github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-14 07:43:40 +01:00
Code Issues Packages Projects Releases Wiki Activity

update to make failure more verbose for issue #57

Browse Source 
Former-commit-id: 7315afe74cc78c65254e5f12032ece0a461be751
This commit is contained in:
Jeremy Long
2014-02-08 12:09:58 -05:00
parent 4cfb451755
commit 3b5b832bbc
1 changed files with 7 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/DependencyCheckMojo.java
View File

@@ -748,12 +748,12 @@ public class DependencyCheckMojo extends AbstractMojo implements MavenMultiPageR
public void execute() throws MojoExecutionException, MojoFailureException {
final Engine engine = executeDependencyCheck();
generateExternalReports(engine);
if (this.failBuildOnCVSS <= 10) {
checkForFailure(engine.getDependencies());
}
if (this.showSummary) {
showSummary(engine.getDependencies());
}
if (this.failBuildOnCVSS <= 10) {
checkForFailure(engine.getDependencies());
}
}
/**
@@ -867,9 +867,12 @@ public class DependencyCheckMojo extends AbstractMojo implements MavenMultiPageR
private void checkForFailure(List<Dependency> dependencies) throws MojoFailureException {
final StringBuilder ids = new StringBuilder();
for (Dependency d : dependencies) {
boolean addName = true;
for (Vulnerability v : d.getVulnerabilities()) {
if (v.getCvssScore() >= failBuildOnCVSS) {
if (ids.length() == 0) {
if (addName) {
addName = false;
ids.append(NEW_LINE).append(d.getFileName()).append(": ");
ids.append(v.getName());
} else {
ids.append(", ").append(v.getName());