From: Philippe Perrin <philippe.perrin@sonarsource.com>
Date: Fri, 24 Sep 2021 12:58:58 +0000 (+0200)
Subject: Fix frontend dependency audit tasks
X-Git-Tag: 9.2.0.49834~201
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=4764c30e61f0213b9683339bc167e7d3e46d1046;p=sonarqube.git

Fix frontend dependency audit tasks
---

diff --git a/server/sonar-docs/build.gradle b/server/sonar-docs/build.gradle
index d0fc7a471b9..0a60cb45dd5 100644
--- a/server/sonar-docs/build.gradle
+++ b/server/sonar-docs/build.gradle
@@ -98,10 +98,10 @@ clean.dependsOn(cleanYarn_run)
 }
 
 // Check for known vulnerabilities
-yarn_audit {
+task dependency_audit(type: Exec) {
   inputs.file('package.json')
   outputs.cacheIf { false }
-  args = ['--groups', 'dependencies', '--level', 'high']
+  commandLine 'yarn', 'npm', 'audit', '--environment', 'production', '--severity', 'high'
   ignoreExitValue = true
   dependsOn(yarn)
 }
diff --git a/server/sonar-web/build.gradle b/server/sonar-web/build.gradle
index 77194301796..3987f4f2679 100644
--- a/server/sonar-web/build.gradle
+++ b/server/sonar-web/build.gradle
@@ -55,10 +55,10 @@ build.dependsOn(yarn_run)
 }
 
 // Check for known vulnerabilities
-yarn_audit {
+task dependency_audit(type: Exec) {
   inputs.file('package.json')
   outputs.cacheIf { false }
-  args = ['--groups', 'dependencies', '--level', 'high']
+  commandLine 'yarn', 'npm', 'audit', '--environment', 'production', '--severity', 'high'
   ignoreExitValue = true
   dependsOn(yarn)
 }