diff options
author | Simon Brandhof <simon@brandhof.net> | 2020-09-22 21:23:10 +0200 |
---|---|---|
committer | sonartech <sonartech@sonarsource.com> | 2020-10-02 20:07:42 +0000 |
commit | e59875122c7b9090f41dc5a0fb7deb87573e4b79 (patch) | |
tree | 946bf4a7cb5ee7783633cbb8000dd2dc871f7e3d /build.gradle | |
parent | d7856168ba6009fa219a2c21fa6d4001eefda008 (diff) | |
download | sonarqube-e59875122c7b9090f41dc5a0fb7deb87573e4b79.tar.gz sonarqube-e59875122c7b9090f41dc5a0fb7deb87573e4b79.zip |
SONAR-13905 enable OWASP Dependency Check tool
Diffstat (limited to 'build.gradle')
-rw-r--r-- | build.gradle | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/build.gradle b/build.gradle index b6a5a2830f1..1a25f8b9a29 100644 --- a/build.gradle +++ b/build.gradle @@ -8,6 +8,7 @@ plugins { id 'com.github.node-gradle.node' version '1.5.3' apply false id 'io.spring.dependency-management' version '1.0.10.RELEASE' id 'net.rdrei.android.buildtimetracker' version '0.11.0' + id 'org.owasp.dependencycheck' version '6.0.1' id 'org.sonarqube' version '2.8' } @@ -30,6 +31,39 @@ if (!JavaVersion.current().java11Compatible) { throw new GradleException("JDK 11+ is required to perform this build. It's currently " + System.getProperty("java.home") + ".") } +apply plugin: 'org.owasp.dependencycheck' +dependencyCheck { + analyzers { + assemblyEnabled = false + autoconfEnabled = false + bundleAuditEnabled = false + cmakeEnabled = false + cocoapodsEnabled = false + composerEnabled = false + cocoapodsEnabled = false + golangDepEnabled = false + golangModEnabled = false + nodeAudit { + skipDevDependencies = true + } + nuspecEnabled = false + nugetconfEnabled = false + rubygemsEnabled = false + swiftEnabled = false + + } + format = 'ALL' + junitFailOnCVSS = 0 + failBuildOnCVSS = 0 + suppressionFiles = ["${project.rootDir}/owasp-suppressions.xml", "${project.rootDir}/owasp-vulnerabilities.xml"] + skipProjects = project.subprojects + .findAll {it.name.contains('testing') || + it.name.startsWith('it-') || + it.name.contains('-test') || + it.name == 'sonar-ws-generator'} + .collect { it.path } +} + allprojects { apply plugin: 'com.jfrog.artifactory' apply plugin: 'maven-publish' |