Repository: ant Updated Branches: refs/heads/master 20537a88e -> 538b7c9ff
run OWASP-checks against our dependencies (draft) Project: http://git-wip-us.apache.org/repos/asf/ant/repo Commit: http://git-wip-us.apache.org/repos/asf/ant/commit/d8278278 Tree: http://git-wip-us.apache.org/repos/asf/ant/tree/d8278278 Diff: http://git-wip-us.apache.org/repos/asf/ant/diff/d8278278 Branch: refs/heads/master Commit: d8278278c499d629d1c9d571b8fc0fae60a93eb8 Parents: 20537a8 Author: Jan Matèrne <j...@apache.org> Authored: Mon Jan 22 10:56:02 2018 +0100 Committer: Jan Matèrne <j...@apache.org> Committed: Mon Jan 22 10:56:02 2018 +0100 ---------------------------------------------------------------------- check.xml | 48 +++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 43 insertions(+), 5 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ant/blob/d8278278/check.xml ---------------------------------------------------------------------- diff --git a/check.xml b/check.xml index 92d0346..83e16a5 100644 --- a/check.xml +++ b/check.xml @@ -34,7 +34,7 @@ </description> <import file="build.xml"/> - + <property name="config.dir" location="${etc.dir}/checkstyle"/> <!-- Ant Checkstyle report --> @@ -229,7 +229,7 @@ inline="true" conf="default" pathid="findbugs.real.classpath" transitive="true"/> <!-- Load the Findbugs AntTasks --> <taskdef uri="http://findbugs.sourceforge.net/" resource="edu/umd/cs/findbugs/anttask/tasks.properties" classpathref="findbugs.real.classpath" /> - + <!-- Start Findbugs --> <mkdir dir="${findbugs.reportdir}"/> <fb:findbugs pluginlistref="findbugs.real.classpath" @@ -241,7 +241,7 @@ <class location="${build.classes}" /> <sourcePath path="${java.dir}" /> </fb:findbugs> - + <!-- Generate (human) readable output --> <xslt basedir="${findbugs.reportdir}" includes="${findbugs.raw}" destdir="${findbugs.reportdir}"> <style> @@ -249,8 +249,8 @@ </style> </xslt> </target> - - <target name="rat" description="--> Runs the ReleaseAuditingTool" depends="init-ivy"> + + <target name="rat" description="--> Runs the ReleaseAuditingTool" depends="init-ivy"> <ivy:cachepath organisation="org.apache.rat" module="apache-rat-tasks" revision="${rat.version}" inline="true" conf="default" pathid="rat.classpath" transitive="true"/> <typedef resource="org/apache/rat/anttasks/antlib.xml" @@ -265,4 +265,42 @@ </rat:report> </target> + <target name="dependency-check" description="--> Runs the OWASP dependency check"> + <property name="dependency-check.url" value="http://dl.bintray.com/jeremy-long/owasp/dependency-check-ant-3.1.0-release.zip"/> + <property name="tools.dir" value="tools"/> + <property name="dependency-check.dir" value="${tools.dir}/dependency-check"/> + <property name="dependency-check.home" value="${dependency-check.dir}/dependency-check-ant"/> + + <!--available property="dependency-check.present" file="${dependency-check.home}/dependency-check-ant/dependency-check-ant.jar"/--> + <condition property="dependency-check.present"> + <resourcecount when="greater" count="0"> + <fileset dir="${dependency-check.home}" includes="**/dependency-check-ant.jar"/> + </resourcecount> + </condition> + + <sequential unless:set="dependency-check.present"> + <mkdir dir="${dependency-check.home}"/> + <get src="${dependency-check.url}" dest="${dependency-check.dir}/dependency-check-ant.zip"/> + <unzip src="${dependency-check.dir}/dependency-check-ant.zip" dest="${dependency-check.dir}/dependency-check-ant"/> + </sequential> + + <path id="dependency-check.path"> + <pathelement location="${dependency-check.home}/dependency-check-ant.jar"/> + <fileset dir="${dependency-check.home}"> + <include name="**/*.jar"/> + </fileset> + </path> + <taskdef resource="dependency-check-taskdefs.properties" uri="https://jeremylong.github.io/"> + <classpath refid="dependency-check.path"/> + </taskdef> + + <owasp:dependency-check + xmlns:owasp="https://jeremylong.github.io/" + projectName="${ant.project.name}" + > + <fileset dir="lib" includes="**/*.jar"/> + <fileset dir="." includes="dist/**/*.jar"/> + </owasp:dependency-check> + </target> + </project>