]> source.dussan.org Git - sonarqube.git/commitdiff
projects / sonarqube.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 215f840)
Fix frontend dependency audit tasks
authorPhilippe Perrin <philippe.perrin@sonarsource.com>
Fri, 24 Sep 2021 12:58:58 +0000 (14:58 +0200)
committersonartech <sonartech@sonarsource.com>
Mon, 27 Sep 2021 20:03:43 +0000 (20:03 +0000)
server/sonar-docs/build.gradle patch | blob | history
server/sonar-web/build.gradle patch | blob | history

diff --git a/server/sonar-docs/build.gradle b/server/sonar-docs/build.gradle
index d0fc7a471b9d69fcfb725f007a0c6e3c05ca4537..0a60cb45dd573f16375ca54afddfc6efc87ee307 100644 (file)
--- a/server/sonar-docs/build.gradle
+++ b/server/sonar-docs/build.gradle
@@ -98,10 +98,10 @@ clean.dependsOn(cleanYarn_run)
 }
 
 // Check for known vulnerabilities
-yarn_audit {
+task dependency_audit(type: Exec) {
   inputs.file('package.json')
   outputs.cacheIf { false }
-  args = ['--groups', 'dependencies', '--level', 'high']
+  commandLine 'yarn', 'npm', 'audit', '--environment', 'production', '--severity', 'high'
   ignoreExitValue = true
   dependsOn(yarn)
 }
diff --git a/server/sonar-web/build.gradle b/server/sonar-web/build.gradle
index 7719430179623dd7c39e28b17e3ea0e9fe932ddb..3987f4f2679d4384946a036ee5b56146f83a10c9 100644 (file)
--- a/server/sonar-web/build.gradle
+++ b/server/sonar-web/build.gradle
@@ -55,10 +55,10 @@ build.dependsOn(yarn_run)
 }
 
 // Check for known vulnerabilities
-yarn_audit {
+task dependency_audit(type: Exec) {
   inputs.file('package.json')
   outputs.cacheIf { false }
-  args = ['--groups', 'dependencies', '--level', 'high']
+  commandLine 'yarn', 'npm', 'audit', '--environment', 'production', '--severity', 'high'
   ignoreExitValue = true
   dependsOn(yarn)
 }
Continuous Inspection: https://github.com/SonarSource/sonarqube