[wildfly-dev] Jenkins job to run build using victims-scan profile

Tomaž Cerar tomaz.cerar at gmail.com
Tue Aug 27 05:48:08 EDT 2013


Here you go:

http://brontes.lab.eng.brq.redhat.com/viewType.html?buildTypeId=WF_MasterVictimsScan

--
tomaz


On Tue, Aug 27, 2013 at 4:41 AM, David Jorm <djorm at redhat.com> wrote:

> Hi All
>
> Since this PR was merged:
>
> https://github.com/wildfly/wildfly/pull/4939
>
> We now have the "victims-scan" profile in the main POM, which will scan
> for known vulnerable dependencies at build time. The rationale behind
> putting this scan into a separate profile was to ensure that it had no
> deleterious impact on day-to-day development. To ensure that we do get some
> regular scans performed, the missing step is to create a jenkins job which
> regularly runs builds using the victims-scan profile, and then emails
> output to an appropriate list if the build fails due to the victims scan. I
> think an appropriate trigger for the job would be a weekly timer. Would it
> be possible to create such a job? Is there any way I can assist to make it
> happen?
>
> Thanks
> --
> David Jorm / Red Hat Security Response Team
>
> _______________________________________________
> wildfly-dev mailing list
> wildfly-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/wildfly-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/wildfly-dev/attachments/20130827/b856a47d/attachment.html 


More information about the wildfly-dev mailing list