This is an automated email from the ASF dual-hosted git repository.
tallison pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tika.git
The following commit(s) were added to refs/heads/main by this push:
new 5ca63f2 TIKA-3621 -- add an ossindex-fail profile and action in
github to check for vulnerable dependencies
5ca63f2 is described below
commit 5ca63f25113044802c5a2b7a276d000a711530b9
Author: tballison <[email protected]>
AuthorDate: Thu Dec 16 11:57:39 2021 -0500
TIKA-3621 -- add an ossindex-fail profile and action in github to check for
vulnerable dependencies
---
.../workflows/main-jdk8-ossindex-fail-build.yml | 41 ++++++++++++++++++++++
tika-parent/pom.xml | 28 +++++++++++++++
2 files changed, 69 insertions(+)
diff --git a/.github/workflows/main-jdk8-ossindex-fail-build.yml
b/.github/workflows/main-jdk8-ossindex-fail-build.yml
new file mode 100644
index 0000000..a6b8619
--- /dev/null
+++ b/.github/workflows/main-jdk8-ossindex-fail-build.yml
@@ -0,0 +1,41 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+name: main pr build
+
+on:
+ push:
+ branches: [ main ]
+ pull_request:
+ branches: [ main ]
+
+
+jobs:
+ build:
+ runs-on: ubuntu-latest
+ strategy:
+ matrix:
+ java: [ '1.8' ]
+
+ steps:
+ - uses: actions/checkout@v2
+ - name: Set up JDK ${{ matrix.java }}
+ uses: actions/setup-java@v1
+ with:
+ java-version: ${{ matrix.java }}
+ - name: Build with Maven
+ run: mvn -Possindex-fail clean test
diff --git a/tika-parent/pom.xml b/tika-parent/pom.xml
index fe305de..2b94ad4 100644
--- a/tika-parent/pom.xml
+++ b/tika-parent/pom.xml
@@ -881,6 +881,34 @@
</plugins>
</build>
</profile>
+ <profile>
+ <id>ossindex-fail</id>
+ <!-- actually fail the build on vulnerabilities -->
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.sonatype.ossindex.maven</groupId>
+ <artifactId>ossindex-maven-plugin</artifactId>
+ <version>3.1.0</version>
+ <configuration>
+ <fail>true</fail>
+ <excludeCoordinates>
+ <!-- <coordinate> </coordinate> -->
+ </excludeCoordinates>
+ </configuration>
+ <executions>
+ <execution>
+ <id>audit-dependencies</id>
+ <phase>validate</phase>
+ <goals>
+ <goal>audit</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
+ </profile>
</profiles>
<scm>
