[
https://issues.apache.org/jira/browse/OFBIZ-7930?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jacques Le Roux closed OFBIZ-7930.
----------------------------------
Resolution: Implemented
Using the owasp dependencycheck Gradle plugin is so far a much better solution
than what I proposed, thanks Taher!
We will have though to see how to add entries in the equivalent of the
suppress.xml file.
For now I close this issue.
> Copy external jars in OFBiz $buildDir/externalJars for (at least) dependency
> check
> ----------------------------------------------------------------------------------
>
> Key: OFBIZ-7930
> URL: https://issues.apache.org/jira/browse/OFBIZ-7930
> Project: OFBiz
> Issue Type: Sub-task
> Components: framework
> Affects Versions: Trunk
> Reporter: Jacques Le Roux
> Assignee: Jacques Le Roux
> Priority: Minor
> Fix For: Upcoming Branch
>
>
> As I warned at
> https://cwiki.apache.org/confluence/display/OFBIZ/About+OWASP+Dependency+Check
> it's currently difficult to separate the OFBiz jars from other jars in the
> .gradle\caches contains which may contain jars unrelated to OFBiz. Notably
> Eclipse jars if you use the Gradle Eclipse task and more if you use Gradle
> for other reasons than OFBiz.
> I did not find yet a way to avoid to have all external jars in .gradle\caches
> and I wonder if it's even possible. What I would like to have is the external
> jars mandatory for OFBiz to work in an isolated place. For instance a sub
> folder of the main Gradle build folder. I picked $buildDir/externalJars.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
