST are only dependencies on dependencies. In both cases it's impossible to do otherwise anyway (though we should upgrade Birt...)

Trunk reports

Here is the last report file for the trunk

Here is the previous report file for the trunk (before Gradle insertion)