add ability to publish this plugin to Gradle Plugin Portal

Former-commit-id: 7dd9400a1871db2c880cecee3297734f39b3be4e
2026-03-28 11:52:15 +01:00 · 2015-05-13 10:17:07 +08:00
parent 51c3ebcdb8
commit d7351f97fe
2 changed files with 107 additions and 4 deletions
--- a/dependency-check-gradle/README.md
+++ b/dependency-check-gradle/README.md
@@ -6,3 +6,80 @@ Dependency-Check-Gradle
 This is a DependencyCheck gradle plugin designed for project which use Gradle as build script.
 Dependency-Check is a utility that attempts to detect publicly disclosed vulnerabilities contained within project dependencies. It does this by determining if there is a Common Platform Enumeration (CPE) identifier for a given dependency. If found, it will generate a report linking to the associated CVE entries.
 =========
 ## Usage
 ### Step 1, Apply dependency check gradle plugin
 Please refer to either one of the solution
 #### Solution 1，Bintray
 `
 apply plugin: "dependency-check"
 buildscript {
    repositories {
        maven {
            url 'http://dl.bintray.com/wei/maven'
        }
        mavenCentral()
    }
    dependencies {
        classpath(
                'com.tools.security:dependency-check:0.0.1'
        )
    }
 }
 `
 #### Solution 2，Gradle Plugin Portal
 [dependency check gradle plugin on Gradle Plugin Portal](https://plugins.gradle.org/plugin/dependency.check)
 **Build script snippet for new, incubating, plugin mechanism introduced in Gradle 2.1:**
 `
 // buildscript {
 //     ...
 // }
 plugins {
    id "dependency.check" version "0.0.1"
 }
 // apply plugin: ...
 `
 **Build script snippet for use in all Gradle versions:**
 `
 buildscript {
  repositories {
    maven {
      url "https://plugins.gradle.org/m2/"
    }
  }
  dependencies {
    classpath "gradle.plugin.com.tools.security:dependency-check:0.0.1"
  }
 }
 apply plugin: "dependency.check"
 `
 #### Solution 3，Maven Central
 working in progress
 ### Step 2, Run gradle task
 Once gradle plugin applied, run following gradle task to check the dependencies:
 `
 gradle dependencyCheck
 `
 The reports will be generated automatically under `./reports` folder.
--- a/dependency-check-gradle/build.gradle
+++ b/dependency-check-gradle/build.gradle
@@ -1,3 +1,15 @@
 buildscript {
    repositories {
        maven {
            url "https://plugins.gradle.org/m2/"
        }
    }
    dependencies {
        classpath "com.gradle.publish:plugin-publish-plugin:0.9.0"
    }
 }
 plugins {
    id 'nu.studer.plugindev' version '1.0.3'
 }
@@ -5,12 +17,10 @@ plugins {
 apply plugin: 'idea'
 apply plugin: 'groovy'
 apply plugin: 'maven'
 apply plugin: "com.gradle.plugin-publish"
 repositories {
    mavenCentral()
    maven {
        url 'http://dl.bintray.com/wei/maven'
    }
 }
 dependencies {
@@ -37,6 +47,7 @@ version = '0.0.1'
 //}
 //-------------------------------
 // publish to Bintray
 plugindev {
    pluginId = 'dependency.check'
    pluginName = 'dependency-check'
@@ -59,3 +70,18 @@ bintray {
    key = bintrayUserKey
    pkg.repo = bintrayRepo
 }
 // publish to gradle plugin portal
 pluginBundle {
    website = 'https://github.com/wmaintw/DependencyCheck'
    vcsUrl = 'git@github.com:wmaintw/DependencyCheck.git'
    description = 'This is dependency check gradle plugin.'
    tags = ['dependency check', 'security']
    plugins {
        dependencyCheckPlugin {
            id = 'dependency.check'
            displayName = 'dependency-check'
        }
    }
 }