You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@plc4x.apache.org by cd...@apache.org on 2019/01/18 08:47:29 UTC
[incubator-plc4x] branch develop updated: - Changed the way we do
the Vulnerability checks for our referenced libraries. - Improved the
documentation in our README
This is an automated email from the ASF dual-hosted git repository.
cdutz pushed a commit to branch develop
in repository https://gitbox.apache.org/repos/asf/incubator-plc4x.git
The following commit(s) were added to refs/heads/develop by this push:
new 9313aa8 - Changed the way we do the Vulnerability checks for our referenced libraries. - Improved the documentation in our README
9313aa8 is described below
commit 9313aa85cb4c072d692daef118bdea59183beb95
Author: Christofer Dutz <ch...@c-ware.de>
AuthorDate: Fri Jan 18 09:47:25 2019 +0100
- Changed the way we do the Vulnerability checks for our referenced libraries.
- Improved the documentation in our README
---
README | 8 +++++++-
examples/hello-cloud-azure/pom.xml | 2 ++
pom.xml | 23 ++++++++++++++---------
3 files changed, 23 insertions(+), 10 deletions(-)
diff --git a/README b/README
index bcce994..5690a25 100644
--- a/README
+++ b/README
@@ -61,8 +61,14 @@ Building the C++ libraries
When building the C++ libraries we require an installed `gcc` compiler.
On Mac and Linux this is usually the case.
+On a minimal Ubuntu Linux system the following modules needed to be installed
+manually:
-On Windows this usually is not.
+- gcc
+- g++
+- make
+
+On Windows the required compiler is generally not available per default.
The build is optimized for using a gcc-port called MinGW, available from
http://win-builds.org/doku.php/download_and_installation_from_windows
Make sure the `bin` directory containing the executable `mingw32-make.exe`
diff --git a/examples/hello-cloud-azure/pom.xml b/examples/hello-cloud-azure/pom.xml
index 30181ef..868a5f3 100644
--- a/examples/hello-cloud-azure/pom.xml
+++ b/examples/hello-cloud-azure/pom.xml
@@ -66,10 +66,12 @@
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-core</artifactId>
+ <version>2.9.7</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcmail-jdk15on</artifactId>
+ <version>1.60</version>
</dependency>
</dependencies>
</dependencyManagement>
diff --git a/pom.xml b/pom.xml
index 37afa5f..79310f8 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1332,7 +1332,7 @@
<executions>
<!-- Make sure no dependencies are used for which known vulnerabilities exist. -->
<execution>
- <id>vulnerability-checks</id>
+ <id>sanity-checks</id>
<phase>validate</phase>
<goals>
<goal>enforce</goal>
@@ -1343,18 +1343,23 @@
<version>1.8.0</version>
</requireJavaVersion>
<reactorModuleConvergence />
- <banVulnerable implementation="org.sonatype.ossindex.maven.enforcer.BanVulnerableDependencies" />
</rules>
</configuration>
</execution>
</executions>
- <dependencies>
- <dependency>
- <groupId>org.sonatype.ossindex.maven</groupId>
- <artifactId>ossindex-maven-enforcer-rules</artifactId>
- <version>1.0.0</version>
- </dependency>
- </dependencies>
+ </plugin>
+
+ <plugin>
+ <groupId>org.owasp</groupId>
+ <artifactId>dependency-check-maven</artifactId>
+ <version>4.0.2</version>
+ <executions>
+ <execution>
+ <goals>
+ <goal>check</goal>
+ </goals>
+ </execution>
+ </executions>
</plugin>
</plugins>
</build>