add ability to publish this plugin to Gradle Plugin Portal

Former-commit-id: 7dd9400a1871db2c880cecee3297734f39b3be4e
2026-01-14 07:43:40 +01:00 · 2015-05-13 10:17:07 +08:00
parent 51c3ebcdb8
commit d7351f97fe
2 changed files with 107 additions and 4 deletions
--- a/dependency-check-gradle/README.md
+++ b/dependency-check-gradle/README.md
@@ -5,4 +5,81 @@ Dependency-Check-Gradle

 This is a DependencyCheck gradle plugin designed for project which use Gradle as build script.

-Dependency-Check is a utility that attempts to detect publicly disclosed vulnerabilities contained within project dependencies. It does this by determining if there is a Common Platform Enumeration (CPE) identifier for a given dependency. If found, it will generate a report linking to the associated CVE entries.
+Dependency-Check is a utility that attempts to detect publicly disclosed vulnerabilities contained within project dependencies. It does this by determining if there is a Common Platform Enumeration (CPE) identifier for a given dependency. If found, it will generate a report linking to the associated CVE entries.
+
+=========
+
+## Usage
+
+### Step 1, Apply dependency check gradle plugin
+
+Please refer to either one of the solution
+
+#### Solution 1，Bintray
+
+`
+apply plugin: "dependency-check"
+
+buildscript {
+    repositories {
+        maven {
+            url 'http://dl.bintray.com/wei/maven'
+        }
+        mavenCentral()
+    }
+    dependencies {
+        classpath(
+                'com.tools.security:dependency-check:0.0.1'
+        )
+    }
+}
+`
+
+#### Solution 2，Gradle Plugin Portal
+
+[dependency check gradle plugin on Gradle Plugin Portal](https://plugins.gradle.org/plugin/dependency.check)
+
+**Build script snippet for new, incubating, plugin mechanism introduced in Gradle 2.1:**
+
+`
+// buildscript {
+//     ...
+// }
+
+plugins {
+    id "dependency.check" version "0.0.1"
+}
+
+// apply plugin: ...
+`
+
+**Build script snippet for use in all Gradle versions:**
+
+`
+buildscript {
+  repositories {
+    maven {
+      url "https://plugins.gradle.org/m2/"
+    }
+  }
+  dependencies {
+    classpath "gradle.plugin.com.tools.security:dependency-check:0.0.1"
+  }
+}
+
+apply plugin: "dependency.check"
+`
+
+#### Solution 3，Maven Central
+
+working in progress
+
+### Step 2, Run gradle task
+
+Once gradle plugin applied, run following gradle task to check the dependencies:
+
+`
+gradle dependencyCheck
+`
+
+The reports will be generated automatically under `./reports` folder.
--- a/dependency-check-gradle/build.gradle
+++ b/dependency-check-gradle/build.gradle
@@ -1,3 +1,15 @@
+buildscript {
+    repositories {
+        maven {
+            url "https://plugins.gradle.org/m2/"
+        }
+    }
+
+    dependencies {
+        classpath "com.gradle.publish:plugin-publish-plugin:0.9.0"
+    }
+}
+
 plugins {
    id 'nu.studer.plugindev' version '1.0.3'
 }
@@ -5,12 +17,10 @@ plugins {
 apply plugin: 'idea'
 apply plugin: 'groovy'
 apply plugin: 'maven'
+apply plugin: "com.gradle.plugin-publish"

 repositories {
    mavenCentral()
-    maven {
-        url 'http://dl.bintray.com/wei/maven'
-    }
 }

 dependencies {
@@ -37,6 +47,7 @@ version = '0.0.1'
 //}
 //-------------------------------

+// publish to Bintray
 plugindev {
    pluginId = 'dependency.check'
    pluginName = 'dependency-check'
@@ -58,4 +69,19 @@ bintray {
    user = bintrayUser
    key = bintrayUserKey
    pkg.repo = bintrayRepo
+}
+
+// publish to gradle plugin portal
+pluginBundle {
+    website = 'https://github.com/wmaintw/DependencyCheck'
+    vcsUrl = 'git@github.com:wmaintw/DependencyCheck.git'
+    description = 'This is dependency check gradle plugin.'
+    tags = ['dependency check', 'security']
+
+    plugins {
+        dependencyCheckPlugin {
+            id = 'dependency.check'
+            displayName = 'dependency-check'
+        }
+    }
 }