You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@zookeeper.apache.org by an...@apache.org on 2019/01/29 14:17:51 UTC
[zookeeper] branch master updated: ZOOKEEPER-3256: Enable OWASP
checks to Maven build
This is an automated email from the ASF dual-hosted git repository.
andor pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/zookeeper.git
The following commit(s) were added to refs/heads/master by this push:
new f405105 ZOOKEEPER-3256: Enable OWASP checks to Maven build
f405105 is described below
commit f40510534c34e6c239eb97a052caf54650593d4e
Author: Enrico Olivelli <eo...@apache.org>
AuthorDate: Tue Jan 29 15:17:46 2019 +0100
ZOOKEEPER-3256: Enable OWASP checks to Maven build
Author: Enrico Olivelli <eo...@apache.org>
Reviewers: andor@apache.org
Closes #788 from eolivelli/fix/owasp and squashes the following commits:
972ff67bf [Enrico Olivelli] Update ant task defs and force update of patterns
bd96cb669 [Enrico Olivelli] ZOOKEEPER-3256: Enable OWASP checks to Maven build
---
build.xml | 4 ++--
pom.xml | 16 ++++++++++++++++
2 files changed, 18 insertions(+), 2 deletions(-)
diff --git a/build.xml b/build.xml
index 41630fb..c4e718a 100644
--- a/build.xml
+++ b/build.xml
@@ -56,7 +56,7 @@ xmlns:cs="antlib:com.puppycrawl.tools.checkstyle.ant">
<property name="jetty.version" value="9.4.10.v20180503"/>
<property name="jackson.version" value="2.9.5"/>
- <property name="dependency-check-ant.version" value="3.2.1"/>
+ <property name="dependency-check-ant.version" value="4.0.2"/>
<property name="commons-io.version" value="2.6"/>
<property name="kerby.version" value="1.1.0"/>
@@ -1700,7 +1700,7 @@ xmlns:cs="antlib:com.puppycrawl.tools.checkstyle.ant">
<target name="owasp" depends="owasp-taskdef,ivy-retrieve" description="OWASP dependency check">
<property name="owasp.out.dir" value="${test.java.build.dir}/owasp" />
-
+ <owasp:dependency-check-update xmlns:owasp="antlib:org.owasp.dependencycheck.anttasks" />
<owasp:dependency-check xmlns:owasp="antlib:org.owasp.dependencycheck.anttasks"
projectname="ZooKeeper"
reportoutputdirectory="${owasp.out.dir}"
diff --git a/pom.xml b/pom.xml
index 977d693..d1f6a34 100755
--- a/pom.xml
+++ b/pom.xml
@@ -483,6 +483,11 @@
<excludeFilterFile>excludeFindBugsFilter.xml</excludeFilterFile>
</configuration>
</plugin>
+ <plugin>
+ <groupId>org.owasp</groupId>
+ <artifactId>dependency-check-maven</artifactId>
+ <version>4.0.2</version>
+ </plugin>
</plugins>
</pluginManagement>
@@ -514,6 +519,17 @@
<groupId>com.github.spotbugs</groupId>
<artifactId>spotbugs-maven-plugin</artifactId>
</plugin>
+ <plugin>
+ <groupId>org.owasp</groupId>
+ <artifactId>dependency-check-maven</artifactId>
+ <configuration>
+ <format>ALL</format>
+ <failBuildOnCVSS>0</failBuildOnCVSS>
+ <suppressionFiles>
+ <suppressionsFile>owaspSuppressions.xml</suppressionsFile>
+ </suppressionFiles>
+ </configuration>
+ </plugin>
</plugins>
</build>