You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2018/08/13 14:43:17 UTC
[cxf] 02/06: CXF-7809 - Adding owasp dependency plugin checks
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/cxf.git
commit 9db243c1aa44732996514200b490eb63683540b4
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Mon Aug 13 12:34:36 2018 +0100
CXF-7809 - Adding owasp dependency plugin checks
---
pom.xml | 30 ++++++++++++++++++++++++++++++
1 file changed, 30 insertions(+)
diff --git a/pom.xml b/pom.xml
index de103ca..7c97707 100644
--- a/pom.xml
+++ b/pom.xml
@@ -45,6 +45,7 @@
<cxf.jdk.version>1.8</cxf.jdk.version>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<site.deploy.url>scp://people.apache.org/www/cxf.apache.org/maven-site</site.deploy.url>
+ <maven-owasp-plugin-version>3.3.1</maven-owasp-plugin-version>
</properties>
<distributionManagement>
<repository>
@@ -406,6 +407,17 @@
</plugins>
</build>
</profile>
+ <profile>
+ <id>dependencycheck</id>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.owasp</groupId>
+ <artifactId>dependency-check-maven</artifactId>
+ </plugin>
+ </plugins>
+ </build>
+ </profile>
</profiles>
<build>
<defaultGoal>install</defaultGoal>
@@ -674,6 +686,19 @@
</rules>
</configuration>
</plugin>
+ <plugin>
+ <groupId>org.owasp</groupId>
+ <artifactId>dependency-check-maven</artifactId>
+ <version>${maven-owasp-plugin-version}</version>
+ <executions>
+ <execution>
+ <phase>validate</phase>
+ <goals>
+ <goal>check</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
</plugins>
</pluginManagement>
<plugins>
@@ -719,6 +744,11 @@
</reportSet>
</reportSets>
</plugin>
+ <plugin>
+ <groupId>org.owasp</groupId>
+ <artifactId>dependency-check-maven</artifactId>
+ <version>${maven-owasp-plugin-version}</version>
+ </plugin>
</plugins>
</reporting>
</project>