mirror of
https://github.com/ysoftdevs/DependencyCheck.git
synced 2026-01-14 15:53:36 +01:00
313 lines
14 KiB
XML
313 lines
14 KiB
XML
<!--
|
|
This file is part of dependency-check-maven.
|
|
|
|
Dependency-check-maven is free software: you can redistribute it and/or modify it
|
|
under the terms of the GNU General Public License as published by the Free
|
|
Software Foundation, either version 3 of the License, or (at your option) any
|
|
later version.
|
|
|
|
Dependency-check-maven is distributed in the hope that it will be useful, but
|
|
WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
|
|
FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
|
|
details.
|
|
|
|
You should have received a copy of the GNU General Public License along with
|
|
dependency-check-maven. If not, see http://www.gnu.org/licenses/.
|
|
|
|
Copyright (c) 2013 Jeremy Long. All Rights Reserved.
|
|
-->
|
|
|
|
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
|
|
<modelVersion>4.0.0</modelVersion>
|
|
<url>http://maven.apache.org</url>
|
|
|
|
<parent>
|
|
<groupId>org.owasp</groupId>
|
|
<artifactId>dependency-check-parent</artifactId>
|
|
<version>1.0.8-SNAPSHOT</version>
|
|
</parent>
|
|
|
|
<artifactId>dependency-check-maven</artifactId>
|
|
<packaging>maven-plugin</packaging>
|
|
|
|
<name>Dependency-Check Maven Plugin</name>
|
|
<description>Dependency-Check-Maven is a Maven Plugin that attempts to detect publicly disclosed vulnerabilities contained within project dependencies. It does this by determining if there is a Common Platform Enumeration (CPE) identifier for a given dependency. If found, it will generate a report linking to the associated CVE entries.</description>
|
|
<inceptionYear>2013</inceptionYear>
|
|
<!-- begin copy from http://minds.coremedia.com/2012/09/11/problem-solved-deploy-multi-module-maven-project-site-as-github-pages/ -->
|
|
<distributionManagement>
|
|
<site>
|
|
<id>github-pages-site</id>
|
|
<name>Deployment through GitHub's site deployment plugin</name>
|
|
<url>${basedir}/../target/site/${project.version}/dependency-check-maven</url>
|
|
</site>
|
|
</distributionManagement>
|
|
<!-- end copy -->
|
|
<prerequisites>
|
|
<maven>3.0</maven>
|
|
</prerequisites>
|
|
<build>
|
|
<resources>
|
|
<resource>
|
|
<directory>src/main/resources</directory>
|
|
<includes>
|
|
<include>**/*.properties</include>
|
|
</includes>
|
|
<filtering>true</filtering>
|
|
</resource>
|
|
<resource>
|
|
<directory>${basedir}</directory>
|
|
<targetPath>META-INF</targetPath>
|
|
<includes>
|
|
<include>LICENSE.txt</include>
|
|
<include>NOTICE.txt</include>
|
|
</includes>
|
|
</resource>
|
|
</resources>
|
|
|
|
<plugins>
|
|
<plugin>
|
|
<groupId>org.apache.maven.plugins</groupId>
|
|
<artifactId>maven-plugin-plugin</artifactId>
|
|
<version>3.2</version>
|
|
<configuration>
|
|
<skipErrorNoDescriptorsFound>true</skipErrorNoDescriptorsFound>
|
|
<goalPrefix>dependency-check</goalPrefix>
|
|
</configuration>
|
|
<executions>
|
|
<execution>
|
|
<id>mojo-descriptor</id>
|
|
<goals>
|
|
<goal>descriptor</goal>
|
|
</goals>
|
|
</execution>
|
|
<execution>
|
|
<id>generated-helpmojo</id>
|
|
<goals>
|
|
<goal>helpmojo</goal>
|
|
</goals>
|
|
</execution>
|
|
</executions>
|
|
</plugin>
|
|
<plugin>
|
|
<inherited>true</inherited>
|
|
<groupId>org.apache.maven.plugins</groupId>
|
|
<artifactId>maven-enforcer-plugin</artifactId>
|
|
<version>1.2</version>
|
|
<executions>
|
|
<execution>
|
|
<id>enforce-maven-3</id>
|
|
<goals>
|
|
<goal>enforce</goal>
|
|
</goals>
|
|
<configuration>
|
|
<rules>
|
|
<requireMavenVersion>
|
|
<version>[3.0,]</version>
|
|
</requireMavenVersion>
|
|
</rules>
|
|
<fail>true</fail>
|
|
</configuration>
|
|
</execution>
|
|
</executions>
|
|
</plugin>
|
|
<plugin>
|
|
<groupId>org.apache.maven.plugins</groupId>
|
|
<artifactId>maven-site-plugin</artifactId>
|
|
<version>3.3</version>
|
|
<dependencies>
|
|
<dependency>
|
|
<groupId>org.apache.maven.doxia</groupId>
|
|
<artifactId>doxia-module-markdown</artifactId>
|
|
<version>1.4</version>
|
|
</dependency>
|
|
</dependencies>
|
|
<configuration>
|
|
<skipDeploy>true</skipDeploy>
|
|
<reportPlugins>
|
|
<plugin>
|
|
<groupId>org.apache.maven.plugins</groupId>
|
|
<artifactId>maven-project-info-reports-plugin</artifactId>
|
|
<version>2.6</version>
|
|
<reportSets>
|
|
<reportSet>
|
|
<reports>
|
|
<report>index</report>
|
|
<report>summary</report>
|
|
<report>license</report>
|
|
<report>help</report>
|
|
</reports>
|
|
</reportSet>
|
|
</reportSets>
|
|
</plugin>
|
|
<plugin>
|
|
<groupId>org.apache.maven.plugins</groupId>
|
|
<artifactId>maven-plugin-plugin</artifactId>
|
|
<version>3.2</version>
|
|
<configuration>
|
|
<goalPrefix>dependency-check</goalPrefix>
|
|
</configuration>
|
|
</plugin>
|
|
<plugin>
|
|
<groupId>org.apache.maven.plugins</groupId>
|
|
<artifactId>maven-javadoc-plugin</artifactId>
|
|
<version>2.9</version>
|
|
<reportSets>
|
|
<reportSet>
|
|
<id>default</id>
|
|
<reports>
|
|
<report>javadoc</report>
|
|
</reports>
|
|
</reportSet>
|
|
</reportSets>
|
|
</plugin>
|
|
<plugin>
|
|
<groupId>org.codehaus.mojo</groupId>
|
|
<artifactId>versions-maven-plugin</artifactId>
|
|
<version>2.0</version>
|
|
<reportSets>
|
|
<reportSet>
|
|
<reports>
|
|
<report>dependency-updates-report</report>
|
|
<report>plugin-updates-report</report>
|
|
</reports>
|
|
</reportSet>
|
|
</reportSets>
|
|
</plugin>
|
|
<plugin>
|
|
<groupId>org.apache.maven.plugins</groupId>
|
|
<artifactId>maven-jxr-plugin</artifactId>
|
|
<version>2.3</version>
|
|
</plugin>
|
|
<plugin>
|
|
<groupId>org.codehaus.mojo</groupId>
|
|
<artifactId>cobertura-maven-plugin</artifactId>
|
|
<version>2.5.2</version>
|
|
</plugin>
|
|
<plugin>
|
|
<groupId>org.apache.maven.plugins</groupId>
|
|
<artifactId>maven-surefire-report-plugin</artifactId>
|
|
<version>2.14</version>
|
|
<reportSets>
|
|
<reportSet>
|
|
<reports>
|
|
<report>report-only</report>
|
|
</reports>
|
|
</reportSet>
|
|
</reportSets>
|
|
</plugin>
|
|
<plugin>
|
|
<groupId>org.codehaus.mojo</groupId>
|
|
<artifactId>taglist-maven-plugin</artifactId>
|
|
<version>2.4</version>
|
|
<configuration>
|
|
<tagListOptions>
|
|
<tagClasses>
|
|
<tagClass>
|
|
<displayName>Todo Work</displayName>
|
|
<tags>
|
|
<tag>
|
|
<matchString>todo</matchString>
|
|
<matchType>ignoreCase</matchType>
|
|
</tag>
|
|
<tag>
|
|
<matchString>FIXME</matchString>
|
|
<matchType>exact</matchType>
|
|
</tag>
|
|
</tags>
|
|
</tagClass>
|
|
</tagClasses>
|
|
</tagListOptions>
|
|
</configuration>
|
|
</plugin>
|
|
<plugin>
|
|
<groupId>org.apache.maven.plugins</groupId>
|
|
<artifactId>maven-checkstyle-plugin</artifactId>
|
|
<version>2.10</version>
|
|
<configuration>
|
|
<enableRulesSummary>false</enableRulesSummary>
|
|
<configLocation>${basedir}/config/checkstyle-checks.xml</configLocation>
|
|
<headerLocation>${basedir}/config/checkstyle-header.txt</headerLocation>
|
|
<suppressionsLocation>${basedir}/config/checkstyle-suppressions.xml</suppressionsLocation>
|
|
<suppressionsFileExpression>checkstyle.suppressions.file</suppressionsFileExpression>
|
|
</configuration>
|
|
</plugin>
|
|
<plugin>
|
|
<groupId>org.apache.maven.plugins</groupId>
|
|
<artifactId>maven-pmd-plugin</artifactId>
|
|
<version>3.0.1</version>
|
|
<configuration>
|
|
<targetJdk>1.6</targetJdk>
|
|
<linkXref>true</linkXref>
|
|
<sourceEncoding>utf-8</sourceEncoding>
|
|
<excludes>
|
|
<exclude>**/generated/*.java</exclude>
|
|
</excludes>
|
|
</configuration>
|
|
</plugin>
|
|
<plugin>
|
|
<groupId>org.codehaus.mojo</groupId>
|
|
<artifactId>findbugs-maven-plugin</artifactId>
|
|
<version>2.5.2</version>
|
|
</plugin>
|
|
</reportPlugins>
|
|
</configuration>
|
|
</plugin>
|
|
<plugin>
|
|
<groupId>org.apache.maven.plugins</groupId>
|
|
<artifactId>maven-compiler-plugin</artifactId>
|
|
<version>2.3.2</version>
|
|
<configuration>
|
|
<showDeprecation>false</showDeprecation>
|
|
</configuration>
|
|
</plugin>
|
|
</plugins>
|
|
</build>
|
|
|
|
<dependencies>
|
|
<dependency>
|
|
<groupId>org.owasp</groupId>
|
|
<artifactId>dependency-check-core</artifactId>
|
|
<version>${project.parent.version}</version>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.apache.maven</groupId>
|
|
<artifactId>maven-plugin-api</artifactId>
|
|
<version>3.0</version>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.apache.maven</groupId>
|
|
<artifactId>maven-core</artifactId>
|
|
<version>3.0</version>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.apache.maven.plugins</groupId>
|
|
<artifactId>maven-site-plugin</artifactId>
|
|
<version>3.0</version>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.apache.maven.plugin-tools</groupId>
|
|
<artifactId>maven-plugin-annotations</artifactId>
|
|
<version>3.0</version>
|
|
<scope>compile</scope>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.apache.maven.reporting</groupId>
|
|
<artifactId>maven-reporting-api</artifactId>
|
|
<version>3.0</version>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>junit</groupId>
|
|
<artifactId>junit</artifactId>
|
|
<version>4.11</version>
|
|
<scope>test</scope>
|
|
<type>jar</type>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.apache.maven.plugin-testing</groupId>
|
|
<artifactId>maven-plugin-testing-harness</artifactId>
|
|
<version>2.1</version>
|
|
<scope>test</scope>
|
|
</dependency>
|
|
</dependencies>
|
|
</project>
|