diff options
| author | Philippe Perrin <philippe.perrin@sonarsource.com> | 2021-10-05 16:27:03 +0200 |
|---|---|---|
| committer | sonartech <sonartech@sonarsource.com> | 2021-10-06 20:03:08 +0000 |
| commit | 3901540ab1ae1bf0f5c63b4ed7abbf3c75ef290b (patch) | |
| tree | 8cca5de1cedbcc4bae5c21d9bd126f1804e7dca6 /server/sonar-web/build.gradle | |
| parent | cffacbf903fdce93764694228d7053903b79b180 (diff) | |
| download | sonarqube-3901540ab1ae1bf0f5c63b4ed7abbf3c75ef290b.tar.gz sonarqube-3901540ab1ae1bf0f5c63b4ed7abbf3c75ef290b.zip | |
Fix dependency checks for frontend projects
Diffstat (limited to 'server/sonar-web/build.gradle')
| -rw-r--r-- | server/sonar-web/build.gradle | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/server/sonar-web/build.gradle b/server/sonar-web/build.gradle index 2ee42455291..9b4254cb95a 100644 --- a/server/sonar-web/build.gradle +++ b/server/sonar-web/build.gradle @@ -62,6 +62,13 @@ task dependency_audit(type: Exec) { commandLine osAdaptiveCommand(['npm', 'run', 'audit-ci']) } +task dependencyCheckAggregate_prerequisites(type: Exec) { + // the OWASP tool does not support yarn and its yarn.lock files, so node modules + // should be explicitly installed (yarn install) before running the audit + // See https://github.com/jeremylong/DependencyCheck/issues/2393 + commandLine osAdaptiveCommand(['yarn', 'install', '--immutable']) +} + def sources = fileTree(dir: "src") + fileTree(dir: "scripts") + fileTree(dir: "config") + fileTree(dir: "__mocks__") task licenseCheckWeb(type: com.hierynomus.gradle.license.tasks.LicenseCheck) { |