You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@struts.apache.org by lu...@apache.org on 2017/10/22 09:38:37 UTC
[struts] branch master updated: Defines a new profile to check
missing dependencies
This is an automated email from the ASF dual-hosted git repository.
lukaszlenart pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/struts.git
The following commit(s) were added to refs/heads/master by this push:
new 8817c50 Defines a new profile to check missing dependencies
8817c50 is described below
commit 8817c508c59acaea75c1b4588b6909c3a5662eee
Author: Lukasz Lenart <lu...@apache.org>
AuthorDate: Sun Oct 22 11:38:27 2017 +0200
Defines a new profile to check missing dependencies
---
pom.xml | 42 +++++++++++++++++++++++++++++++++++++++++-
1 file changed, 41 insertions(+), 1 deletion(-)
diff --git a/pom.xml b/pom.xml
index 84f2af7..0eacc4e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -129,6 +129,25 @@
</modules>
</profile>
<profile>
+ <id>dependency-check</id>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.owasp</groupId>
+ <artifactId>dependency-check-maven</artifactId>
+ <executions>
+ <execution>
+ <phase>verify</phase>
+ <goals>
+ <goal>check</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
+ </profile>
+ <profile>
<id>jdk8</id>
<activation>
<jdk>1.8</jdk>
@@ -254,8 +273,19 @@
</excludes>
</configuration>
</plugin>
+ <plugin>
+ <groupId>org.owasp</groupId>
+ <artifactId>dependency-check-maven</artifactId>
+ <version>3.0.1</version>
+ <configuration>
+ <failBuildOnCVSS>8</failBuildOnCVSS>
+ <skipProvidedScope>true</skipProvidedScope>
+ <skipRuntimeScope>true</skipRuntimeScope>
+ </configuration>
+ </plugin>
</plugins>
</pluginManagement>
+
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
@@ -358,7 +388,17 @@
<plugin>
<groupId>org.apache.rat</groupId>
<artifactId>apache-rat-plugin</artifactId>
- <version>0.12</version>
+ </plugin>
+ <plugin>
+ <groupId>org.owasp</groupId>
+ <artifactId>dependency-check-maven</artifactId>
+ <reportSets>
+ <reportSet>
+ <reports>
+ <report>aggregate</report>
+ </reports>
+ </reportSet>
+ </reportSets>
</plugin>
</plugins>
</reporting>
--
To stop receiving notification emails like this one, please contact
['"commits@struts.apache.org" <co...@struts.apache.org>'].