-
Story
-
Resolution: Won't Do
-
Medium
-
None
-
None
-
None
The command "mvn dependency:tree --debug --update-snapshots" will resolve the JAR file dependencies like this:
[INFO] ------------------------------------------------------------------------
[INFO] Building aai-validation 1.4.0-SNAPSHOT
[INFO] ------------------------------------------------------------------------
[INFO]
[INFO] --- maven-dependency-plugin:2.8:tree (default-cli) @ validation ---
[INFO] org.onap.aai.validation:validation:jar:1.4.0-SNAPSHOT
[INFO] +- org.springframework.boot:spring-boot-starter-web:jar:1.5.18.RELEASE:compile
[INFO] | +- org.springframework.boot:spring-boot-starter:jar:1.5.18.RELEASE:compile
[INFO] | | +- org.springframework.boot:spring-boot:jar:1.5.18.RELEASE:compile
[INFO] | | +- org.springframework.boot:spring-boot-autoconfigure:jar:1.5.18.RELEASE:compile
[INFO] | | +- org.springframework.boot:spring-boot-starter-logging:jar:1.5.18.RELEASE:compile
[INFO] | | | +- org.slf4j:jul-to-slf4j:jar:1.7.25:compile
[INFO] | | | \- org.slf4j:log4j-over-slf4j:jar:1.7.25:compile
[INFO] | | \- org.yaml:snakeyaml:jar:1.17:compile
[INFO] | +- org.springframework.boot:spring-boot-starter-tomcat:jar:1.5.18.RELEASE:compile
[INFO] | | +- org.apache.tomcat.embed:tomcat-embed-core:jar:8.5.35:compile
[INFO] | | | \- org.apache.tomcat:tomcat-annotations-api:jar:8.5.35:compile
...
Adding this goal in the Jenkins verify jobs means that the data will be available when we need to analyse the security scans to remove vulnerable versions of libraries.
- relates to
-
AAI-1970 [esr-server] Remove zipkin-example
- Closed