You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@myfaces.apache.org by lo...@apache.org on 2016/02/18 14:08:33 UTC

svn commit: r1731064 - in /myfaces/tobago/branches/tobago-3.0.x: ./ pom.xml

Author: lofwyr
Date: Thu Feb 18 13:08:33 2016
New Revision: 1731064

URL: http://svn.apache.org/viewvc?rev=1731064&view=rev
Log:
Merged from trunk
TOBAGO-1532: Adding CVE check of OWASP to the release process [from revision 1731054]
TOBAGO-1532: Adding CVE check of OWASP to the release process
* define a (hard) score [from revision 1731057]

Modified:
    myfaces/tobago/branches/tobago-3.0.x/   (props changed)
    myfaces/tobago/branches/tobago-3.0.x/pom.xml

Propchange: myfaces/tobago/branches/tobago-3.0.x/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Thu Feb 18 13:08:33 2016
@@ -1,3 +1,3 @@
 /myfaces/tobago/branches/tobago-1.5.x:1356585,1357124
 /myfaces/tobago/branches/tobago-tree-table:1226794-1341423
-/myfaces/tobago/trunk:1571193,1571804,1571816,1571941,1571945,1571962,1571966,1576730,1589960,1591854,1600239,1600818,1601860,1602151,1602154,1602343,1604224,1606201,1607642,1609696-1609697,1609718,1610942,1610948,1610970,1610989,1611011,1611259,1611264,1611276,1611329,1611338-1611339,1611571,1613015,1613032,1614827,1614853,1615053,1615114,1615121,1617310,1619789,1621101,1621107,1621134,1621156,1621264,1621282,1621332,1622222,1622243,1622508,1623934,1624033,1625968,1625972,1626270,1628899,1628953,1636842,1636911,1640117,1640147,1640541,1640548,1640638,1640761,1640917,1641575,1641635,1641772,1641775,1641777,1656502,1656507,1657180,1657269,1657276,1657279,1658343,1658909,1658912,1659026,1659031,1660696,1660699,1660708,1660714,1665486,1665521,1665549,1665569-1665570,1666464,1667304,1667306-1667307,1667309,1668147,1668153,1668249,1675330,1675565,1675584,1675588-1675589,1675636,1676030,1676035,1676038,1679031,1680197,1681981,1682187,1682448,1682545,1682548,1683231,1683306,1683373,1683664
 ,1686204,1687354,1693426,1696720,1698292,1698297,1700742,1700795,1701249,1701251,1701256,1701980,1709006,1725894,1726691,1726986,1727161,1731050-1731051
+/myfaces/tobago/trunk:1571193,1571804,1571816,1571941,1571945,1571962,1571966,1576730,1589960,1591854,1600239,1600818,1601860,1602151,1602154,1602343,1604224,1606201,1607642,1609696-1609697,1609718,1610942,1610948,1610970,1610989,1611011,1611259,1611264,1611276,1611329,1611338-1611339,1611571,1613015,1613032,1614827,1614853,1615053,1615114,1615121,1617310,1619789,1621101,1621107,1621134,1621156,1621264,1621282,1621332,1622222,1622243,1622508,1623934,1624033,1625968,1625972,1626270,1628899,1628953,1636842,1636911,1640117,1640147,1640541,1640548,1640638,1640761,1640917,1641575,1641635,1641772,1641775,1641777,1656502,1656507,1657180,1657269,1657276,1657279,1658343,1658909,1658912,1659026,1659031,1660696,1660699,1660708,1660714,1665486,1665521,1665549,1665569-1665570,1666464,1667304,1667306-1667307,1667309,1668147,1668153,1668249,1675330,1675565,1675584,1675588-1675589,1675636,1676030,1676035,1676038,1679031,1680197,1681981,1682187,1682448,1682545,1682548,1683231,1683306,1683373,1683664
 ,1686204,1687354,1693426,1696720,1698292,1698297,1700742,1700795,1701249,1701251,1701256,1701980,1709006,1725894,1726691,1726986,1727161,1731050-1731051,1731054,1731057

Modified: myfaces/tobago/branches/tobago-3.0.x/pom.xml
URL: http://svn.apache.org/viewvc/myfaces/tobago/branches/tobago-3.0.x/pom.xml?rev=1731064&r1=1731063&r2=1731064&view=diff
==============================================================================
--- myfaces/tobago/branches/tobago-3.0.x/pom.xml (original)
+++ myfaces/tobago/branches/tobago-3.0.x/pom.xml Thu Feb 18 13:08:33 2016
@@ -976,6 +976,15 @@
           <artifactId>versions-maven-plugin</artifactId>
           <version>2.1</version>
         </plugin>
+        <plugin>
+          <groupId>org.owasp</groupId>
+          <artifactId>dependency-check-maven</artifactId>
+          <version>1.3.4</version>
+          <configuration>
+            <!-- TBD: check which score can be accepted -->
+            <failBuildOnCVSS>1</failBuildOnCVSS>
+          </configuration>
+        </plugin>
       </plugins>
     </pluginManagement>
   </build>
@@ -1066,6 +1075,18 @@
                 </goals>
               </execution>
             </executions>
+          </plugin>
+
+          <plugin>
+            <groupId>org.owasp</groupId>
+            <artifactId>dependency-check-maven</artifactId>
+            <executions>
+              <execution>
+                <goals>
+                  <goal>aggregate</goal>
+                </goals>
+              </execution>
+            </executions>
           </plugin>
 
           <plugin>