Guardian for Apache Kafka Documentation

Security

OWASP Report

Guardian uses sbt-dependency-check to generate a [dependency-check-report][dependency-check-report-link] which checks direct and transitive dependencies for vulnerabilities against NVD in the form of a HTML file that can be viewed in a standard browser.

Generating a report

You can use the sbt shell to generate a report at any time using

dependencyCheckAggregate

This will overwrite the current report file

Suppressing false positives

Sometimes it is possible that a false positive get generated in the report. To add a false positive, first you need to open the report file in a supported browser. In the list of found vulnerabilities there should be a suppress button which when clicked displays a popup containing an XML suppression entry. You then add that <suppress> tag entry to the existing suppression-file . Finally, regenerate the report again using sbt’s dependencyCheckAggregate

The source code for this page can be found here.

Next: License Report