[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Tooling update

Thanks, Stefan. Meanwhile, SpotBugs is reactivated in the nighlies now.
I noticed, however, that execution order is important: if SpotBugs runs
before Checkstyle,
the latter bails out because of ANTLR.


2018-06-08 20:42 GMT+02:00 Stefan Bodewig <bodewig@xxxxxxxxxx>:

> On 2018-06-08, Gintautas Grigelionis wrote:
> > Then I was surprised that Dependency Check indicates that the latest
> > XZ 1.8 has a vulnerability: should we ask them to investigate?
> That's a false positive.
> applies to the command
> line tooling and is not related to XZ for Java at all.
> Stefan
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@xxxxxxxxxxxxxx
> For additional commands, e-mail: dev-help@xxxxxxxxxxxxxx