You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@nutch.apache.org by GitBox <gi...@apache.org> on 2021/01/11 11:37:40 UTC

[GitHub] [nutch] sebastian-nagel commented on a change in pull request #561: NUTCH-2840 Fix 'report-vulnerabilities' ant target in build.xml

sebastian-nagel commented on a change in pull request #561:
URL: https://github.com/apache/nutch/pull/561#discussion_r554980570



##########
File path: build.xml
##########
@@ -639,24 +641,38 @@
   </target>
 
   <!-- Check dependencies for security vulnerabilities                                    -->
-  <!-- requires installation of OWASP dependency check tool, see                          -->
-  <!--   https://jeremylong.github.io/DependencyCheck/dependency-check-ant/index.html     -->
-  <!-- get http://dl.bintray.com/jeremy-long/owasp/dependency-check-ant-3.3.2-release.zip -->
-  <!-- and unzip in directory ./ivy/                                                      -->
-  <path id="dependency-check.path">
-    <pathelement location="${dependency-check.home}/dependency-check-ant.jar"/>
-    <fileset dir="${dependency-check.home}/lib" erroronmissingdir="false">
+  <target name="dependency-check-ant-download" description="--> download dependency-check-ant jar">
+    <available file="${dependency-check-ant.jar}" property="dependency-check-ant.jar.found"/>
+    <antcall target="dependency-check-ant-download-unchecked"/>
+  </target>
+
+  <target name="dependency-check-ant-download-unchecked" unless="dependency-check-ant.jar.found"
+          description="--> downloads the dependency-check-ant binary (dependency-check-ant-*.zip).">
+    <get src="https://github.com/jeremylong/DependencyCheck/releases/download/v${dependency-check-ant.version}/dependency-check-ant-${dependency-check-ant.version}-release.zip"
+         dest="${ivy.dir}/dependency-check-ant-${dependency-check-ant.version}-release.zip" usetimestamp="false" />
+
+    <unzip src="${dependency-check-ant.home}/dependency-check-ant-${dependency-check-ant.version}-release.zip"

Review comment:
       The parameter `src` should be `${ivy.dir}/dependency-check-ant-${dependency-check-ant.version}-release.zip` - same as download destination and file to be deleted later.




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org