zookeeper-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ph...@apache.org
Subject zookeeper git commit: ZOOKEEPER-2875: Add ant task for running OWASP dependency report
Date Sat, 16 Sep 2017 19:47:36 GMT
Repository: zookeeper
Updated Branches:
  refs/heads/branch-3.4 34665cd5b -> 2d096b480


ZOOKEEPER-2875: Add ant task for running OWASP dependency report

Simply run `ant owasp` and a report will be placed in `build/test/owasp`. The task will return
a nonzero status code if there are any vulnerabilities in any of the dependencies.

Author: Abraham Fine <afine@apache.org>

Reviewers: Michael Han <hanm@apache.org>

Closes #340 from afine/ZOOKEEPER-2875

(cherry picked from commit faab8d97fdc426341cfa38ebca3701fee8dc121e)


Project: http://git-wip-us.apache.org/repos/asf/zookeeper/repo
Commit: http://git-wip-us.apache.org/repos/asf/zookeeper/commit/2d096b48
Tree: http://git-wip-us.apache.org/repos/asf/zookeeper/tree/2d096b48
Diff: http://git-wip-us.apache.org/repos/asf/zookeeper/diff/2d096b48

Branch: refs/heads/branch-3.4
Commit: 2d096b48021223a41349eeb379015f1fecffab24
Parents: 34665cd
Author: Abraham Fine <afine@apache.org>
Authored: Sun Sep 10 21:33:29 2017 -0700
Committer: Patrick Hunt <phunt@apache.org>
Committed: Sat Sep 16 11:03:07 2017 -0700

----------------------------------------------------------------------
 build.xml | 23 +++++++++++++++++++++++
 ivy.xml   |  2 ++
 2 files changed, 25 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/zookeeper/blob/2d096b48/build.xml
----------------------------------------------------------------------
diff --git a/build.xml b/build.xml
index 233bfa1..249e771 100644
--- a/build.xml
+++ b/build.xml
@@ -1614,6 +1614,29 @@ xmlns:cs="antlib:com.puppycrawl.tools.checkstyle">
                classpathref="releaseaudit-classpath"/>
     </target>
 
+    <target name="owasp-taskdef" depends="ivy-retrieve-releaseaudit">
+        <typedef format="properties" resource="dependency-check-taskdefs.properties" uri="antlib:org.owasp.dependencycheck.anttasks"
classpathref="releaseaudit-classpath"/>
+    </target>
+
+    <target name="owasp" depends="owasp-taskdef,ivy-retrieve" description="OWASP dependency
check">
+        <property name="owasp.out.dir" value="${test.java.build.dir}/owasp" />
+
+        <owasp:dependency-check xmlns:owasp="antlib:org.owasp.dependencycheck.anttasks"
+                          projectname="ZooKeeper"
+                          reportoutputdirectory="${owasp.out.dir}"
+                          reportformat="ALL"
+                          failBuildOnCVSS="0">
+
+            <fileset dir="${ivy.lib}">
+                <include name="**/*.jar"/>
+            </fileset>
+
+            <fileset dir="${lib.dir}">
+                <include name="**/*.jar"/>
+            </fileset>
+        </owasp:dependency-check>
+    </target>
+
     <target name="releaseaudit" depends="package,rats-taskdef" description="Release Audit
activities">
       <rat:report xmlns:rat="antlib:org.apache.rat.anttasks">
         <fileset dir="${dist.dir}">

http://git-wip-us.apache.org/repos/asf/zookeeper/blob/2d096b48/ivy.xml
----------------------------------------------------------------------
diff --git a/ivy.xml b/ivy.xml
index b102cee..16f2146 100644
--- a/ivy.xml
+++ b/ivy.xml
@@ -76,6 +76,8 @@
                 rev="2.4" conf="releaseaudit->default"/>
     <dependency org="commons-collections" name="commons-collections" 
                 rev="3.2.2" conf="releaseaudit->default"/>
+    <dependency org="org.owasp" name="dependency-check-ant"
+                rev="2.1.0" conf="releaseaudit->default"/>
 
     <dependency org="commons-io" name="commons-io" rev="2.4"
                 conf="test->default"/>


Mime
View raw message