zookeeper-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ph...@apache.org
Subject zookeeper git commit: ZOOKEEPER-2875: Add ant task for running OWASP dependency report
Date Sat, 16 Sep 2017 19:48:39 GMT 
Repository: zookeeper
Updated Branches:
  refs/heads/branch-3.5 ba115830e -> b66a12c5c


ZOOKEEPER-2875: Add ant task for running OWASP dependency report

Simply run `ant owasp` and a report will be placed in `build/test/owasp`. The task will return
a nonzero status code if there are any vulnerabilities in any of the dependencies.

Author: Abraham Fine <afine@apache.org>

Reviewers: Michael Han <hanm@apache.org>

Closes #340 from afine/ZOOKEEPER-2875

(cherry picked from commit faab8d97fdc426341cfa38ebca3701fee8dc121e)


Project: http://git-wip-us.apache.org/repos/asf/zookeeper/repo
Commit: http://git-wip-us.apache.org/repos/asf/zookeeper/commit/b66a12c5
Tree: http://git-wip-us.apache.org/repos/asf/zookeeper/tree/b66a12c5
Diff: http://git-wip-us.apache.org/repos/asf/zookeeper/diff/b66a12c5

Branch: refs/heads/branch-3.5
Commit: b66a12c5ca6f99d7d6e8a9c078ef48beee93017b
Parents: ba11583
Author: Abraham Fine <afine@apache.org>
Authored: Sun Sep 10 21:33:29 2017 -0700
Committer: Patrick Hunt <phunt@apache.org>
Committed: Sat Sep 16 12:48:07 2017 -0700

----------------------------------------------------------------------
 build.xml | 23 +++++++++++++++++++++++
 ivy.xml   |  2 ++
 2 files changed, 25 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/zookeeper/blob/b66a12c5/build.xml
----------------------------------------------------------------------
diff --git a/build.xml b/build.xml
index 5f31e96..0e9ae3d 100644
--- a/build.xml
+++ b/build.xml
@@ -1534,6 +1534,29 @@ xmlns:cs="antlib:com.puppycrawl.tools.checkstyle.ant">
                classpathref="releaseaudit-classpath"/>
     </target>
 
+    <target name="owasp-taskdef" depends="ivy-retrieve-releaseaudit">
+        <typedef format="properties" resource="dependency-check-taskdefs.properties" uri="antlib:org.owasp.dependencycheck.anttasks"
classpathref="releaseaudit-classpath"/>
+    </target>
+
+    <target name="owasp" depends="owasp-taskdef,ivy-retrieve" description="OWASP dependency
check">
+        <property name="owasp.out.dir" value="${test.java.build.dir}/owasp" />
+
+        <owasp:dependency-check xmlns:owasp="antlib:org.owasp.dependencycheck.anttasks"
+                          projectname="ZooKeeper"
+                          reportoutputdirectory="${owasp.out.dir}"
+                          reportformat="ALL"
+                          failBuildOnCVSS="0">
+
+            <fileset dir="${ivy.lib}">
+                <include name="**/*.jar"/>
+            </fileset>
+
+            <fileset dir="${lib.dir}">
+                <include name="**/*.jar"/>
+            </fileset>
+        </owasp:dependency-check>
+    </target>
+
     <target name="releaseaudit" depends="package,rats-taskdef" description="Release Audit
activities">
       <rat:report xmlns:rat="antlib:org.apache.rat.anttasks">
         <fileset dir="${dist.dir}">

http://git-wip-us.apache.org/repos/asf/zookeeper/blob/b66a12c5/ivy.xml
----------------------------------------------------------------------
diff --git a/ivy.xml b/ivy.xml
index fc77f09..a245d2a 100644
--- a/ivy.xml
+++ b/ivy.xml
@@ -77,6 +77,8 @@
                 rev="2.6" conf="releaseaudit->default"/>
     <dependency org="commons-collections" name="commons-collections" 
                 rev="3.2.2" conf="releaseaudit->default"/>
+    <dependency org="org.owasp" name="dependency-check-ant"
+                rev="2.1.0" conf="releaseaudit->default"/>
 
     <dependency org="commons-io" name="commons-io" rev="2.4"
                 conf="test->default"/>
Mime
View raw message