|
|
@@ -105,6 +105,7 @@ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xs
|
|
|
<maven-bundle-plugin.version>2.5.0</maven-bundle-plugin.version>
|
|
|
<maven-checkstyle-plugin.version>2.15</maven-checkstyle-plugin.version>
|
|
|
<checkstyle.version>6.6</checkstyle.version>
|
|
|
+ <dependency-check-maven.version>1.3.6</dependency-check-maven.version>
|
|
|
|
|
|
<shell-executable>bash</shell-executable>
|
|
|
</properties>
|
|
|
@@ -214,6 +215,11 @@ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xs
|
|
|
<outputFile>${project.build.directory}/test/checkstyle-errors.xml</outputFile>
|
|
|
</configuration>
|
|
|
</plugin>
|
|
|
+ <plugin>
|
|
|
+ <groupId>org.owasp</groupId>
|
|
|
+ <artifactId>dependency-check-maven</artifactId>
|
|
|
+ <version>${dependency-check-maven.version}</version>
|
|
|
+ </plugin>
|
|
|
</plugins>
|
|
|
</pluginManagement>
|
|
|
|
|
|
@@ -285,6 +291,17 @@ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xs
|
|
|
<artifactId>maven-checkstyle-plugin</artifactId>
|
|
|
<version>${maven-checkstyle-plugin.version}</version>
|
|
|
</plugin>
|
|
|
+ <plugin>
|
|
|
+ <!-- OWASP's dependency-check plugin will scan the third party
|
|
|
+ dependencies of this project for known CVEs (security
|
|
|
+ vulnerabilities against them). It will produce a report
|
|
|
+ in target/dependency-check-report.html. To invoke, run
|
|
|
+ 'mvn dependency-check:aggregate'
|
|
|
+ -->
|
|
|
+ <groupId>org.owasp</groupId>
|
|
|
+ <artifactId>dependency-check-maven</artifactId>
|
|
|
+ <version>${dependency-check-maven.version}</version>
|
|
|
+ </plugin>
|
|
|
</plugins>
|
|
|
</build>
|
|
|
|
Andrew Wang