Taher,
Actually it was the description of the issue I created back then. I saw it after routinely copying it, but did not change it, because I had to move. I
will edit the commit comment, to have something meaningful there.
Jacques
Le 05/09/2016 à 14:30, Taher Alkhateeb a écrit :
Hi Jacques,
I don't understand your concern described below? What is the problem of
having jars not related to OFBiz in gradle's cache? What is the problem?
Regards,
Taher Alkhateeb
On Sep 5, 2016 3:24 PM, <jler...@apache.org> wrote:
Author: jleroux
Date: Mon Sep 5 12:24:21 2016
New Revision: 1759250
URL: http://svn.apache.org/viewvc?rev=1759250&view=rev
Log:
A slightly modified Taher's patch for "Load the OWASP dependency checker
Gradle plugin efficiently" I reported at OFBIZ-7930
As I warned at https://cwiki.apache.org/confluence/display/OFBIZ/
About+OWASP+Dependency+Check it's currently difficult to separate the
OFBiz jars from other jars in the .gradle\caches contains which may contain
jars unrelated to OFBiz. Notably Eclipse jars if you use the Gradle Eclipse
task and more if you use Gradle for other reasons than OFBiz.
I did not find yet a way to avoid to have all external jars in
.gradle\caches and I wonder if it's even possible. What I would like to
have is the external jars mandatory for OFBiz to work in an isolated place.
For instance a sub folder of the main Gradle build folder. I picked
$buildDir/externalJars.
Taher: I have a clean working solution now that does not affect users who
do not want the OWASP plugin.
jleroux: I have simply formatted the "if(" to "if ("
Modified:
ofbiz/trunk/build.gradle
Modified: ofbiz/trunk/build.gradle
URL: http://svn.apache.org/viewvc/ofbiz/trunk/build.gradle?rev=
1759250&r1=1759249&r2=1759250&view=diff
============================================================
==================
--- ofbiz/trunk/build.gradle (original)
+++ ofbiz/trunk/build.gradle Mon Sep 5 12:24:21 2016
@@ -269,6 +269,28 @@ eclipse.classpath.file.whenMerged { clas
}
tasks.eclipse.dependsOn(cleanEclipse)
+/* OWASP plugin
+ *
+ * If project property "enableOwasp" is flagged then
+ * gradle will download required dependencies and
+ * activate Gradle's OWASP plugin and its related tasks.
+ *
+ * Syntax: gradlew -PenableOwasp dependencyCheck
+ */
+buildscript {
+ if (project.hasProperty('enableOwasp')) {
+ repositories {
+ mavenCentral()
+ }
+ dependencies {
+ classpath 'org.owasp:dependency-check-gradle:1.4.0'
+ }
+ }
+}
+if (project.hasProperty('enableOwasp')) {
+ apply plugin: 'org.owasp.dependencycheck'
+}
+
/* ========================================================
* Tasks
* ======================================================== */
