This is an automated email from the ASF dual-hosted git repository.

stoty pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/calcite-avatica.git


The following commit(s) were added to refs/heads/main by this push:
     new 506788cfc [CALCITE-6656] Update owasp plugin from 5.2.2 to 10.0.4 in 
Avatica
506788cfc is described below

commit 506788cfcda156a161663d8932a0f4ab2777d3c4
Author: Istvan Toth <[email protected]>
AuthorDate: Thu Oct 31 14:03:37 2024 +0100

    [CALCITE-6656] Update owasp plugin from 5.2.2 to 10.0.4 in Avatica
    
    also add option to specify NVD API key
    also add target to analyze depencies in all modules
---
 build.gradle.kts  | 11 +++++++++++
 gradle.properties |  3 ++-
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/build.gradle.kts b/build.gradle.kts
index 6f1cc3951..55ae8c2bb 100644
--- a/build.gradle.kts
+++ b/build.gradle.kts
@@ -65,6 +65,7 @@ val enableSpotBugs = props.bool("spotbugs", default = false)
 val skipCheckstyle by props()
 val skipAutostyle by props()
 val skipJavadoc by props()
+var nvdApiKey: String? = props.string("nvdApiKey")
 // Inherited from stage-vote-release-plugin: skipSign, useGpgCmd
 val enableMavenLocal by props()
 val enableGradleMetadata by props()
@@ -164,6 +165,15 @@ val javadocAggregateIncludingTests by 
tasks.registering(Javadoc::class) {
     
setDestinationDir(file(layout.buildDirectory.get().file("docs/javadocAggregateIncludingTests")))
 }
 
+if (nvdApiKey != null) {
+    apply(plugin = "org.owasp.dependencycheck")
+    dependencyCheck {
+        nvd {
+            apiKey = nvdApiKey
+        }
+    }
+}
+
 allprojects {
     group = "org.apache.calcite.avatica"
     version = buildVersion
@@ -236,6 +246,7 @@ allprojects {
         fileMode = "664".toInt(8)
     }
 
+    tasks.register<DependencyReportTask>("allDependencies") {}
     tasks {
         withType<Javadoc>().configureEach {
             (options as StandardJavadocDocletOptions).apply {
diff --git a/gradle.properties b/gradle.properties
index d7ce630eb..0028dfd36 100644
--- a/gradle.properties
+++ b/gradle.properties
@@ -42,7 +42,8 @@ com.google.protobuf.version=0.8.12
 de.thetaphi.forbiddenapis.version=3.7
 org.jetbrains.gradle.plugin.idea-ext.version=0.5
 org.nosphere.apache.rat.version=0.8.0
-org.owasp.dependencycheck.version=5.2.2
+#Last version to support Java 8
+org.owasp.dependencycheck.version=10.0.4
 
 # TODO
 # error_prone_core.version=2.3.3

Reply via email to