File tree Expand file tree Collapse file tree 5 files changed +19
-14
lines changed
Expand file tree Collapse file tree 5 files changed +19
-14
lines changed Original file line number Diff line number Diff line change 3838 <username >${env.CI_USR}</username >
3939 <password >${env.CI_PSW}</password >
4040 </server >
41+ <server >
42+ <id >nvd</id >
43+ <password >${env.NVD_API_KEY}</password >
44+ </server >
4145 </servers >
4246 <pluginGroups >
4347 <pluginGroup >org.sonarsource.scanner.maven</pluginGroup >
6165 <activeByDefault >true</activeByDefault >
6266 </activation >
6367 <properties >
64- <nodeDownloadRoot >${env.SERVICE_NEXUS_URL}/repository/node-distrib/</nodeDownloadRoot >
65- </properties >
68+ <nodeDownloadRoot >${env.SERVICE_NEXUS_URL}/repository/node-distrib/</nodeDownloadRoot >
69+ </properties >
6670 </profile >
6771 <profile >
6872 <id >user-vitam</id >
7175 </activation >
7276 <properties >
7377 <username >${env.CI_USR}</username >
74- <password >${env.CI_PSW}</password >
78+ <password >${env.CI_PSW}</password >
7579 </properties >
7680 </profile >
7781 </profiles >
8993 <mirrorOf >node-dist-mirror</mirrorOf >
9094 </mirror >
9195 </mirrors >
92- <!--
96+ <!--
9397 <proxies>
9498 <proxy>
9599 <id>platform-proxy</id>
Original file line number Diff line number Diff line change @@ -24,6 +24,7 @@ pipeline {
2424 SERVICE_DOCKER_PULL_URL = credentials(" SERVICE_DOCKER_PULL_URL"
2525 SERVICE_REPOSITORY_URL = credentials(" service-repository-url"
2626 GITHUB_ACCOUNT_TOKEN = credentials(" vitam-prg-token"
27+ NVD_API_KEY = credentials(" nvd-api-key"
2728 ES_VERSION = " 8.18.0"
2829 MONGO_VERSION = " 8.0.8"
2930 MINIO_VERSION = " RELEASE.2020-04-15T00-39-01Z" // more precise than edge
@@ -219,7 +220,7 @@ pipeline {
219220 def mvnCmd = " ${ env.MVN_COMMAND} "
220221 if (env. ADD_OWASP . toBoolean()) {
221222 // OWASP Analysis
222- mvnCmd + = " org.owasp:dependency-check-maven:aggregate"
223+ mvnCmd + = " -DnvdApiServerId=nvd org.owasp:dependency-check-maven:aggregate"
223224 }
224225 if (env. ADD_SONAR . toBoolean()) {
225226 // Sonar Analysis
Original file line number Diff line number Diff line change 8181 <maven .failsafe.version>3.2.5</maven .failsafe.version>
8282 <maven .javadoc.version>3.6.3</maven .javadoc.version>
8383 <maven .exec.version>3.2.0</maven .exec.version>
84- <maven .dependencycheck.version>9.0.10 </maven .dependencycheck.version>
84+ <maven .dependencycheck.version>12.1.9 </maven .dependencycheck.version>
8585 <git-commit-id-plugin .version>4.9.10</git-commit-id-plugin .version>
8686 <maven-antrun-plugin .version>3.1.0</maven-antrun-plugin .version>
8787 <license-maven-plugin .version>4.3</license-maven-plugin .version>
609609 <artifactId >dependency-check-maven</artifactId >
610610 <version >${maven.dependencycheck.version} </version >
611611 <configuration >
612- <cveUrlModified >${env.SERVICE_REPOSITORY_URL} /nist/nvdcve-1.1-modified.json.gz</cveUrlModified >
613- <cveUrlBase >${env.SERVICE_REPOSITORY_URL} /nist/nvdcve-1.1-%d.json.gz</cveUrlBase >
614612 <assemblyAnalyzerEnabled >false</assemblyAnalyzerEnabled >
613+ <msbuildAnalyzerEnabled >false</msbuildAnalyzerEnabled >
615614 <retireJsAnalyzerEnabled >false</retireJsAnalyzerEnabled >
615+ <nuspecAnalyzerEnabled >false</nuspecAnalyzerEnabled >
616616 <failOnError >false</failOnError >
617617 </configuration >
618618
Original file line number Diff line number Diff line change 7878 <maven .failsafe.version>3.2.5</maven .failsafe.version>
7979 <maven .javadoc.version>3.6.3</maven .javadoc.version>
8080 <maven .exec.version>3.2.0</maven .exec.version>
81- <maven .dependencycheck.version>9.0.10 </maven .dependencycheck.version>
81+ <maven .dependencycheck.version>12.1.9 </maven .dependencycheck.version>
8282 <git-commit-id-plugin .version>4.9.10</git-commit-id-plugin .version>
8383 <maven-antrun-plugin .version>3.1.0</maven-antrun-plugin .version>
8484 <license-maven-plugin .version>4.3</license-maven-plugin .version>
606606 <artifactId >dependency-check-maven</artifactId >
607607 <version >${maven.dependencycheck.version} </version >
608608 <configuration >
609- <cveUrlModified >${env.SERVICE_REPOSITORY_URL} /nist/nvdcve-1.1-modified.json.gz</cveUrlModified >
610- <cveUrlBase >${env.SERVICE_REPOSITORY_URL} /nist/nvdcve-1.1-%d.json.gz</cveUrlBase >
611609 <assemblyAnalyzerEnabled >false</assemblyAnalyzerEnabled >
610+ <msbuildAnalyzerEnabled >false</msbuildAnalyzerEnabled >
612611 <retireJsAnalyzerEnabled >false</retireJsAnalyzerEnabled >
612+ <nuspecAnalyzerEnabled >false</nuspecAnalyzerEnabled >
613613 <failOnError >false</failOnError >
614614 </configuration >
615615
Original file line number Diff line number Diff line change 125125 <maven .failsafe.version>3.2.5</maven .failsafe.version>
126126 <maven .javadoc.version>3.6.3</maven .javadoc.version>
127127 <maven .exec.version>3.2.0</maven .exec.version>
128- <maven .dependencycheck.version>10.0.0 </maven .dependencycheck.version>
128+ <maven .dependencycheck.version>12.1.9 </maven .dependencycheck.version>
129129 <git-commit-id-plugin .version>4.9.10</git-commit-id-plugin .version>
130130 <maven-antrun-plugin .version>3.1.0</maven-antrun-plugin .version>
131131 <license-maven-plugin .version>4.3</license-maven-plugin .version>
662662 <artifactId >dependency-check-maven</artifactId >
663663 <version >${maven.dependencycheck.version} </version >
664664 <configuration >
665- <cveUrlModified >${env.SERVICE_REPOSITORY_URL} /nist/nvdcve-1.1-modified.json.gz</cveUrlModified >
666- <cveUrlBase >${env.SERVICE_REPOSITORY_URL} /nist/nvdcve-1.1-%d.json.gz</cveUrlBase >
667665 <assemblyAnalyzerEnabled >false</assemblyAnalyzerEnabled >
666+ <msbuildAnalyzerEnabled >false</msbuildAnalyzerEnabled >
668667 <retireJsAnalyzerEnabled >false</retireJsAnalyzerEnabled >
668+ <nuspecAnalyzerEnabled >false</nuspecAnalyzerEnabled >
669669 <failOnError >false</failOnError >
670670 </configuration >
671671
You can’t perform that action at this time.
0 commit comments