From 1ae266dacef1559dc601c9bc5552529ffb04fbaa Mon Sep 17 00:00:00 2001 From: Andreas Fitzek Date: Fri, 26 Sep 2014 09:28:29 +0200 Subject: Changed Version to 4.0.1, added CVE check --- build.gradle | 35 ++++++++++++++++++++++++++++++++++- 1 file changed, 34 insertions(+), 1 deletion(-) (limited to 'build.gradle') diff --git a/build.gradle b/build.gradle index 6740e3c0..93fe2674 100644 --- a/build.gradle +++ b/build.gradle @@ -17,7 +17,7 @@ subprojects { } sourceCompatibility = 1.6 - version = '4.0.0-RC11' + version = '4.0.1' project.ext{ releaseRepoUrl = "file://${project(':').projectDir}/../mvn-repo/releases" snapshotRepoUrl = "file://${project(':').projectDir}/../mvn-repo/snapshots" @@ -30,6 +30,13 @@ subprojects { jar { manifest.attributes provider: 'EGIZ', 'Specification-Version': getCheckedOutGitCommitHash(), 'Implementation-Version': project.version } + task copyDeps(type: Copy) { + from configurations.runtime + into (new File(rootDir, 'build/alldependencies')).toString() + } + + checkCVE.dependsOn copyDeps + uploadArchives { repositories.mavenDeployer { repository(url: project.releaseRepoUrl) @@ -38,6 +45,32 @@ subprojects { } } +configurations { + cveCheck +} + +// Assign dependencies to the sshAntTask configuration. +dependencies { + cveCheck 'org.owasp:dependency-check-ant:1.2.5' +} + +task checkCVE << { + // Redefine checkCVEAnt Ant task, with the classpath property set to our newly defined + // cveCheck configuration classpath. + ant.taskdef(name: 'checkCVEAnt', classname: 'org.owasp.dependencycheck.taskdefs.DependencyCheckTask', + classpath: configurations.cveCheck.asPath) + + // executing checkCVEAnt Task + ant.checkCVEAnt( + applicationname: "PDF-AS", + reportoutputdirectory: (new File(rootDir, 'releases/cvecheck/' + project.name)).toString(), + reportformat: "ALL") { + fileset(dir: (new File(rootDir, 'build/alldependencies')).toString()) { + include(name: '**/**') + } + } +} + def getCheckedOutGitCommitHash() { def gitFolder = "$projectDir/.git/" def takeFromHash = 40 -- cgit v1.2.3