mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
30318 Commits
59 Branches
Tree: fa08891221
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'fa08891221'
${ noResults }
sonarqube/build.gradle

build.gradle 25KB
Raw Normal View History

Gradle scripts should use `plugins` block It was de-incubated (promoted) in Gradle 5.0 and in particular it can't contain duplicate IDs.
4 years ago
Upgrade Gradle plugins
3 years ago
Gradle scripts should use `plugins` block It was de-incubated (promoted) in Gradle 5.0 and in particular it can't contain duplicate IDs.
4 years ago
Upgrade Gradle plugins
3 years ago
BUILD Switch time tracker plugin. The recent used time tracker plugin is not maintained anymore and it is using gradle features, which will be removed in the next versions.
3 years ago
SONAR-13905 enable OWASP Dependency Check tool
3 years ago
Gradle scripts should use `plugins` block It was de-incubated (promoted) in Gradle 5.0 and in particular it can't contain duplicate IDs.
4 years ago
Move To Gradle
6 years ago
SONAR-11268 replace Jenkins by Cirrus CI
5 years ago
BUILD Switch time tracker plugin. The recent used time tracker plugin is not maintained anymore and it is using gradle features, which will be removed in the next versions.
3 years ago
SONAR-11268 replace Jenkins by Cirrus CI
5 years ago
Build with Java 11
5 years ago
SONAR-13905 enable OWASP Dependency Check tool
3 years ago
Move OWASP suppression files to private folder
3 years ago
SONAR-13905 enable OWASP Dependency Check tool
3 years ago
Move To Gradle
6 years ago
SONAR-12665 gradle.properties must not contain -SNAPSHOT anymore because any build of SonarQube must now be releasable however, -SNAPSHOT should still be used as version when no buildNumber is provided (ie. on local builds) and as the projectVersion of the project analyzed on Next
4 years ago
Fix project versioning
6 years ago
SONAR-12665 gradle.properties must not contain -SNAPSHOT anymore because any build of SonarQube must now be releasable however, -SNAPSHOT should still be used as version when no buildNumber is provided (ie. on local builds) and as the projectVersion of the project analyzed on Next
4 years ago
Move To Gradle
6 years ago
BUILD-630 Generate javadoc ad sources jars with Gradle only on release branches
6 years ago
Move To Gradle
6 years ago
SONAR-11268 replace Jenkins by Cirrus CI
5 years ago
Move To Gradle
6 years ago
Fix configuration of Artifactory in QA tests (#400)
6 years ago
Fix Gradle build without credentials
6 years ago
Move To Gradle
6 years ago
BUILD Fix unauthorized builds with artifactory repo Due to a misbehavior in artifactory, the wrong http status code is returned and the build will stop immediately. This happens if you access a virtual repository which contains a repository which requires authentication. As a workaround a virtual repository is used, which does not include non-public repositories. https://www.jfrog.com/jira/browse/RTFACT-13797
3 years ago
Move To Gradle
6 years ago
BUILD Fix unauthorized builds with artifactory repo Due to a misbehavior in artifactory, the wrong http status code is returned and the build will stop immediately. This happens if you access a virtual repository which contains a repository which requires authentication. As a workaround a virtual repository is used, which does not include non-public repositories. https://www.jfrog.com/jira/browse/RTFACT-13797
3 years ago
Move To Gradle
6 years ago
SONAR-13155 add Gradle command to list all dependency trees `./gradlew allDependencies` lists the trees of dependencies of all subprojects. This is convenient when investigating the impacts of a dependency upgrade.
4 years ago
Fix the upgrade of the Gradle Artifactory plugin to 4.15.1 The configuration of private subprojects must be fixed in order to correct set the properties like "build.name" on private artifacts.
4 years ago
Move To Gradle
6 years ago
SONAR-12665 gradle.properties must not contain -SNAPSHOT anymore because any build of SonarQube must now be releasable however, -SNAPSHOT should still be used as version when no buildNumber is provided (ie. on local builds) and as the projectVersion of the project analyzed on Next
4 years ago
Move To Gradle
6 years ago
Document and upgrade Gradle plugins
5 years ago
Move To Gradle
6 years ago
Document how to open project in IDE
6 years ago
Clean deps
4 years ago
Move To Gradle
6 years ago
fix SonarQube scanner not picking Java language version
4 years ago
Move To Gradle
6 years ago
enable testFixtures plugin only on projects with testFixtures source
4 years ago
Move To Gradle
6 years ago
SONAR-13155 upgrade protobuf-java from 3.10 to 3.11.4 No major changes https://github.com/protocolbuffers/protobuf/releases
4 years ago
Move To Gradle
6 years ago
SONAR-12665 format dependencyManagement of bundled plugins 1/ put in alphabetical order 2/ remove use of variables for version to be compatible with bot update 3/ add identifier comment and repositories for bot update
4 years ago
do not use variable for bundled plugin version
4 years ago
SONAR-12665 format dependencyManagement of bundled plugins 1/ put in alphabetical order 2/ remove use of variables for version to be compatible with bot update 3/ add identifier comment and repositories for bot update
4 years ago
SONAR-14174, SONAR-14150, SONAR-14148, SONAR-14151, SONAR-14163, SONAR-14164, SONAR-14149, SONAR-14153, SONAR-14152, SONAR-14173, SONAR-14174 Language plugin upgrade for 8.6.
3 years ago
SONAR-14001 SONAR-14010 SONAR-14030 SONAR-14032 SONAR-14050 SONAR-14052 SONAR-14053 SONAR-14054 SONAR-14055 SONAR-14056 Upgrade analyzers
3 years ago
SONAR-14219,SONAR-14217,SONAR-14209,SONAR-14220 Upgrade analyzer plugin
3 years ago
SONAR-12665 format dependencyManagement of bundled plugins 1/ put in alphabetical order 2/ remove use of variables for version to be compatible with bot update 3/ add identifier comment and repositories for bot update
4 years ago
SONAR-14174, SONAR-14150, SONAR-14148, SONAR-14151, SONAR-14163, SONAR-14164, SONAR-14149, SONAR-14153, SONAR-14152, SONAR-14173, SONAR-14174 Language plugin upgrade for 8.6.
3 years ago
SONAR-14001 SONAR-14010 SONAR-14030 SONAR-14032 SONAR-14050 SONAR-14052 SONAR-14053 SONAR-14054 SONAR-14055 SONAR-14056 Upgrade analyzers
3 years ago
SONAR-13944 Upgrade RPG analyzer
3 years ago
SONAR-14219,SONAR-14217,SONAR-14209,SONAR-14220 Upgrade analyzer plugin
3 years ago
SONAR-14174, SONAR-14150, SONAR-14148, SONAR-14151, SONAR-14163, SONAR-14164, SONAR-14149, SONAR-14153, SONAR-14152, SONAR-14173, SONAR-14174 Language plugin upgrade for 8.6.
3 years ago
SONAR-13937 Upgrade sonar-css to 1.3.1.1642
3 years ago
SONAR-14174, SONAR-14150, SONAR-14148, SONAR-14151, SONAR-14163, SONAR-14164, SONAR-14149, SONAR-14153, SONAR-14152, SONAR-14173, SONAR-14174 Language plugin upgrade for 8.6.
3 years ago
SONAR-13931 SONAR-13932 SONAR-13933 Upgrade analyzers for java, php and flex
3 years ago
SONAR-14174, SONAR-14150, SONAR-14148, SONAR-14151, SONAR-14163, SONAR-14164, SONAR-14149, SONAR-14153, SONAR-14152, SONAR-14173, SONAR-14174 Language plugin upgrade for 8.6.
3 years ago
SONAR-13325 Update sonar-jacoco to latest release
4 years ago
SONAR-13931 SONAR-13932 SONAR-13933 Upgrade analyzers for java, php and flex
3 years ago
SONAR-14252 Upgade language analyzer.
3 years ago
SONAR-14219,SONAR-14217,SONAR-14209,SONAR-14220 Upgrade analyzer plugin
3 years ago
SONAR-13829 Upgrade Python analyzer to 3.1.0.7619
3 years ago
SONAR-14174, SONAR-14150, SONAR-14148, SONAR-14151, SONAR-14163, SONAR-14164, SONAR-14149, SONAR-14153, SONAR-14152, SONAR-14173, SONAR-14174 Language plugin upgrade for 8.6.
3 years ago
SONAR-12665 format dependencyManagement of bundled plugins 1/ put in alphabetical order 2/ remove use of variables for version to be compatible with bot update 3/ add identifier comment and repositories for bot update
4 years ago
Move To Gradle
6 years ago
SONAR-13155 Upgrade various test dependencies
4 years ago
SONAR-13155 Upgrade commons-dbutils fron 1.5 to 1.7 even if it's used only by unit tests
4 years ago
SONAR-13905 upgrade common-io version
3 years ago
Move To Gradle
6 years ago
SONAR-13991 Fix SSF-128
3 years ago
Upgrade Jackson Dataformat dependencies to 2.10.4
4 years ago
SONARCLOUD-45 Advertise featured projects on SonarCloud * Update code to use the new homepage.json file * Update fields name * Add business metric project_public_projects * Add business metric project_public_loc * generator of JSON input for SonarCloud homepage * add generator zip to burgr * add integration test * rename "7dNewPullRequests" to "newPullRequests7d" * Use new 'newPullRequests7d' field
5 years ago
SONAR-13155 Upgrade scribejava from 6.8.1 to 6.9.0 This new version mainly apply bug-fixes by upgrading dependencies: https://github.com/scribejava/scribejava/compare/scribejava-6.8.1...scribejava-6.9.0
4 years ago
SONAR-13155 add a comment about lib diffutils
4 years ago
Move To Gradle
6 years ago
SONAR-13155 upgrade gson from 2.8.5 to 2.8.6 No major changes https://github.com/google/gson/blob/master/CHANGELOG.md
4 years ago
SONAR-13155 clean-up Guava transitive dependencies See https://github.com/google/guava/wiki/UseGuavaInYourBuild#what-about-guavas-own-dependencies
4 years ago
Move To Gradle
6 years ago
SONAR-13155 Add comment about instability of H2 1.4.200
4 years ago
SONAR-12701 upgrade H2 from 1.3 to 1.4
4 years ago
SONAR-13905 upgrade Hazelcast from 3.12.7 to 3.12.9 to mitigate the vulnerabilities brought by the bundled jackson-core dependency. The release notes of 3.12.8 and 3.12.9 highlights only bug-fixes: https://docs.hazelcast.org/docs/rn/index.html#3-12-9
3 years ago
Move To Gradle
6 years ago
SONAR-13155 upgrade SQLServer driver to 7.4.1 * Supports NTLM authentication mode. * Updated Microsoft Azure Key Vault SDK for Java, version 1.2.1 See https://docs.microsoft.com/en-us/sql/connect/jdbc/release-notes-for-the-jdbc-driver?view=sql-server-ver15#-741
4 years ago
SONAR-13155 use the official Maven coordinates of Oracle driver 'com.oracle.jdbc:ojdbc8' was the coordinates of the artifact manually deployed to SonarSource repository.
4 years ago
upgrade okhttp library version to latest
3 years ago
Move To Gradle
6 years ago
SONAR-13155 upgrade testing dependencies
4 years ago
SONARCLOUD-45 Advertise featured projects on SonarCloud * Update code to use the new homepage.json file * Update fields name * Add business metric project_public_projects * Add business metric project_public_loc * generator of JSON input for SonarCloud homepage * add generator zip to burgr * add integration test * rename "7dNewPullRequests" to "newPullRequests7d" * Use new 'newPullRequests7d' field
5 years ago
Upgrade jjwt to 0.11.2
4 years ago
SONAR-13155 upgrade JWT libs
4 years ago
SONAR-13155 upgrade testing dependencies
4 years ago
SONARCLOUD-644 fix conflict on javax.email
5 years ago
SONAR-13155 upgrade building dependencies
4 years ago
update javax-servlet-api to 3.1.0 this is a forgotten version upgrade. recent version of Tomcat support 3.1.0
4 years ago
Move To Gradle
6 years ago
Update Junit
3 years ago
SONAR-13155 upgrade testing dependencies
4 years ago
SONAR-14033 Refactor storage of applications
3 years ago
Move To Gradle
6 years ago
Clean deps
4 years ago
SONAR-13155 Upgrade various test dependencies
4 years ago
SONAR-12383 Libraries update (bugfixes)
4 years ago
Move To Gradle
6 years ago
SONAR-12383 Libraries update (bugfixes)
4 years ago
SONAR-13992 Upgrade Apache httpclient to 4.5.13
3 years ago
Move To Gradle
6 years ago
[OWASP] Findings of the night * updated tomcat to version 8.5.60
3 years ago
Move To Gradle
6 years ago
SONAR-13155 Upgrade various test dependencies
4 years ago
SONAR-13155 upgrade sonar-channel to 4.2 This project is no longer maintained. V4.2 is the latest, released in 2014. It is probably similar to 4.1 and does not bring changes. The reason is that this lib was a module of the sonarqube repository at that time.
4 years ago
Move To Gradle
6 years ago
SONAR-13155 Upgrade XML parsers
4 years ago
Move To Gradle
6 years ago
SONARCLOUD-82 Do not call muppet when downgrading an inactive org.
6 years ago
Fix Gradle hack to resolve Jetty dependency by upgrading Jetty
6 years ago
SONAR-12686 upgrade es client to 7.9.3 and move to HTTP - add should minimum match eq 1 to user index queries ES 7.X changed behaviour in case filter query with bool it defaults to '0' https://www.elastic.co/guide/en/elasticsearch/reference/7.x/breaking-changes-7.0.html#_the_filter_context_has_been_removed - fix issue index routing param ES 7.X helped discover this bug as new setting has been auto configured which is 'index.number_of_routing_shards'. This has changed how documents are distributed across shards depending on how many shards the index has. Without that change issues docs has been incorrectly routed to the same shard hash as projects and it worked no matter what routing key you used projectUuid or auth_projectUuid. - update ngram and edge_ngram names to match with es 7.x nGram and edgeNgram has been deprecated in favour of ngram and edge_ngram https://www.elastic.co/guide/en/elasticsearch/reference/current/breaking-changes-7.0.html#deprecated-ngram-edgengram-token-filter-cannot-be-used - remove `_all : enabled` usage from UT This field was already deprecated in 6.X, now it has been removed. https://www.elastic.co/guide/en/elasticsearch/reference/current/breaking-changes-7.0.html#all-meta-field-removed - add Elasticsearch High Level REST client dependency - use sonar.search.port for ES HTTP - main process use ES Rest client to check ES status - sonar.cluster.search.hosts has HTTP ports on APP nodes also sonar.search.port and sonar.search.host MUST be configured on each Search node with the host and HTTP port of the current node - use Elasticsearch high level rest client - use in EsTester - use as primary es client - use indices api to get all indices name instead of cluster api - use cluster health api to check cluster state - support raw requests for 'nodes/_stats' and '_cluster/stats' - support raw requests for 'indices/_stats' - leave netty4plugin as testCompile dependency it is used in UTs - all ES non-test calls go through EsClient class - add rest client ES profiling
4 years ago
Move To Gradle
6 years ago
SONAR-12686 upgrade es client to 7.9.3 and move to HTTP - add should minimum match eq 1 to user index queries ES 7.X changed behaviour in case filter query with bool it defaults to '0' https://www.elastic.co/guide/en/elasticsearch/reference/7.x/breaking-changes-7.0.html#_the_filter_context_has_been_removed - fix issue index routing param ES 7.X helped discover this bug as new setting has been auto configured which is 'index.number_of_routing_shards'. This has changed how documents are distributed across shards depending on how many shards the index has. Without that change issues docs has been incorrectly routed to the same shard hash as projects and it worked no matter what routing key you used projectUuid or auth_projectUuid. - update ngram and edge_ngram names to match with es 7.x nGram and edgeNgram has been deprecated in favour of ngram and edge_ngram https://www.elastic.co/guide/en/elasticsearch/reference/current/breaking-changes-7.0.html#deprecated-ngram-edgengram-token-filter-cannot-be-used - remove `_all : enabled` usage from UT This field was already deprecated in 6.X, now it has been removed. https://www.elastic.co/guide/en/elasticsearch/reference/current/breaking-changes-7.0.html#all-meta-field-removed - add Elasticsearch High Level REST client dependency - use sonar.search.port for ES HTTP - main process use ES Rest client to check ES status - sonar.cluster.search.hosts has HTTP ports on APP nodes also sonar.search.port and sonar.search.host MUST be configured on each Search node with the host and HTTP port of the current node - use Elasticsearch high level rest client - use in EsTester - use as primary es client - use indices api to get all indices name instead of cluster api - use cluster health api to check cluster state - support raw requests for 'nodes/_stats' and '_cluster/stats' - support raw requests for 'indices/_stats' - leave netty4plugin as testCompile dependency it is used in UTs - all ES non-test calls go through EsClient class - add rest client ES profiling
4 years ago
Clean deps
4 years ago
SONAR-12686 upgrade es client to 7.9.3 and move to HTTP - add should minimum match eq 1 to user index queries ES 7.X changed behaviour in case filter query with bool it defaults to '0' https://www.elastic.co/guide/en/elasticsearch/reference/7.x/breaking-changes-7.0.html#_the_filter_context_has_been_removed - fix issue index routing param ES 7.X helped discover this bug as new setting has been auto configured which is 'index.number_of_routing_shards'. This has changed how documents are distributed across shards depending on how many shards the index has. Without that change issues docs has been incorrectly routed to the same shard hash as projects and it worked no matter what routing key you used projectUuid or auth_projectUuid. - update ngram and edge_ngram names to match with es 7.x nGram and edgeNgram has been deprecated in favour of ngram and edge_ngram https://www.elastic.co/guide/en/elasticsearch/reference/current/breaking-changes-7.0.html#deprecated-ngram-edgengram-token-filter-cannot-be-used - remove `_all : enabled` usage from UT This field was already deprecated in 6.X, now it has been removed. https://www.elastic.co/guide/en/elasticsearch/reference/current/breaking-changes-7.0.html#all-meta-field-removed - add Elasticsearch High Level REST client dependency - use sonar.search.port for ES HTTP - main process use ES Rest client to check ES status - sonar.cluster.search.hosts has HTTP ports on APP nodes also sonar.search.port and sonar.search.host MUST be configured on each Search node with the host and HTTP port of the current node - use Elasticsearch high level rest client - use in EsTester - use as primary es client - use indices api to get all indices name instead of cluster api - use cluster health api to check cluster state - support raw requests for 'nodes/_stats' and '_cluster/stats' - support raw requests for 'indices/_stats' - leave netty4plugin as testCompile dependency it is used in UTs - all ES non-test calls go through EsClient class - add rest client ES profiling
4 years ago
SONAR-13937 Fix SSF-126
3 years ago
SONAR-13792 Embed sonar-scm-svn
3 years ago
Move To Gradle
6 years ago
SONAR-13155 upgrade testing dependencies
4 years ago
SONAR-6949 Increase crypted password size
6 years ago
SONAR-13155 upgrade testing dependencies
4 years ago
Move To Gradle
6 years ago
SONAR-14044 update mybatis
3 years ago
SONAR-13155 Upgrade nanohttpd, used by Compute Engine
4 years ago
Move To Gradle
6 years ago
SONAR-13155 upgrade SLF4J
4 years ago
Add missing dependencies in sonar-scanner-engine
6 years ago
Move To Gradle
6 years ago
Add missing dependencies in sonar-scanner-engine
6 years ago
Move To Gradle
6 years ago
SONAR-13980 upgrade postgresql jdbc driver version to 42.2.17
3 years ago
SONAR-13155 Upgrade various test dependencies
4 years ago
Move To Gradle
6 years ago
Update orchestrator version to 3.34 By default this version is disabling force authentication for 8.6 and greater. Also it allows to enable default behaviour, which will be used.
3 years ago
SONAR-12395 Update to sonar-update-center 1.23, handle new download URLs
4 years ago
Move To Gradle
6 years ago
SONAR-13155 upgrade snakeymaml
4 years ago
SONAR-12383 Selenide update to 5.2.3 and Guava update to 28.1-jre
4 years ago
Move To Gradle
6 years ago
SONARCLOUD-644 fix conflict on javax.email
5 years ago
Move To Gradle
6 years ago
Use "--release" javac option also for tests
5 years ago
Move To Gradle
6 years ago
Fix javadoc encoding
5 years ago
Output of "javadoc" build tasks should not depend on build number
5 years ago
Move To Gradle
6 years ago
Improve search for protobuf files in Intellij * Apply protobuf plugin pnly when needed * Exclude protobuf files in generated jar * Fix usage of 'ide' gradle task * Enable protobuf plugin only on relevant modules
5 years ago
Use JaCoCo xml report for coverage (see MMF-1651) (#1526)
5 years ago
SONAR-11268 replace Jenkins by Cirrus CI
5 years ago
Gradle cache key for "test" tasks should not depend on build number Since Gradle 5.0 JaCoCo plugin works with the build cache and parallel test execution, so this change allows to enable build cache for "test" tasks in Cirrus CI.
5 years ago
Improve validation build logging
3 years ago
Move To Gradle
6 years ago
SONAR-11268 replace Jenkins by Cirrus CI
5 years ago
Move To Gradle
6 years ago
SONAR-11268 replace Jenkins by Cirrus CI
5 years ago
Do not disable recording of code coverage in builds outside of CI While this adds little overhead, benefit is that remote Gradle cache entry can be used locally.
5 years ago
SC-795 drop SonarCloud-related modules
5 years ago
SONAR-11268 replace Jenkins by Cirrus CI
5 years ago
Move To Gradle
6 years ago
Improve validation build logging
3 years ago
Move To Gradle
6 years ago
Improve search for protobuf files in Intellij * Apply protobuf plugin pnly when needed * Exclude protobuf files in generated jar * Fix usage of 'ide' gradle task * Enable protobuf plugin only on relevant modules
5 years ago
Move To Gradle
6 years ago
SONAR-12383 Build utility libraries update * protobuf -> 3.10 * and others
4 years ago
Move To Gradle
6 years ago
Improve search for protobuf files in Intellij * Apply protobuf plugin pnly when needed * Exclude protobuf files in generated jar * Fix usage of 'ide' gradle task * Enable protobuf plugin only on relevant modules
5 years ago
Move To Gradle
6 years ago
Mark protobuf Java code as generated in Intellij [skip ci]
5 years ago
Move To Gradle
6 years ago
Improve search for protobuf files in Intellij * Apply protobuf plugin pnly when needed * Exclude protobuf files in generated jar * Fix usage of 'ide' gradle task * Enable protobuf plugin only on relevant modules
5 years ago
Document how to open project in IDE
6 years ago
Upgrade versions of nodejs and yarn and use a consistent version across modules
5 years ago
Replace Gradle plugin 'com.moowork.node' by 'com.github.node-gradle.node' The latter one is actively maintained fork of the not anymore maintained former. In particular the former does not support Gradle 6.x.
4 years ago
Upgrade versions of nodejs and yarn and use a consistent version across modules
5 years ago
Update node version used by gradle
3 years ago
SONAR-13155 add command to run yarn security audit
4 years ago
Upgrade versions of nodejs and yarn and use a consistent version across modules
5 years ago
SONAR-13912 Add owasp_check_task to Cirrus CI.
3 years ago
Upgrade versions of nodejs and yarn and use a consistent version across modules
5 years ago
BUILD-630 Generate javadoc ad sources jars with Gradle only on release branches
6 years ago
Move To Gradle
6 years ago
BUILD-630 Generate javadoc ad sources jars with Gradle only on release branches
6 years ago
Move To Gradle
6 years ago
SONAR-11268 replace Jenkins by Cirrus CI
5 years ago
Move To Gradle
6 years ago
BUILD-612 Implement the check of source headers
6 years ago
Use inclusion list of file suffixes for license check
5 years ago
BUILD-612 Implement the check of source headers
6 years ago
Fix publication
6 years ago
Upgrade Gradle to 6.3
4 years ago
Fix publication
6 years ago
SONAR-11268 replace Jenkins by Cirrus CI
5 years ago
Fix publication
6 years ago
Move To Gradle
6 years ago
Usage of Gradle option "--parallel" should be safe Gradle should not execute several "yarn install" in parallel, because Yarn doesn't support concurrent access to its global cache.
5 years ago
Usage of Gradle option "--parallel" should be safe Gradle should not execute several "yarn install" in parallel, because Yarn doesn't support concurrent access to its global cache. "task1.mustRunAfter(task2)" ordering has an effect only when both tasks are scheduled for execution, however currently task ":private:docs:yarn" is not executed during execution of "gradle build". Therefore "mustRunAfter" should be established between all pairs of "yarn install" tasks to define their total order and to prevent their concurrent execution even in case when one or more of these tasks not scheduled.
4 years ago
Usage of Gradle option "--parallel" should be safe Gradle should not execute several "yarn install" in parallel, because Yarn doesn't support concurrent access to its global cache.
5 years ago
Usage of Gradle option "--parallel" should be safe Gradle should not execute several "yarn install" in parallel, because Yarn doesn't support concurrent access to its global cache. "task1.mustRunAfter(task2)" ordering has an effect only when both tasks are scheduled for execution, however currently task ":private:docs:yarn" is not executed during execution of "gradle build". Therefore "mustRunAfter" should be established between all pairs of "yarn install" tasks to define their total order and to prevent their concurrent execution even in case when one or more of these tasks not scheduled.
4 years ago
Usage of Gradle option "--parallel" should be safe Gradle should not execute several "yarn install" in parallel, because Yarn doesn't support concurrent access to its global cache.
5 years ago
"yarn install" should be executed with option "--frozen-lockfile"
4 years ago
Document and upgrade Gradle plugins
5 years ago
SONAR-13155 do not suggest major upgrades of dependencies
4 years ago
SONAR-13155 upgrade testing dependencies
4 years ago
SONAR-13155 do not suggest major upgrades of dependencies
4 years ago
Document and upgrade Gradle plugins
5 years ago
SONAR-13155 add command to run yarn security audit
4 years ago
SONAR-13155 do not suggest major upgrades of dependencies
4 years ago
Document and upgrade Gradle plugins
5 years ago
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613 
  1. plugins {

  2.   // Ordered alphabeticly

  3.   id 'com.github.ben-manes.versions' version '0.33.0'

  4.   id 'com.github.hierynomus.license' version '0.15.0'

  5.   id 'com.github.johnrengelman.shadow' version '5.2.0' apply false

  6.   id 'com.google.protobuf' version '0.8.12' apply false

  7.   id 'com.jfrog.artifactory' version '4.15.1'

  8.   id 'com.github.node-gradle.node' version '1.5.3' apply false

  9.   id 'io.spring.dependency-management' version '1.0.10.RELEASE'

  10.   id "com.asarkar.gradle.build-time-tracker" version "2.0.4" apply false

  11.   id 'org.owasp.dependencycheck' version '6.0.1'

  12.   id 'org.sonarqube' version '2.8'

  13. }

  14. 

  15. // display a summary of task durations at the end of the build

  16. if (project.hasProperty('time-tracker')) {

  17.   apply plugin: 'com.asarkar.gradle.build-time-tracker'

  18.   buildTimeTracker {

  19.     sort = true

  20.     maxWidth = 80

  21.     minTaskDuration = Duration.ofSeconds(1)

  22.   }

  23. }

  24. 

  25. 

  26. if (!JavaVersion.current().java11Compatible) {

  27.   throw new GradleException("JDK 11+ is required to perform this build. It's currently " + System.getProperty("java.home") + ".")

  28. }

  29. 

  30. apply plugin: 'org.owasp.dependencycheck'

  31. dependencyCheck {

  32.   analyzers {

  33.     assemblyEnabled = false

  34.     autoconfEnabled = false

  35.     bundleAuditEnabled = false

  36.     cmakeEnabled = false

  37.     cocoapodsEnabled = false

  38.     composerEnabled = false

  39.     cocoapodsEnabled = false

  40.     golangDepEnabled = false

  41.     golangModEnabled = false

  42.     nodeAudit {

  43.       skipDevDependencies = true

  44.     }

  45.     nuspecEnabled = false

  46.     nugetconfEnabled = false

  47.     rubygemsEnabled = false

  48.     swiftEnabled = false

  49. 

  50.   }

  51.   format = 'ALL'

  52.   junitFailOnCVSS = 0

  53.   failBuildOnCVSS = 0

  54.   suppressionFiles = ["${project.rootDir}/private/owasp/suppressions.xml", "${project.rootDir}/private/owasp/vulnerabilities.xml"]

  55.   skipProjects = project.subprojects

  56.       .findAll {it.name.contains('testing') ||

  57.           it.name.startsWith('it-') ||

  58.           it.name.contains('-test') ||

  59.           it.name == 'sonar-ws-generator'}

  60.       .collect { it.path }

  61. }

  62. 

  63. allprojects {

  64.   apply plugin: 'com.jfrog.artifactory'

  65.   apply plugin: 'maven-publish'

  66. 

  67.   ext.versionInSources = version

  68.   ext.buildNumber = System.getProperty("buildNumber")

  69.   // when no buildNumber is provided, then project version must end with '-SNAPSHOT'

  70.   if (ext.buildNumber == null) {

  71.       version = "${version}-SNAPSHOT".toString()

  72.       ext.versionWithoutBuildNumber = version

  73.   } else {

  74.       ext.versionWithoutBuildNumber = version

  75.       version = (version.toString().count('.') == 1 ? "${version}.0.${ext.buildNumber}" : "${version}.${ext.buildNumber}").toString()

  76.   }

  77. 

  78.   ext {

  79.     release = project.hasProperty('release') && project.getProperty('release')

  80.     official = project.hasProperty('official') && project.getProperty('official')

  81.   }

  82. 

  83.   repositories {

  84.     def repository = project.hasProperty('qa') ? 'sonarsource-qa' : 'sonarsource'

  85.     maven {

  86.       // The environment variables ARTIFACTORY_PRIVATE_USERNAME and ARTIFACTORY_PRIVATE_PASSWORD are used on QA env (Jenkins)

  87.       // On local box, please add artifactoryUsername and artifactoryPassword to ~/.gradle/gradle.properties

  88.       def artifactoryUsername = System.env.'ARTIFACTORY_PRIVATE_USERNAME' ?: (project.hasProperty('artifactoryUsername') ? project.getProperty('artifactoryUsername') : '')

  89.       def artifactoryPassword = System.env.'ARTIFACTORY_PRIVATE_PASSWORD' ?: (project.hasProperty('artifactoryPassword') ? project.getProperty('artifactoryPassword') : '')

  90.       if (artifactoryUsername && artifactoryPassword) {

  91.         credentials {

  92.           username artifactoryUsername

  93.           password artifactoryPassword

  94.         }

  95.       } else {

  96.         // Workaround for artifactory

  97.         // https://www.jfrog.com/jira/browse/RTFACT-13797

  98.         repository = 'public'

  99.       }

  100.       url "https://repox.jfrog.io/repox/${repository}"

  101.     }

  102.   }

  103. 

  104.   task allDependencies {

  105.     dependsOn 'dependencies'

  106.   }

  107. 

  108.   artifactory {

  109.     clientConfig.setIncludeEnvVars(true)

  110.     clientConfig.setEnvVarsExcludePatterns('*password*,*PASSWORD*,*secret*,*MAVEN_CMD_LINE_ARGS*,sun.java.command,*token*,*TOKEN*,*LOGIN*,*login*,*key*,*KEY*')

  111.     contextUrl = System.getenv('ARTIFACTORY_URL')

  112.     publish {

  113.       repository {

  114.         repoKey = System.getenv('ARTIFACTORY_DEPLOY_REPO')

  115.         username = System.getenv('ARTIFACTORY_DEPLOY_USERNAME') ?: project.properties.artifactoryUsername

  116.         password = System.getenv('ARTIFACTORY_DEPLOY_PASSWORD') ?: project.properties.artifactoryPaswword

  117.       }

  118.       defaults {

  119.         properties = [

  120.             'build.name': 'sonar-enterprise',

  121.             'build.number': System.getenv('BUILD_NUMBER'),

  122.             'pr.branch.target': System.getenv('GITHUB_BASE_BRANCH'),

  123.             'pr.number': System.getenv('PULL_REQUEST'),

  124.             'vcs.branch': System.getenv('GITHUB_BRANCH'),

  125.             'vcs.revision': System.getenv('GIT_SHA1'),

  126.             'version': version

  127.         ]

  128.         publications('mavenJava')

  129.         publishPom = true

  130.         publishIvy = false

  131.       }

  132.     }

  133.     clientConfig.info.setBuildName('sonar-enterprise')

  134.     clientConfig.info.setBuildNumber(System.getenv('BUILD_NUMBER'))

  135.     // Define the artifacts to be deployed to https://binaries.sonarsource.com on releases

  136.     clientConfig.info.addEnvironmentProperty('ARTIFACTS_TO_PUBLISH',

  137.         "${project.group}:sonar-application:zip," +

  138.             "com.sonarsource.sonarqube:sonarqube-developer:zip," +

  139.             "com.sonarsource.sonarqube:sonarqube-datacenter:zip," +

  140.             "com.sonarsource.sonarqube:sonarqube-enterprise:zip")

  141.     // The name of this variable is important because it's used by the delivery process when extracting version from Artifactory build info.

  142.     clientConfig.info.addEnvironmentProperty('PROJECT_VERSION', "${version}")

  143.   }

  144. }

  145. 

  146. apply plugin: 'org.sonarqube'

  147. sonarqube {

  148.     properties {

  149.         property 'sonar.projectName', projectTitle

  150.         property 'sonar.projectVersion', "${versionInSources}-SNAPSHOT"

  151.         property 'sonar.buildString', version

  152.     }

  153. }

  154. 

  155. subprojects {

  156.   apply plugin: 'com.github.hierynomus.license'

  157.   apply plugin: 'io.spring.dependency-management'

  158.   apply plugin: 'jacoco'

  159.   apply plugin: 'java'

  160.   apply plugin: 'idea'

  161. 

  162.   sourceCompatibility = 1.8

  163.   targetCompatibility = 1.8

  164. 

  165.   // do not deploy to Artifactory by default

  166.   artifactoryPublish.skip = true

  167. 

  168.   def testFixtureSrc = 'src/testFixtures'

  169.   if (file(testFixtureSrc).exists()) {

  170.     apply plugin: 'java-test-fixtures'

  171.   }

  172. 

  173.   ext {

  174.     protobufVersion = '3.11.4'

  175.   }

  176. 

  177.   sonarqube {

  178.     properties {

  179.       property 'sonar.moduleKey', project.group + ':' + project.name

  180.     }

  181.   }

  182. 

  183.   // Central place for definition dependency versions and exclusions.

  184.   dependencyManagement {

  185.     dependencies {

  186.       // bundled plugin list -- keep it alphabetically ordered

  187.       // comment is used by the Plugin Update bot to identify bundled plugins to check updates for

  188.       //

  189.       // !!! do not use variable for version number, bot in charge of updating plugin does not support them !!

  190.       //

  191.       // comment format is: // bundled_plugin:[updateCenterKey]:[githubRepository]

  192.       //    updateCenterKey: Update Center Plugin key, last release will be resolved from repox when not provided

  193.       //    githubRepository: name of github repository of the plugin in the SonarSource organisation

  194.       dependency 'com.sonarsource.abap:sonar-abap-plugin:3.9.0.2739' // bundled_plugin:abap:sonar-abap

  195.       dependency 'com.sonarsource.cobol:sonar-cobol-plugin:4.6.0.4639' // bundled_plugin:cobol:sonar-cobol

  196.       dependency 'com.sonarsource.cpp:sonar-cfamily-plugin:6.15.0.25047' // bundled_plugin:cpp:sonar-cpp

  197.       dependency 'com.sonarsource.pli:sonar-pli-plugin:1.10.0.1880' // bundled_plugin:pli:sonar-pli

  198.       dependency 'com.sonarsource.plsql:sonar-plsql-plugin:3.5.0.3437' // bundled_plugin:plsql:sonar-plsql

  199.       dependency 'com.sonarsource.plugins.vb:sonar-vb-plugin:2.7.0.2497' // bundled_plugin:vb:sonar-vb

  200.       dependency 'com.sonarsource.rpg:sonar-rpg-plugin:2.5.0.2338' // bundled_plugin:rpg:sonar-rpg

  201.       dependency 'com.sonarsource.security:sonar-security-csharp-frontend-plugin:8.6.0.6438' // bundled_plugin::sonar-security

  202.       dependency 'com.sonarsource.security:sonar-security-java-frontend-plugin:8.6.0.6438' // bundled_plugin::sonar-security

  203.       dependency 'com.sonarsource.security:sonar-security-php-frontend-plugin:8.6.0.6438' // bundled_plugin::sonar-security

  204.       dependency 'com.sonarsource.security:sonar-security-plugin:8.6.0.6438' // bundled_plugin::sonar-security

  205.       dependency 'com.sonarsource.security:sonar-security-python-frontend-plugin:8.6.0.6438' // bundled_plugin::sonar-security

  206.       dependency 'com.sonarsource.security:sonar-security-js-frontend-plugin:8.6.0.6438' // bundled_plugin::sonar-security

  207.       dependency 'com.sonarsource.slang:sonar-apex-plugin:1.8.1.1804' // bundled_plugin:sonarapex:slang-enterprise

  208.       dependency 'com.sonarsource.swift:sonar-swift-plugin:4.3.0.4687' // bundled_plugin:swift:sonar-swift

  209.       dependency 'com.sonarsource.tsql:sonar-tsql-plugin:1.5.0.3958' // bundled_plugin:tsql:sonar-tsql

  210.       dependency 'org.sonarsource.css:sonar-css-plugin:1.3.1.1642' // bundled_plugin:cssfamily:sonar-css

  211.       dependency 'org.sonarsource.dotnet:sonar-csharp-plugin:8.15.0.24505' // bundled_plugin:csharp:sonar-dotnet

  212.       dependency 'org.sonarsource.dotnet:sonar-vbnet-plugin:8.15.0.24505' // bundled_plugin:vbnet:sonar-dotnet

  213.       dependency 'org.sonarsource.flex:sonar-flex-plugin:2.6.0.2294' // bundled_plugin:flex:sonar-flex

  214.       dependency 'org.sonarsource.html:sonar-html-plugin:3.3.0.2534' // bundled_plugin:web:sonar-html

  215.       dependency 'org.sonarsource.jacoco:sonar-jacoco-plugin:1.1.0.898' // bundled_plugin:jacoco:sonar-jacoco

  216.       dependency 'org.sonarsource.java:sonar-java-plugin:6.9.0.23563' // bundled_plugin:java:sonar-java

  217.       dependency 'org.sonarsource.javascript:sonar-javascript-plugin:7.0.1.14561' // bundled_plugin:javascript:SonarJS

  218.       dependency 'org.sonarsource.php:sonar-php-plugin:3.13.0.6849' // bundled_plugin:php:sonar-php

  219.       dependency 'org.sonarsource.python:sonar-python-plugin:3.1.0.7619' // bundled_plugin:python:sonar-python

  220.       dependency 'org.sonarsource.slang:sonar-go-plugin:1.8.1.1804' // bundled_plugin:go:slang-enterprise

  221.       dependency 'org.sonarsource.slang:sonar-kotlin-plugin:1.8.1.1804' // bundled_plugin:kotlin:slang-enterprise

  222.       dependency 'org.sonarsource.slang:sonar-ruby-plugin:1.8.1.1804' // bundled_plugin:ruby:slang-enterprise

  223.       dependency 'org.sonarsource.slang:sonar-scala-plugin:1.8.1.1804' // bundled_plugin:sonarscala:slang-enterprise

  224.       dependency 'org.sonarsource.xml:sonar-xml-plugin:2.0.1.2020' // bundled_plugin:xml:sonar-xml

  225. 

  226.       // please keep this list alphabetically ordered

  227.       dependencySet(group: 'ch.qos.logback', version: '1.2.3') {

  228.         entry 'logback-access'

  229.         entry 'logback-classic'

  230.         entry 'logback-core'

  231.       }

  232.       dependency('commons-beanutils:commons-beanutils:1.8.3') {

  233.         exclude 'commons-logging:commons-logging'

  234.       }

  235.       dependency 'commons-codec:commons-codec:1.14'

  236.       dependency 'commons-dbutils:commons-dbutils:1.7'

  237.       dependency 'commons-io:commons-io:2.8.0'

  238.       dependency 'commons-lang:commons-lang:2.6'

  239.       imports { mavenBom 'com.fasterxml.jackson:jackson-bom:2.10.4' }

  240.       dependencySet(group: 'com.fasterxml.jackson.dataformat', version: '2.10.4') {

  241.         entry 'jackson-dataformat-cbor'

  242.         entry 'jackson-dataformat-smile'

  243.         entry 'jackson-dataformat-yaml'

  244.       }

  245.       dependency 'com.eclipsesource.minimal-json:minimal-json:0.9.5'

  246.       dependencySet(group: 'com.github.scribejava', version: '6.9.0') {

  247.         entry 'scribejava-apis'

  248.         entry 'scribejava-core'

  249.       }

  250.       // This project is no longer maintained and was forked

  251.       // by https://github.com/java-diff-utils/java-diff-utils

  252.       // (io.github.java-diff-utils:java-diff-utils).

  253.       dependency 'com.googlecode.java-diff-utils:diffutils:1.2'

  254.       dependency('com.googlecode.json-simple:json-simple:1.1.1') {

  255.         exclude 'junit:junit'

  256.       }

  257.       dependency 'com.google.code.findbugs:jsr305:3.0.2'

  258.       dependency 'com.google.code.gson:gson:2.8.6'

  259.       dependency('com.google.guava:guava:28.2-jre') {

  260.         exclude 'com.google.errorprone:error_prone_annotations'

  261.         exclude 'com.google.guava:listenablefuture'

  262.         exclude 'com.google.j2objc:j2objc-annotations'

  263.         exclude 'org.checkerframework:checker-qual'

  264.         exclude 'org.codehaus.mojo:animal-sniffer-annotations'

  265.       }

  266.       dependency "com.google.protobuf:protobuf-java:${protobufVersion}"

  267.       // Do not upgrade H2 to 1.4.200 because of instability: https://github.com/h2database/h2database/issues/2205

  268.       dependency 'com.h2database:h2:1.4.199'

  269.       dependencySet(group: 'com.hazelcast', version: '3.12.9') {

  270.         entry 'hazelcast'

  271.         entry 'hazelcast-client'

  272.       }

  273.       dependency 'com.ibm.icu:icu4j:3.4.4'

  274.       dependency 'com.microsoft.sqlserver:mssql-jdbc:7.4.1.jre11'

  275.       dependency 'com.oracle.database.jdbc:ojdbc8:19.3.0.0'

  276.       dependencySet(group: 'com.squareup.okhttp3', version: '4.9.0') {

  277.         entry 'okhttp'

  278.         entry 'mockwebserver'

  279.       }

  280.       dependency 'com.tngtech.java:junit-dataprovider:1.13.1'

  281.       dependency 'info.picocli:picocli:3.6.1'

  282.       dependencySet(group: 'io.jsonwebtoken', version: '0.11.2') {

  283.         entry 'jjwt-api'

  284.         entry 'jjwt-impl'

  285.         entry 'jjwt-jackson'

  286.       }

  287.       dependency 'io.netty:netty-all:4.1.48.Final'

  288.       dependency 'com.sun.mail:javax.mail:1.5.6'

  289.       dependency 'javax.annotation:javax.annotation-api:1.3.2'

  290.       dependency 'javax.servlet:javax.servlet-api:3.1.0'

  291.       dependency 'javax.xml.bind:jaxb-api:2.3.0'

  292.       dependency 'junit:junit:4.13.1'

  293.       dependency 'org.junit.jupiter:junit-jupiter-api:5.6.0'

  294.       dependency 'org.xmlunit:xmlunit-core:2.6.4'

  295.       dependency 'org.xmlunit:xmlunit-matchers:2.6.4'

  296.       dependency 'net.jpountz.lz4:lz4:1.3.0'

  297.       dependency 'net.lightbody.bmp:littleproxy:1.1.0-beta-bmp-17'

  298.       dependency 'org.awaitility:awaitility:4.0.2'

  299.       dependency 'org.apache.commons:commons-csv:1.7'

  300.       dependency 'org.apache.commons:commons-email:1.5'

  301.       dependency 'org.apache.commons:commons-dbcp2:2.7.0'

  302.       dependency('org.apache.httpcomponents:httpclient:4.5.13'){

  303.         exclude 'commons-logging:commons-logging'

  304.       }

  305.       // Be aware that Log4j is used by Elasticsearch client

  306.       dependencySet(group: 'org.apache.logging.log4j', version: '2.8.2') {

  307.         entry 'log4j-api'

  308.         entry 'log4j-to-slf4j'

  309.         entry 'log4j-core'

  310.       }

  311.       dependencySet(group: 'org.apache.tomcat.embed', version: '8.5.60') {

  312.         entry 'tomcat-embed-core'

  313.         entry('tomcat-embed-jasper') {

  314.           exclude 'org.eclipse.jdt.core.compiler:ecj'

  315.         }

  316.       }

  317.       dependency 'org.assertj:assertj-core:3.15.0'

  318.       dependency 'org.assertj:assertj-guava:3.3.0'

  319.       dependency('org.codehaus.sonar:sonar-channel:4.2') {

  320.         exclude 'org.slf4j:slf4j-api'

  321.       }

  322.       dependency 'org.codehaus.sonar:sonar-classloader:1.0'

  323.       dependency('org.codehaus.woodstox:woodstox-core-lgpl:4.4.1') {

  324.         exclude 'javax.xml.stream:stax-api'

  325.       }

  326.       dependency 'org.codehaus.sonar.runner:sonar-runner-api:2.4'

  327.       dependency('org.codehaus.sonar:sonar-squid:4.1') {

  328.         exclude 'org.codehaus.sonar:sonar-check-api'

  329.       }

  330.       dependency('org.codehaus.staxmate:staxmate:2.0.1') {

  331.         exclude 'org.codehaus.woodstox:stax2-api'

  332.         exclude 'stax:stax-api'

  333.         exclude 'org.codehaus.woodstox:woodstox-core-asl'

  334.       }

  335.       dependency('org.codehaus.woodstox:stax2-api:3.1.4') {

  336.         exclude 'stax:stax-api'

  337.       }

  338.       dependencySet(group: 'org.eclipse.jetty', version: '9.4.6.v20170531') {

  339.         entry 'jetty-proxy'

  340.         entry 'jetty-server'

  341.         entry 'jetty-servlet'

  342.       }

  343.       dependency('org.elasticsearch.client:elasticsearch-rest-high-level-client:7.9.3') {

  344.         exclude 'commons-logging:commons-logging'

  345.       }

  346.       dependency 'org.elasticsearch.plugin:transport-netty4-client:7.9.3'

  347.       dependency 'org.elasticsearch:mocksocket:1.0'

  348.       dependency 'org.codelibs.elasticsearch.module:analysis-common:7.9.3'

  349.       dependency 'org.eclipse.jgit:org.eclipse.jgit:5.9.0.202009080501-r'

  350.       dependency 'org.tmatesoft.svnkit:svnkit:1.10.1'

  351.       dependency 'org.hamcrest:hamcrest-all:1.3'

  352.       dependency 'org.jsoup:jsoup:1.13.1'

  353.       dependency 'org.mindrot:jbcrypt:0.4'

  354.       dependency('org.mockito:mockito-core:3.3.3') {

  355.         exclude 'org.hamcrest:hamcrest-core'

  356.       }

  357.       dependency 'org.mybatis:mybatis:3.5.6'

  358.       dependency 'org.nanohttpd:nanohttpd:2.3.1'

  359.       dependency 'org.picocontainer:picocontainer:2.15'

  360.       dependencySet(group: 'org.slf4j', version: '1.7.30') {

  361.         entry 'jcl-over-slf4j'

  362.         entry 'jul-to-slf4j'

  363.         entry 'log4j-over-slf4j'

  364.         entry 'slf4j-api'

  365.       }

  366.       dependency 'org.postgresql:postgresql:42.2.17'

  367.       dependency 'org.reflections:reflections:0.9.12'

  368.       dependency 'org.simpleframework:simple:4.1.21'

  369.       dependency 'org.sonarsource.orchestrator:sonar-orchestrator:3.34.0.2692'

  370.       dependency 'org.sonarsource.update-center:sonar-update-center-common:1.23.0.723'

  371.       dependency 'org.subethamail:subethasmtp:3.1.7'

  372.       dependency 'org.yaml:snakeyaml:1.26'

  373.       dependency 'xml-apis:xml-apis:1.4.01'

  374. 

  375.       // please keep this list alphabetically ordered

  376.     }

  377.   }

  378. 

  379.   // global exclusions

  380.   configurations.all {

  381.     // do not conflict with com.sun.mail:javax.mail

  382.     exclude group: 'javax.mail', module: 'mail'

  383.   }

  384. 

  385.   tasks.withType(JavaCompile) {

  386.     options.compilerArgs.addAll(['--release', '8'])

  387.     options.encoding = 'UTF-8'

  388.   }

  389. 

  390.   tasks.withType(Javadoc) {

  391.     options.addStringOption('Xdoclint:none', '-quiet')

  392.     options.encoding = 'UTF-8'

  393.     title = project.name + ' ' + versionWithoutBuildNumber

  394.   }

  395. 

  396.   task sourcesJar(type: Jar, dependsOn: classes) {

  397.     classifier = 'sources'

  398.     from sourceSets.main.allSource

  399.   }

  400. 

  401.   task javadocJar(type: Jar, dependsOn: javadoc) {

  402.     classifier = 'javadoc'

  403.     from javadoc.destinationDir

  404.   }

  405. 

  406.   // generate code before opening project in IDE (Eclipse or Intellij)

  407.   task ide() {

  408.     // empty by default. Dependencies are added to the task

  409.     // when needed (see protobuf modules for example)

  410.   }

  411. 

  412.   jacocoTestReport {

  413.     reports {

  414.       xml.enabled true

  415.       csv.enabled false

  416.       html.enabled false

  417.     }

  418.   }

  419. 

  420.   normalization {

  421.     runtimeClasspath {

  422.       // Following classpath resources contain volatile data that changes in each CI build (build number, commit id, time),

  423.       // so we exclude them from calculation of build cache key of test tasks:

  424.       ignore 'META-INF/MANIFEST.MF'

  425.       ignore 'sonar-api-version.txt'

  426.       ignore 'sq-version.txt'

  427.     }

  428.   }

  429. 

  430. 

  431.   ext.failedTests = []

  432.   test {

  433.     jvmArgs '-Dfile.encoding=UTF8'

  434.     maxHeapSize = '1G'

  435.     systemProperty 'java.awt.headless', true

  436.     testLogging {

  437.       events "skipped", "failed" // verbose log for failed and skipped tests (by default the name of the tests are not logged)

  438.       exceptionFormat 'full' // log the full stack trace (default is the 1st line of the stack trace)

  439.     }

  440.     jacoco {

  441.       enabled = true // do not disable recording of code coverage, so that remote Gradle cache entry can be used locally

  442.       includes = ['com.sonar.*', 'com.sonarsource.*', 'org.sonar.*', 'org.sonarqube.*', 'org.sonarsource.*']

  443.     }

  444.     if (project.hasProperty('maxParallelTests')) {

  445.       maxParallelForks = project.maxParallelTests as int

  446.     }

  447.     if (project.hasProperty('parallelTests')) {

  448.       // See https://guides.gradle.org/performance/#parallel_test_execution

  449.       maxParallelForks = Runtime.runtime.availableProcessors().intdiv(2) ?: 1

  450.     }

  451. 

  452.      afterTest { descriptor, result ->

  453.         if (result.resultType == TestResult.ResultType.FAILURE) {

  454.             String failedTest = "  ${descriptor.className} > ${descriptor.name}"

  455.             failedTests << failedTest

  456.         }

  457.     }

  458.   }

  459. 

  460.   gradle.buildFinished {

  461.     if (!failedTests.empty) {

  462.       println "\nFailed tests:"

  463.       failedTests.each { failedTest ->

  464.         println failedTest

  465.       }

  466.       println ""

  467.     }

  468.   }

  469. 

  470.   def protoMainSrc = 'src/main/protobuf'

  471.   def protoTestSrc = 'src/test/protobuf'

  472.   if (file(protoMainSrc).exists() || file(protoTestSrc).exists()) {

  473.     // protobuf must be applied after java

  474.     apply plugin: 'com.google.protobuf'

  475. 

  476.     sourceSets.main.proto.srcDir protoMainSrc  // in addition to the default 'src/main/proto'

  477.     sourceSets.test.proto.srcDir protoTestSrc  // in addition to the default 'src/test/proto'

  478.     protobuf {

  479.       protoc {

  480.         artifact = "com.google.protobuf:protoc:${protobufVersion}"

  481.       }

  482.     }

  483.     jar {

  484.       exclude('**/*.proto')

  485.     }

  486.     idea {

  487.       module {

  488.         sourceDirs += file("${protobuf.generatedFilesBaseDir}/main/java")

  489.         testSourceDirs += file("${protobuf.generatedFilesBaseDir}/test/java")

  490.         generatedSourceDirs += file("${protobuf.generatedFilesBaseDir}/main/java")

  491.         generatedSourceDirs += file("${protobuf.generatedFilesBaseDir}/test/java")

  492.       }

  493.     }

  494.     ide.dependsOn(['generateProto', 'generateTestProto'])

  495.   }

  496. 

  497.   if (file('package.json').exists()) {

  498.     apply plugin: 'com.github.node-gradle.node'

  499. 

  500.     node {

  501.       version = '10.22.1'

  502.       yarnVersion = '1.22.0'

  503.       download = true

  504.     }

  505. 

  506.     // the OWASP tool does not support yarn, and its yarn.lock files, so node modules

  507.     // should be explicitly installed (yarn task) before running the audit

  508.     // See https://github.com/jeremylong/DependencyCheck/issues/2393

  509.     dependencyCheckAggregate.dependsOn(yarn)

  510.   }

  511. 

  512.   if (official) {

  513.     jar {

  514.       // do not break incremental build on non official versions

  515.       manifest {

  516.         attributes(

  517.           'Version': "${version}",

  518.           'Implementation-Build': System.getenv('GIT_SHA1'),

  519.           'Build-Time': new Date().format("yyyy-MM-dd'T'HH:mm:ssZ")

  520.         )

  521.       }

  522.     }

  523.   }

  524. 

  525.   license {

  526.     header = rootProject.file('HEADER')

  527.     strictCheck true

  528.     mapping {

  529.       java = 'SLASHSTAR_STYLE'

  530.       js = 'SLASHSTAR_STYLE'

  531.       ts = 'SLASHSTAR_STYLE'

  532.       tsx = 'SLASHSTAR_STYLE'

  533.       css = 'SLASHSTAR_STYLE'

  534.     }

  535.     includes(['**/*.java', '**/*.js', '**/*.ts', '**/*.tsx', '**/*.css'])

  536.   }

  537. 

  538.   tasks.withType(GenerateModuleMetadata) {

  539.     enabled = false

  540.   }

  541. 

  542.   publishing {

  543.     publications {

  544.       mavenJava(MavenPublication) {

  545.         pom {

  546.           name = 'SonarQube'

  547.           description = project.description

  548.           url = 'http://www.sonarqube.org/'

  549.           organization {

  550.             name = 'SonarSource'

  551.             url = 'http://www.sonarsource.com'

  552.           }

  553.           licenses {

  554.             license {

  555.               name = 'GNU LGPL 3'

  556.               url = 'http://www.gnu.org/licenses/lgpl.txt'

  557.               distribution = 'repo'

  558.             }

  559.           }

  560.           scm {

  561.             url = 'https://github.com/SonarSource/sonarqube'

  562.           }

  563.           developers {

  564.             developer {

  565.               id = 'sonarsource-team'

  566.               name = 'SonarSource Team'

  567.             }

  568.           }

  569.         }

  570.       }

  571.     }

  572.   }

  573. }

  574. 

  575. 

  576. // Yarn doesn't support concurrent access to its global cache,

  577. // i.e. parallel execution of several "yarn install" tasks,

  578. // since these tasks are independent, we can establish arbitrary total order

  579. // to prevent their concurrent execution.

  580. // Note that "task1.mustRunAfter(task2)" ordering has an effect only when both

  581. // tasks are scheduled for execution, therefore should be established between

  582. // all pairs of "yarn install" tasks to define their total order and to prevent

  583. // their concurrent execution even in case when one or more of these tasks not

  584. // scheduled.

  585. def yarnInstallTasks = allprojects.findResults { it -> it.tasks.findByName('yarn') }

  586. yarnInstallTasks.drop(1).eachWithIndex { it, i -> it.mustRunAfter(yarnInstallTasks[0..i]) }

  587. 

  588. // by default, Yarn will update lock file if it is not up to date with "package.json"

  589. // using option "--frozen-lockfile" will disable this behavior and "yarn install" will fail if lock file is out of date

  590. // all "yarn install" tasks should be executed with this option for reproducibility of builds

  591. // and to prevent developers from forgetting to update lock file when they update "package.json"

  592. yarnInstallTasks.each { it -> it.args = ['--frozen-lockfile'] }

  593. 

  594. // https://github.com/ben-manes/gradle-versions-plugin

  595. apply plugin: 'com.github.ben-manes.versions'

  596. dependencyUpdates {

  597.   rejectVersionIf {

  598.     // Exclude dev versions from the list of dependency upgrades, for

  599.     // example to replace:

  600.     //   org.slf4j:log4j-over-slf4j [1.7.25 -> 1.8.0-beta4]

  601.     // by

  602.     //   org.slf4j:log4j-over-slf4j [1.7.25 -> 1.7.26]

  603.     boolean rejected = ['alpha', 'beta', 'rc', 'cr', 'm', 'preview', 'jre12'].any { qualifier ->

  604.       it.candidate.version ==~ /(?i).*[.-]${qualifier}[.\d-]*/

  605.     }

  606. 

  607.     // Exclude upgrades on new major versions :

  608.     //   com.hazelcast:hazelcast [3.12.3 -> 4.0.0]

  609.     rejected |= !it.candidate.version.substring(0, 2).equals(it.currentVersion.substring(0, 2))

  610. 

  611.     rejected

  612.   }

  613. }