You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by sm...@apache.org on 2018/09/07 15:19:18 UTC
directory-fortress-core git commit: FC-240 - Please add OWASP
Dependency Check to the build (pom.xml)
Repository: directory-fortress-core
Updated Branches:
refs/heads/master 712f9af25 -> a0a5ab8dd
FC-240 - Please add OWASP Dependency Check to the build (pom.xml)
Project: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/commit/a0a5ab8d
Tree: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/tree/a0a5ab8d
Diff: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/diff/a0a5ab8d
Branch: refs/heads/master
Commit: a0a5ab8ddc864aec9250a765f4a8c0a5fff3f3fd
Parents: 712f9af
Author: Shawn McKinney <sm...@apache.org>
Authored: Fri Sep 7 10:19:12 2018 -0500
Committer: Shawn McKinney <sm...@apache.org>
Committed: Fri Sep 7 10:19:12 2018 -0500
----------------------------------------------------------------------
pom.xml | 31 +++++++++++++++++++++++++++++++
src/owasp/suppression.xml | 18 ++++++++++++++++++
2 files changed, 49 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/a0a5ab8d/pom.xml
----------------------------------------------------------------------
diff --git a/pom.xml b/pom.xml
index f8e4432..9aaf487 100644
--- a/pom.xml
+++ b/pom.xml
@@ -595,6 +595,17 @@
</excludes>
</configuration>
</plugin>
+
+ <plugin>
+ <groupId>org.owasp</groupId>
+ <artifactId>dependency-check-maven</artifactId>
+ <version>3.3.1</version>
+ <configuration>
+ <failBuildOnAnyVulnerability>true</failBuildOnAnyVulnerability>
+ <suppressionFile>${project.basedir}/src/owasp/suppression.xml</suppressionFile>
+ </configuration>
+ </plugin>
+
</plugins>
</pluginManagement>
@@ -1207,5 +1218,25 @@
</build>
</profile>
+ <!-- OWASP Dependency Vulnerability Scanner Profile -->
+ <profile>
+ <id>owasp</id>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.owasp</groupId>
+ <artifactId>dependency-check-maven</artifactId>
+ <executions>
+ <execution>
+ <goals>
+ <goal>check</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
+ </profile>
+
</profiles>
</project>
http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/a0a5ab8d/src/owasp/suppression.xml
----------------------------------------------------------------------
diff --git a/src/owasp/suppression.xml b/src/owasp/suppression.xml
new file mode 100644
index 0000000..3c1ace7
--- /dev/null
+++ b/src/owasp/suppression.xml
@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.1.xsd">
+ <!-- Suppress OWASP warnings about openldap serverside vulnerabilities, not applicable here. -->
+ <suppress>
+ <notes><![CDATA[
+ file name: accelerator-api-1.0-RC41.jar
+ ]]></notes>
+ <gav regex="true">^org\.openldap:accelerator-api:.*$</gav>
+ <cpe>cpe:/a:openldap:openldap</cpe>
+ </suppress>
+ <suppress>
+ <notes><![CDATA[
+ file name: accelerator-impl-1.0-RC41.jar
+ ]]></notes>
+ <gav regex="true">^org\.openldap:accelerator-impl:.*$</gav>
+ <cpe>cpe:/a:openldap:openldap</cpe>
+ </suppress>
+</suppressions>
\ No newline at end of file