[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [cross-project-issues-dev] Are we distributing software with known security issues?

Hiho good people,

For the records I just found an industrialised solution for that kind of problems:
https://dependencyci.com/


The system now only targets github, but the idea is really good..
Food for thoughts.


-- boris



Le 16/01/2017 à 16:51, Roland Grunberg a écrit :
Thanks for the pointer Roland. It seems there is also a Jenkins plugin. It
would be nice if that could be made available.

https://wiki.jenkins-ci.org/display/JENKINS/OWASP+Dependency-Check+Plugin

Assuming the plugin system for Hudson and Jenkins haven't diverged dramatically this might be possible (does anyone know ?). For Orbit, I may ask simply to be able to place the commandline tool at some common location for HIPPS.

Cheers,