diff --git a/Jenkinsfile b/Jenkinsfile
index b615189..bc65cdb 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -173,9 +173,9 @@ pipeline {
script {
// If this build is not a pull request, run full owasp scan. Otherwise run incremental scan
if (env.CHANGE_ID == null) {
- sh 'mvn install -q -B -Powasp -DskipTests=true -DskipStatic=true $DISABLE_DOWNLOAD_PROGRESS_OPTS'
+ sh 'mvn org.commonjava.maven.plugins:directory-maven-plugin:highest-basedir@directories dependency-check:aggregate -Powasp -DskipTests=true -DskipStatic=true $DISABLE_DOWNLOAD_PROGRESS_OPTS'
} else {
- sh 'mvn install -q -B -Powasp -DskipTests=true -DskipStatic=true -Dgib.enabled=true -Dgib.referenceBranch=/refs/remotes/origin/$CHANGE_TARGET $DISABLE_DOWNLOAD_PROGRESS_OPTS'
+ sh 'mvn org.commonjava.maven.plugins:directory-maven-plugin:highest-basedir@directories dependency-check:aggregate -Powasp -DskipTests=true -DskipStatic=true -Dgib.enabled=true -Dgib.referenceBranch=/refs/remotes/origin/$CHANGE_TARGET $DISABLE_DOWNLOAD_PROGRESS_OPTS'
}
}
}
@@ -201,15 +201,13 @@ pipeline {
}
stage ('SonarCloud') {
steps {
- withMaven(maven: 'maven-latest', jdk: 'jdk8-latest', globalMavenSettingsConfig: 'default-global-settings', mavenSettingsConfig: 'codice-maven-settings', mavenOpts: '${LINUX_MVN_RANDOM}') {
+ withMaven(maven: 'maven-latest', jdk: 'jdk11', globalMavenSettingsConfig: 'default-global-settings', mavenSettingsConfig: 'codice-maven-settings', mavenOpts: '${LINUX_MVN_RANDOM}') {
withCredentials([string(credentialsId: 'sonarqube-token', variable: 'SONAR_TOKEN')]) {
script {
// If this build is not a pull request, run sonar scan. otherwise run incremental scan
if (env.CHANGE_ID == null) {
- sh 'mvn -q -B -Dcheckstyle.skip=true org.jacoco:jacoco-maven-plugin:prepare-agent install sonar:sonar -Dsonar.host.url=https://sonarcloud.io -Dsonar.login=$SONAR_TOKEN -Dsonar.organization=codice -Dsonar.projectKey=${SONAR_PROJECT_KEY} -Dsonar.exclusions=${COVERAGE_EXCLUSIONS} $DISABLE_DOWNLOAD_PROGRESS_OPTS'
- } else {
- sh 'mvn -q -B -Dcheckstyle.skip=true org.jacoco:jacoco-maven-plugin:prepare-agent install sonar:sonar -Dsonar.pullrequest.provider=github -Dsonar.pullrequest.github.repository=${GITHUB_USERNAME}/${GITHUB_REPONAME} -Dsonar.pullrequest.github.endpoint=https://api.github.com/ -Dsonar.pullrequest.branch=${BRANCH_NAME} -Dsonar.pullrequest.key=${CHANGE_ID} -Dsonar.pullrequest.base=${CHANGE_TARGET} -Dsonar.host.url=https://sonarcloud.io -Dsonar.login=$SONAR_TOKEN -Dsonar.organization=codice -Dsonar.projectKey=${SONAR_PROJECT_KEY} -Dsonar.exclusions=${COVERAGE_EXCLUSIONS} -Dgib.enabled=true -Dgib.referenceBranch=/refs/remotes/origin/$CHANGE_TARGET $DISABLE_DOWNLOAD_PROGRESS_OPTS'
- }
+ sh 'mvn -q -B -Dcheckstyle.skip=true org.jacoco:jacoco-maven-plugin:prepare-agent sonar:sonar -Dsonar.host.url=https://sonarcloud.io -Dsonar.login=$SONAR_TOKEN -Dsonar.organization=codice -Dsonar.projectKey=${SONAR_PROJECT_KEY} -Dsonar.exclusions=${COVERAGE_EXCLUSIONS} $DISABLE_DOWNLOAD_PROGRESS_OPTS'
+ }
}
}
}
diff --git a/pom.xml b/pom.xml
index c46a86d..0f20597 100644
--- a/pom.xml
+++ b/pom.xml
@@ -70,10 +70,16 @@
0.3.1
- 5.2.2
0.8.2
0.27.1
3.6.0
+
+
+ 2.4.1
+
+
+ 2.3.16
+
@@ -83,6 +89,12 @@
acdebugger-1.7
+
+ ddf
+ ddf-parent
+ 1.0.11
+
+
central
@@ -254,17 +266,29 @@
org.owasp
dependency-check-maven
${dependency-check-maven.version}
+
+
+ ddf.support
+ support-owasp
+ ${ddf.support.version}
+
+
+ org.mariadb.jdbc
+ mariadb-java-client
+ ${mariadb.version}
+
+
-
- ${owasp.cveUrlModified}
- ${owasp.cveUrlBase}
-
- 2
+
+ ${owasp.autoUpdate}
+ ${owasp.database.driverName}
+ ${owasp.database.url}
+ ${owasp.serverId}
+
+ false
true
false
-
- false
false
false
@@ -285,15 +309,11 @@
true
+
+ HTML
+ JUNIT
+
-
-
- package
-
- check
-
-
-
org.apache.maven.plugins