upgrade dependency-check plugin and configure

microsoft · Aug 2, 2019 · 9b506e5 · 9b506e5
1 parent ec8e282
commit 9b506e5
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 2 deletions.
diff --git a/build.gradle b/build.gradle
@@ -29,8 +29,8 @@ buildscript {
         jcenter()
     }
     dependencies {
-        classpath 'com.google.protobuf:protobuf-gradle-plugin:0.8.6'
-        classpath 'org.owasp:dependency-check-gradle:4.0.2'
+        classpath 'com.google.protobuf:protobuf-gradle-plugin:0.8.10'
+        classpath 'org.owasp:dependency-check-gradle:5.2.0'
         classpath 'com.github.jengelman.gradle.plugins:shadow:5.0.0'
     }
 }
@@ -87,5 +87,9 @@ allprojects {
     }
 }
 
+wrapper {
+    distributionType = Wrapper.DistributionType.ALL
+}
+
 // endregion Root project script
 
diff --git a/gradle/common-java.gradle b/gradle/common-java.gradle
@@ -49,6 +49,18 @@ tasks.withType(Checkstyle) {
     }
 }
 
+dependencyCheck {
+    def supFile = "${project.projectDir}/dependency-check-suppressions.xml"
+    if (file(supFile).exists() && !Project.hasProperty('dependencyCheck.suppressions.skip')) {
+        suppressionFiles += supFile
+    }
+    outputDirectory = "${project.buildDir}/reports/dependency-check"
+    formats = ['HTML', 'JUNIT']
+    skipConfigurations = ['mavenDeployer']
+    cveValidForHours = 1
+    failBuildOnCVSS = 0
+}
+
 jacoco {
     toolVersion = "0.8.2"
 }