You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mina.apache.org by lg...@apache.org on 2018/08/05 17:29:21 UTC
mina-sshd git commit: [SSHD-837] Added OWASP vulnerabilities Maven
plugin check (as profile)
Repository: mina-sshd
Updated Branches:
refs/heads/master 9715c34fd -> 5ac66a844
[SSHD-837] Added OWASP vulnerabilities Maven plugin check (as profile)
Project: http://git-wip-us.apache.org/repos/asf/mina-sshd/repo
Commit: http://git-wip-us.apache.org/repos/asf/mina-sshd/commit/5ac66a84
Tree: http://git-wip-us.apache.org/repos/asf/mina-sshd/tree/5ac66a84
Diff: http://git-wip-us.apache.org/repos/asf/mina-sshd/diff/5ac66a84
Branch: refs/heads/master
Commit: 5ac66a8442e71ab3b739d1ab2e488e18ab4be18c
Parents: 9715c34
Author: Lyor Goldstein <ly...@gmail.com>
Authored: Sun Aug 5 20:33:23 2018 +0300
Committer: Lyor Goldstein <ly...@gmail.com>
Committed: Sun Aug 5 20:33:57 2018 +0300
----------------------------------------------------------------------
pom.xml | 30 ++++++++++++++++++++++++++++++
sshd-owasp-suppressions.xml | 12 ++++++++++++
2 files changed, 42 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/5ac66a84/pom.xml
----------------------------------------------------------------------
diff --git a/pom.xml b/pom.xml
index e9bb41a..fb2bde9 100644
--- a/pom.xml
+++ b/pom.xml
@@ -156,6 +156,36 @@
</build>
</profile>
<profile>
+ <!-- mvn -Powasp verify -->
+ <id>owasp</id>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.owasp</groupId>
+ <artifactId>dependency-check-maven</artifactId>
+ <version>3.3.0</version>
+ <!-- see https://jeremylong.github.io/DependencyCheck/dependency-check-maven/configuration.html -->
+ <configuration>
+ <!-- see https://github.com/jeremylong/DependencyCheck/issues/1394 -->
+ <retireJsAnalyzerEnabled>false</retireJsAnalyzerEnabled>
+ <suppressionFiles>
+ <suppressionFile>${workspace.root.dir}${file.separator}sshd-owasp-suppressions.xml</suppressionFile>
+ </suppressionFiles>
+ </configuration>
+ <executions>
+ <execution>
+ <id>run-owasp-dependency-check</id>
+ <!-- Note: phase must be AFTER detection of workspace root dir -->
+ <goals>
+ <goal>check</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
+ </profile>
+ <profile>
<id>javac-errorprone</id>
<build>
<plugins>
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/5ac66a84/sshd-owasp-suppressions.xml
----------------------------------------------------------------------
diff --git a/sshd-owasp-suppressions.xml b/sshd-owasp-suppressions.xml
new file mode 100644
index 0000000..6f6078b
--- /dev/null
+++ b/sshd-owasp-suppressions.xml
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.1.xsd">
+ <suppress>
+ <notes>
+ <![CDATA[
+ file name: tomcat-apr-5.5.23.jar
+ ]]>
+ </notes>
+ <gav regex="true">^tomcat:tomcat-apr:.*$</gav>
+ <cpe>cpe:/a:apache:tomcat</cpe>
+ </suppress>
+</suppressions>
\ No newline at end of file