zookeeper-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From h...@apache.org
Subject zookeeper git commit: ZOOKEEPER-2875: Add ant task for running OWASP dependency report
Date Mon, 11 Sep 2017 04:33:41 GMT
Repository: zookeeper
Updated Branches:
  refs/heads/master 86577c9d8 -> faab8d97f


ZOOKEEPER-2875: Add ant task for running OWASP dependency report

Simply run `ant owasp` and a report will be placed in `build/test/owasp`. The task will return
a nonzero status code if there are any vulnerabilities in any of the dependencies.

Author: Abraham Fine <afine@apache.org>

Reviewers: Michael Han <hanm@apache.org>

Closes #340 from afine/ZOOKEEPER-2875


Project: http://git-wip-us.apache.org/repos/asf/zookeeper/repo
Commit: http://git-wip-us.apache.org/repos/asf/zookeeper/commit/faab8d97
Tree: http://git-wip-us.apache.org/repos/asf/zookeeper/tree/faab8d97
Diff: http://git-wip-us.apache.org/repos/asf/zookeeper/diff/faab8d97

Branch: refs/heads/master
Commit: faab8d97fdc426341cfa38ebca3701fee8dc121e
Parents: 86577c9
Author: Abraham Fine <afine@apache.org>
Authored: Sun Sep 10 21:33:29 2017 -0700
Committer: Michael Han <hanm@apache.org>
Committed: Sun Sep 10 21:33:29 2017 -0700

----------------------------------------------------------------------
 build.xml | 23 +++++++++++++++++++++++
 ivy.xml   |  2 ++
 2 files changed, 25 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/zookeeper/blob/faab8d97/build.xml
----------------------------------------------------------------------
diff --git a/build.xml b/build.xml
index d49d016..3b5b1ea 100644
--- a/build.xml
+++ b/build.xml
@@ -1528,6 +1528,29 @@ xmlns:cs="antlib:com.puppycrawl.tools.checkstyle.ant">
                classpathref="releaseaudit-classpath"/>
     </target>
 
+    <target name="owasp-taskdef" depends="ivy-retrieve-releaseaudit">
+        <typedef format="properties" resource="dependency-check-taskdefs.properties" uri="antlib:org.owasp.dependencycheck.anttasks"
classpathref="releaseaudit-classpath"/>
+    </target>
+
+    <target name="owasp" depends="owasp-taskdef,ivy-retrieve" description="OWASP dependency
check">
+        <property name="owasp.out.dir" value="${test.java.build.dir}/owasp" />
+
+        <owasp:dependency-check xmlns:owasp="antlib:org.owasp.dependencycheck.anttasks"
+                          projectname="ZooKeeper"
+                          reportoutputdirectory="${owasp.out.dir}"
+                          reportformat="ALL"
+                          failBuildOnCVSS="0">
+
+            <fileset dir="${ivy.lib}">
+                <include name="**/*.jar"/>
+            </fileset>
+
+            <fileset dir="${lib.dir}">
+                <include name="**/*.jar"/>
+            </fileset>
+        </owasp:dependency-check>
+    </target>
+
     <target name="releaseaudit" depends="package,rats-taskdef" description="Release Audit
activities">
       <rat:report xmlns:rat="antlib:org.apache.rat.anttasks">
         <fileset dir="${dist.dir}">

http://git-wip-us.apache.org/repos/asf/zookeeper/blob/faab8d97/ivy.xml
----------------------------------------------------------------------
diff --git a/ivy.xml b/ivy.xml
index 577af37..7bc49ce 100644
--- a/ivy.xml
+++ b/ivy.xml
@@ -77,6 +77,8 @@
                 rev="2.6" conf="releaseaudit->default"/>
     <dependency org="commons-collections" name="commons-collections" 
                 rev="3.2.2" conf="releaseaudit->default"/>
+    <dependency org="org.owasp" name="dependency-check-ant"
+                rev="2.1.0" conf="releaseaudit->default"/>
 
     <dependency org="net.java.dev.javacc" name="javacc" rev="5.0"
                 conf="javacc->default" />


Mime
View raw message