ofbiz-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Taher Alkhateeb <slidingfilame...@gmail.com>
Subject Re: svn commit: r1810056 [1/2] - in /ofbiz: ofbiz-framework/trunk/build.gradle tools/security/dependency-check/dependency-check-report.html
Date Fri, 29 Sep 2017 07:32:27 GMT
Why did you apply the jdeps and codenarc plugins? Why did you add
commented out code? What's this all about?

On Fri, Sep 29, 2017 at 9:59 AM,  <jleroux@apache.org> wrote:
> Author: jleroux
> Date: Fri Sep 29 06:59:45 2017
> New Revision: 1810056
>
> URL: http://svn.apache.org/viewvc?rev=1810056&view=rev
> Log:
> No functional change
>
> Updates xstream from 1.4.9 to 1.4.10 to fixes a vulnerability reported by
> Dependency Check
> Updates the dependency-check-report.html
>
> There are more to do, but my time is limited...
>
> Modified:
>     ofbiz/ofbiz-framework/trunk/build.gradle
>     ofbiz/tools/security/dependency-check/dependency-check-report.html
>
> Modified: ofbiz/ofbiz-framework/trunk/build.gradle
> URL: http://svn.apache.org/viewvc/ofbiz/ofbiz-framework/trunk/build.gradle?rev=1810056&r1=1810055&r2=1810056&view=diff
> ==============================================================================
> --- ofbiz/ofbiz-framework/trunk/build.gradle (original)
> +++ ofbiz/ofbiz-framework/trunk/build.gradle Fri Sep 29 06:59:45 2017
> @@ -28,12 +28,15 @@ buildscript {
>      }
>      dependencies {
>        classpath "at.bxm.gradleplugins:gradle-svntools-plugin:latest.release"
> +      classpath "org.kordamp.gradle:jdeps-gradle-plugin:0.2.0"
>      }
>  }
>  apply plugin: 'java'
>  apply plugin: 'eclipse'
>  apply plugin: 'maven-publish'
>  apply plugin: "at.bxm.svntools"
> +apply plugin: 'org.kordamp.jdeps'
> +apply plugin: 'codenarc'
>
>  apply from: 'common.gradle'
>
> @@ -103,7 +106,7 @@ dependencies {
>      compile 'com.lowagie:itext:2.1.7'
>      compile 'com.sun.mail:javax.mail:1.5.1'
>      compile 'com.sun.syndication:com.springsource.com.sun.syndication:0.9.0'
> -    compile 'com.thoughtworks.xstream:xstream:1.4.9'
> +    compile 'com.thoughtworks.xstream:xstream:1.4.10'
>      compile 'commons-cli:commons-cli:1.3.1'
>      compile 'commons-net:commons-net:3.3'
>      compile 'commons-validator:commons-validator:1.5.1'
> @@ -1006,3 +1009,21 @@ def gradlewSubprocess(commandList) {
>      fullCommand.addAll(commandList)
>      exec { commandLine fullCommand }
>  }
> +
> +//codenarcMain {
> +//    ignoreFailures false
> +//    configFile file('config/codenarc/codenarc-main.rules')
> +//
> +//    maxPriority1Violations 0
> +//    maxPriority2Violations 10
> +//    maxPriority3Violations 20
> +//}
> +//
> +//codenarcTest {
> +//    ignoreFailures true
> +//    configFile file('config/codenarc/codenarc-test.rules')
> +//
> +//    maxPriority1Violations 0
> +//    maxPriority2Violations 10
> +//    maxPriority3Violations 20
> +//}
> \ No newline at end of file
>
>

Mime
View raw message