This is an automated email from the ASF dual-hosted git repository.
liubao pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/servicecomb-java-chassis.git
The following commit(s) were added to refs/heads/master by this push:
new 6382d6ae1 update dependency-check-maven-plugin (#4162)
6382d6ae1 is described below
commit 6382d6ae13bc462895ab48916f47447ba84df213
Author: liubao68 <[email protected]>
AuthorDate: Thu Dec 21 15:59:39 2023 +0800
update dependency-check-maven-plugin (#4162)
---
ci/README.md | 26 ++++++++++++++++++++++++++
pom.xml | 2 +-
2 files changed, 27 insertions(+), 1 deletion(-)
diff --git a/ci/README.md b/ci/README.md
new file mode 100644
index 000000000..e1d4c1a64
--- /dev/null
+++ b/ci/README.md
@@ -0,0 +1,26 @@
+# Java Chassis Code Checks
+
+* Compilation and Installation
+
+ see .github/workflows/maven.yml
+
+* Checkstyle
+
+ see .github/workflows/checkstyle.yml
+
+* Rat Check
+
+ see .github/workflows/rat_check.yml
+
+* Spot Bugs
+
+ see .github/workflows/spotbugs.yml
+
+* OWASP Dependency Check
+
+ `mvn verify -Powasp-dependency-check` . Very Slow, run manually.
+
+* Distribution
+
+ `mvn clean deploy -Dcheckstyle.skip -Dspotbugs.skip=true
-Dmaven.javadoc.skip=true -DskipTests -Prelease -Pdistribution` . Run manually
when preparing a release.
+
diff --git a/pom.xml b/pom.xml
index 0b653a007..293d18809 100644
--- a/pom.xml
+++ b/pom.xml
@@ -46,7 +46,7 @@
<!-- sort by alpha -->
<checkstyle-maven-plugin.version>3.3.0</checkstyle-maven-plugin.version>
<coveralls-maven-plugin.version>4.3.0</coveralls-maven-plugin.version>
-
<dependency-check-maven-plugin.version>9.0.6</dependency-check-maven-plugin.version>
+
<dependency-check-maven-plugin.version>9.0.7</dependency-check-maven-plugin.version>
<docker-maven-plugin.version>0.43.4</docker-maven-plugin.version>
<exec-maven-plugin.version>3.1.1</exec-maven-plugin.version>
<gpg-maven-plugin.version>3.1.0</gpg-maven-plugin.version>
