talalUcef · September 12, 2019 08:57
diff --git a/Jenkinsfile b/Jenkinsfile
 stage('Dependency Check') {
    steps {
        echo 'Running dependency check'
        withMaven(maven: 'maven 3.6.0', globalMavenSettingsConfig: 'sfcoGlobalSettingsV1', mavenSettingsConfig: 'sfcoSettingsV1') {
            sh 'mvn -Dmaven.test.skip=true package -Psecurity'
        }
    }
    post {
        always {
            dependencyCheckPublisher pattern: "**/dependency-check-report.xml"
        }
    }
 }
diff --git a/pom.xml b/pom.xml
 <properties>
    <dependency-check-format>ALL</dependency-check-format>
    <owasp-maven-plugin.version>5.2.1</owasp-maven-plugin.version>
 </properties>
 <profile>
    <id>security</id>
    <build>
        <plugins>
            <plugin>
                <groupId>org.owasp</groupId>
                <artifactId>dependency-check-maven</artifactId>
                <version>${owasp-maven-plugin.version}</version>
                <configuration>
                    <!-- Skip artifacts not bundled in distribution (provided scope) -->
                    <skipProvidedScope>true</skipProvidedScope>
                    <!-- Suppress false positives or dependencies that cannot be changed for specific reasons.-->
                    <!--<suppressionFile>suppressed-cves.xml</suppressionFile>-->
                    <format>${dependency-check-format}</format>
                    <outputDirectory>${project.basedir}/target/reports</outputDirectory>
                </configuration>
                <!-- Don't specify an execution, because this might take long and is not needed in every build.
                     A report can be generated on demand using "mvn org.owasp:dependency-check-maven:check"
                     report will be saved to target/dependency-check-report.html -->
                <executions>
                    <execution>
                        <goals>
                            <goal>check</goal>
                        </goals>
                        <phase>validate</phase>
                    </execution>
                </executions>
            </plugin>
        </plugins>
    </build>
 </profile>
	stage('Dependency Check') {
	steps {
	echo 'Running dependency check'
	withMaven(maven: 'maven 3.6.0', globalMavenSettingsConfig: 'sfcoGlobalSettingsV1', mavenSettingsConfig: 'sfcoSettingsV1') {
	sh 'mvn -Dmaven.test.skip=true package -Psecurity'
	}
	}
	post {
	always {
	dependencyCheckPublisher pattern: "**/dependency-check-report.xml"
	}
	}
	}
	<properties>
	<dependency-check-format>ALL</dependency-check-format>
	<owasp-maven-plugin.version>5.2.1</owasp-maven-plugin.version>
	</properties>
	<profile>
	<id>security</id>
	<build>
	<plugins>
	<plugin>
	<groupId>org.owasp</groupId>
	<artifactId>dependency-check-maven</artifactId>
	<version>${owasp-maven-plugin.version}</version>
	<configuration>
	<!-- Skip artifacts not bundled in distribution (provided scope) -->
	<skipProvidedScope>true</skipProvidedScope>
	<!-- Suppress false positives or dependencies that cannot be changed for specific reasons.-->
	<!--<suppressionFile>suppressed-cves.xml</suppressionFile>-->
	<format>${dependency-check-format}</format>
	<outputDirectory>${project.basedir}/target/reports</outputDirectory>
	</configuration>
	<!-- Don't specify an execution, because this might take long and is not needed in every build.
	A report can be generated on demand using "mvn org.owasp:dependency-check-maven:check"
	report will be saved to target/dependency-check-report.html -->
	<executions>
	<execution>
	<goals>
	<goal>check</goal>
	</goals>
	<phase>validate</phase>
	</execution>
	</executions>
	</plugin>
	</plugins>
	</build>
	</profile>