mirror of
https://github.com/ysoftdevs/DependencyCheck.git
synced 2026-01-14 15:53:36 +01:00
Merge branch 'master' of github.com:hgomez/DependencyCheck into hgomez-master
Former-commit-id: 031bd2f2e7c9ff211245654fc594fdb1b8630d9f
This commit is contained in:
Jeremy Long
@@ -153,6 +153,18 @@ public final class Settings {
|
||||
* The additional configured zip file extensions, if available.
|
||||
*/
|
||||
public static final String ADDITIONAL_ZIP_EXTENSIONS = "extensions.zip";
|
||||
/**
|
||||
* The properties key for whether Test Scope dependencies should be skipped.
|
||||
*/
|
||||
public static final String SKIP_TEST_SCOPE = "skip.test.scope";
|
||||
/**
|
||||
* The properties key for whether Runtime Scope dependencies should be skipped.
|
||||
*/
|
||||
public static final String SKIP_RUNTIME_SCOPE = "skip.runtime.scope";
|
||||
/**
|
||||
* The properties key for whether Provided Scope dependencies should be skipped.
|
||||
*/
|
||||
public static final String SKIP_PROVIDED_SCOPE = "skip.provided.scope";
|
||||
}
|
||||
/**
|
||||
* The properties file location.
|
||||
|
||||
@@ -233,6 +233,23 @@ public class DependencyCheckMojo extends AbstractMojo implements MavenMultiPageR
|
||||
*/
|
||||
@Parameter(property = "zipExtensions", required = false)
|
||||
private String zipExtensions;
|
||||
/**
|
||||
* Skip Analisys for Test Scope Dependencies
|
||||
*/
|
||||
@Parameter(property = "skipTestScope", defaultValue = "true", required = false)
|
||||
private boolean skipTestScope = true;
|
||||
/**
|
||||
* Skip Analisys for Runtime Scope Dependencies
|
||||
*/
|
||||
@Parameter(property = "skipRuntimeScope", defaultValue = "false", required = false)
|
||||
private boolean skipRuntimeScope = false;
|
||||
/**
|
||||
* Skip Analisys for Provided Scope Dependencies
|
||||
*/
|
||||
@Parameter(property = "skipProvidedScope", defaultValue = "false", required = false)
|
||||
private boolean skipProvidedScope = false;
|
||||
|
||||
|
||||
// </editor-fold>
|
||||
/**
|
||||
* Executes the Dependency-Check on the dependent libraries.
|
||||
@@ -248,9 +265,16 @@ public class DependencyCheckMojo extends AbstractMojo implements MavenMultiPageR
|
||||
final Engine engine = new Engine();
|
||||
final Set<Artifact> artifacts = project.getArtifacts();
|
||||
for (Artifact a : artifacts) {
|
||||
if (!Artifact.SCOPE_TEST.equals(a.getScope()) && !Artifact.SCOPE_PROVIDED.equals(a.getScope()) && !Artifact.SCOPE_RUNTIME.equals(a.getScope())) {
|
||||
if (skipTestScope && Artifact.SCOPE_TEST.equals(a.getScope()))
|
||||
continue;
|
||||
|
||||
if (skipProvidedScope && Artifact.SCOPE_PROVIDED.equals(a.getScope()))
|
||||
continue;
|
||||
|
||||
if (skipRuntimeScope && !Artifact.SCOPE_RUNTIME.equals(a.getScope()))
|
||||
continue;
|
||||
|
||||
engine.scan(a.getFile().getAbsolutePath());
|
||||
}
|
||||
}
|
||||
engine.analyzeDependencies();
|
||||
return engine;
|
||||
@@ -710,6 +734,9 @@ public class DependencyCheckMojo extends AbstractMojo implements MavenMultiPageR
|
||||
if (zipExtensions != null && !zipExtensions.isEmpty()) {
|
||||
Settings.setString(Settings.KEYS.ADDITIONAL_ZIP_EXTENSIONS, zipExtensions);
|
||||
}
|
||||
Settings.setBoolean(Settings.KEYS.SKIP_TEST_SCOPE, skipTestScope);
|
||||
Settings.setBoolean(Settings.KEYS.SKIP_RUNTIME_SCOPE, skipRuntimeScope);
|
||||
Settings.setBoolean(Settings.KEYS.SKIP_PROVIDED_SCOPE, skipProvidedScope);
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -15,11 +15,14 @@ proxyUrl | The Proxy URL. |
|
||||
proxyPort | The Proxy Port. |
|
||||
proxyUsername | Defines the proxy user name. |
|
||||
proxyPassword | Defines the proxy password. |
|
||||
nexusAnalyzerEnabled | The connection timeout used when downloading data files from the Internet. |
|
||||
nexusUrl | The connection timeout used when downloading data files from the Internet. |
|
||||
nexusAnalyzerEnabled | Sets whether Nexus Analyzer will be used. |
|
||||
nexusUrl | Defines the Nexus URL. |
|
||||
databaseDriverName | The name of the database driver. Example: org.h2.Driver. |
|
||||
databaseDriverPath | The path to the database driver JAR file; only used if the driver is not in the class path. |
|
||||
connectionString | The connection string used to connect to the database. |
|
||||
databaseUser | The username used when connecting to the database. |
|
||||
databasePassword | The password used when connecting to the database. |
|
||||
zipExtensions | A comma-separated list of additional file extensions to be treated like a ZIP file, the contents will be extracted and analyzed. |
|
||||
skipTestScope | Should be skip analysis for artifacts with Test Scope (default: true) |
|
||||
skipProvidedScope | Should be skip analysis for artifacts with Provided Scope (default: false) |
|
||||
skipRuntimeScope | Should be skip analysis for artifacts with Runtime Scope (default: false) |
|
||||
|
||||
@@ -103,3 +103,36 @@ Create the dependency-check report within the site
|
||||
...
|
||||
</project>
|
||||
```
|
||||
Example 4:
|
||||
---------------------
|
||||
Create the DependencyCheck-report.html and skip artifacts no bundled in distribution (Provided and Runtime scope)
|
||||
|
||||
```xml
|
||||
<project>
|
||||
<build>
|
||||
<plugins>
|
||||
...
|
||||
<plugin>
|
||||
<groupId>org.owasp</groupId>
|
||||
<artifactId>dependency-check-maven</artifactId>
|
||||
<version>${project.version}</version>
|
||||
<configuration>
|
||||
<skipProvidedScope>true</skipProvidedScope>
|
||||
<skipRuntimeScope>true</skipRuntimeScope>
|
||||
</configuration>
|
||||
<executions>
|
||||
<execution>
|
||||
<goals>
|
||||
<goal>check</goal>
|
||||
</goals>
|
||||
</execution>
|
||||
</executions>
|
||||
</plugin>
|
||||
...
|
||||
</plugins>
|
||||
...
|
||||
</build>
|
||||
...
|
||||
</project>
|
||||
```
|
||||
|
||||
|
||||
Reference in New Issue
Block a user