aboutsummaryrefslogtreecommitdiffstats
path: root/build.gradle
diff options
context:
space:
mode:
authorSimon Brandhof <simon@brandhof.net>2020-09-22 21:23:10 +0200
committersonartech <sonartech@sonarsource.com>2020-10-02 20:07:42 +0000
commite59875122c7b9090f41dc5a0fb7deb87573e4b79 (patch)
tree946bf4a7cb5ee7783633cbb8000dd2dc871f7e3d /build.gradle
parentd7856168ba6009fa219a2c21fa6d4001eefda008 (diff)
downloadsonarqube-e59875122c7b9090f41dc5a0fb7deb87573e4b79.tar.gz
sonarqube-e59875122c7b9090f41dc5a0fb7deb87573e4b79.zip
SONAR-13905 enable OWASP Dependency Check tool
Diffstat (limited to 'build.gradle')
-rw-r--r--build.gradle34
1 files changed, 34 insertions, 0 deletions
diff --git a/build.gradle b/build.gradle
index b6a5a2830f1..1a25f8b9a29 100644
--- a/build.gradle
+++ b/build.gradle
@@ -8,6 +8,7 @@ plugins {
id 'com.github.node-gradle.node' version '1.5.3' apply false
id 'io.spring.dependency-management' version '1.0.10.RELEASE'
id 'net.rdrei.android.buildtimetracker' version '0.11.0'
+ id 'org.owasp.dependencycheck' version '6.0.1'
id 'org.sonarqube' version '2.8'
}
@@ -30,6 +31,39 @@ if (!JavaVersion.current().java11Compatible) {
throw new GradleException("JDK 11+ is required to perform this build. It's currently " + System.getProperty("java.home") + ".")
}
+apply plugin: 'org.owasp.dependencycheck'
+dependencyCheck {
+ analyzers {
+ assemblyEnabled = false
+ autoconfEnabled = false
+ bundleAuditEnabled = false
+ cmakeEnabled = false
+ cocoapodsEnabled = false
+ composerEnabled = false
+ cocoapodsEnabled = false
+ golangDepEnabled = false
+ golangModEnabled = false
+ nodeAudit {
+ skipDevDependencies = true
+ }
+ nuspecEnabled = false
+ nugetconfEnabled = false
+ rubygemsEnabled = false
+ swiftEnabled = false
+
+ }
+ format = 'ALL'
+ junitFailOnCVSS = 0
+ failBuildOnCVSS = 0
+ suppressionFiles = ["${project.rootDir}/owasp-suppressions.xml", "${project.rootDir}/owasp-vulnerabilities.xml"]
+ skipProjects = project.subprojects
+ .findAll {it.name.contains('testing') ||
+ it.name.startsWith('it-') ||
+ it.name.contains('-test') ||
+ it.name == 'sonar-ws-generator'}
+ .collect { it.path }
+}
+
allprojects {
apply plugin: 'com.jfrog.artifactory'
apply plugin: 'maven-publish'