You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@zookeeper.apache.org by an...@apache.org on 2019/01/31 09:41:33 UTC
[zookeeper] branch branch-3.4 updated: ZOOKEEPER-3256: Enable OWASP
checks to Maven build
This is an automated email from the ASF dual-hosted git repository.
andor pushed a commit to branch branch-3.4
in repository https://gitbox.apache.org/repos/asf/zookeeper.git
The following commit(s) were added to refs/heads/branch-3.4 by this push:
new 4d44517 ZOOKEEPER-3256: Enable OWASP checks to Maven build
4d44517 is described below
commit 4d4451755f3e15ad547366d76fac47bd7ab841c4
Author: Enrico Olivelli <eo...@apache.org>
AuthorDate: Thu Jan 31 10:41:29 2019 +0100
ZOOKEEPER-3256: Enable OWASP checks to Maven build
Author: Enrico Olivelli <eo...@apache.org>
Reviewers: andor@apache.org
Closes #791 from eolivelli/fix/owasp-34
---
build.xml | 4 ++--
pom.xml | 16 ++++++++++++++++
2 files changed, 18 insertions(+), 2 deletions(-)
diff --git a/build.xml b/build.xml
index 57de37a..d89ab92 100644
--- a/build.xml
+++ b/build.xml
@@ -56,7 +56,7 @@ xmlns:cs="antlib:com.puppycrawl.tools.checkstyle">
<property name="apache-rat-tasks.version" value="0.6"/>
<property name="commons-lang.version" value="2.4"/>
- <property name="dependency-check-ant.version" value="3.2.1"/>
+ <property name="dependency-check-ant.version" value="4.0.2"/>
<property name="hamcrest.version" value="1.3"/>
@@ -1757,7 +1757,7 @@ xmlns:cs="antlib:com.puppycrawl.tools.checkstyle">
<target name="owasp" depends="owasp-taskdef,ivy-retrieve" description="OWASP dependency check">
<property name="owasp.out.dir" value="${test.java.build.dir}/owasp" />
-
+ <owasp:dependency-check-update xmlns:owasp="antlib:org.owasp.dependencycheck.anttasks" />
<owasp:dependency-check xmlns:owasp="antlib:org.owasp.dependencycheck.anttasks"
projectname="ZooKeeper"
reportoutputdirectory="${owasp.out.dir}"
diff --git a/pom.xml b/pom.xml
index 9738eb1..4518c0b 100755
--- a/pom.xml
+++ b/pom.xml
@@ -726,6 +726,11 @@
<excludeFilterFile>excludeFindBugsFilter.xml</excludeFilterFile>
</configuration>
</plugin>
+ <plugin>
+ <groupId>org.owasp</groupId>
+ <artifactId>dependency-check-maven</artifactId>
+ <version>4.0.2</version>
+ </plugin>
</plugins>
</pluginManagement>
@@ -757,6 +762,17 @@
<groupId>com.github.spotbugs</groupId>
<artifactId>spotbugs-maven-plugin</artifactId>
</plugin>
+ <plugin>
+ <groupId>org.owasp</groupId>
+ <artifactId>dependency-check-maven</artifactId>
+ <configuration>
+ <format>ALL</format>
+ <failBuildOnCVSS>0</failBuildOnCVSS>
+ <suppressionFiles>
+ <suppressionsFile>owaspSuppressions.xml</suppressionsFile>
+ </suppressionFiles>
+ </configuration>
+ </plugin>
</plugins>
</build>