Repository: zookeeper
Updated Branches:
refs/heads/branch-3.4 34665cd5b -> 2d096b480
ZOOKEEPER-2875: Add ant task for running OWASP dependency report
Simply run `ant owasp` and a report will be placed in `build/test/owasp`. The task will return
a nonzero status code if there are any vulnerabilities in any of the dependencies.
Author: Abraham Fine <afine@apache.org>
Reviewers: Michael Han <hanm@apache.org>
Closes #340 from afine/ZOOKEEPER-2875
(cherry picked from commit faab8d97fdc426341cfa38ebca3701fee8dc121e)
Project: http://git-wip-us.apache.org/repos/asf/zookeeper/repo
Commit: http://git-wip-us.apache.org/repos/asf/zookeeper/commit/2d096b48
Tree: http://git-wip-us.apache.org/repos/asf/zookeeper/tree/2d096b48
Diff: http://git-wip-us.apache.org/repos/asf/zookeeper/diff/2d096b48
Branch: refs/heads/branch-3.4
Commit: 2d096b48021223a41349eeb379015f1fecffab24
Parents: 34665cd
Author: Abraham Fine <afine@apache.org>
Authored: Sun Sep 10 21:33:29 2017 -0700
Committer: Patrick Hunt <phunt@apache.org>
Committed: Sat Sep 16 11:03:07 2017 -0700
----------------------------------------------------------------------
build.xml | 23 +++++++++++++++++++++++
ivy.xml | 2 ++
2 files changed, 25 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/zookeeper/blob/2d096b48/build.xml
----------------------------------------------------------------------
diff --git a/build.xml b/build.xml
index 233bfa1..249e771 100644
--- a/build.xml
+++ b/build.xml
@@ -1614,6 +1614,29 @@ xmlns:cs="antlib:com.puppycrawl.tools.checkstyle">
classpathref="releaseaudit-classpath"/>
</target>
+ <target name="owasp-taskdef" depends="ivy-retrieve-releaseaudit">
+ <typedef format="properties" resource="dependency-check-taskdefs.properties" uri="antlib:org.owasp.dependencycheck.anttasks"
classpathref="releaseaudit-classpath"/>
+ </target>
+
+ <target name="owasp" depends="owasp-taskdef,ivy-retrieve" description="OWASP dependency
check">
+ <property name="owasp.out.dir" value="${test.java.build.dir}/owasp" />
+
+ <owasp:dependency-check xmlns:owasp="antlib:org.owasp.dependencycheck.anttasks"
+ projectname="ZooKeeper"
+ reportoutputdirectory="${owasp.out.dir}"
+ reportformat="ALL"
+ failBuildOnCVSS="0">
+
+ <fileset dir="${ivy.lib}">
+ <include name="**/*.jar"/>
+ </fileset>
+
+ <fileset dir="${lib.dir}">
+ <include name="**/*.jar"/>
+ </fileset>
+ </owasp:dependency-check>
+ </target>
+
<target name="releaseaudit" depends="package,rats-taskdef" description="Release Audit
activities">
<rat:report xmlns:rat="antlib:org.apache.rat.anttasks">
<fileset dir="${dist.dir}">
http://git-wip-us.apache.org/repos/asf/zookeeper/blob/2d096b48/ivy.xml
----------------------------------------------------------------------
diff --git a/ivy.xml b/ivy.xml
index b102cee..16f2146 100644
--- a/ivy.xml
+++ b/ivy.xml
@@ -76,6 +76,8 @@
rev="2.4" conf="releaseaudit->default"/>
<dependency org="commons-collections" name="commons-collections"
rev="3.2.2" conf="releaseaudit->default"/>
+ <dependency org="org.owasp" name="dependency-check-ant"
+ rev="2.1.0" conf="releaseaudit->default"/>
<dependency org="commons-io" name="commons-io" rev="2.4"
conf="test->default"/>
|