diff --git a/.travis.yml b/.travis.yml index 23ca2bc0b8b9..2d0e94cb121e 100644 --- a/.travis.yml +++ b/.travis.yml @@ -639,10 +639,12 @@ jobs: stage: cron install: skip script: |- - ${MVN} dependency-check:check || { echo " + ${MVN} dependency-check:aggregate -pl '!integration-tests' || { echo " The OWASP dependency check has found security vulnerabilities. Please use a newer version - of the dependency that does not have vulnerabilities. If the analysis has false positives, + of the dependency that does not have vulnerabilities. To see a report run + `mvn dependency-check:check` + If the analysis has false positives, they can be suppressed by adding entries to owasp-dependency-check-suppressions.xml (for more information, see https://jeremylong.github.io/DependencyCheck/general/suppression.html). diff --git a/pom.xml b/pom.xml index f3dc30dd1cb4..a14eedee6b04 100644 --- a/pom.xml +++ b/pom.xml @@ -1570,9 +1570,9 @@ org.owasp dependency-check-maven - 5.3.2 + 6.0.3 + false - 24 7 true true @@ -1583,6 +1583,9 @@ + + aggregate + none