Skip to content

Commit

Permalink
Enable OWASP dependency check.
Browse files Browse the repository at this point in the history
  • Loading branch information
@uhafner
uhafner committed Sep 24, 2024
1 parent e9b737e commit 65c348d
Show file tree
Hide file tree
Showing 2 changed files with 89 additions and 106 deletions.
34 changes: 0 additions & 34 deletions .github/workflows/coverage.yml
View file

This file was deleted.

161 changes: 89 additions & 72 deletions .github/workflows/quality-monitor.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,10 +24,16 @@ jobs:
uses: stCarolas/setup-maven@v5
with:
maven-version: 3.9.9
- name: Cache the NVD database
uses: actions/cache@v4
with:
path: ~/.m2/repository/org/owasp/dependency-check-data
key: dependency-check
- name: Build with Maven
env:
BROWSER: chrome-container
run: mvn -V --color always -ntp clean verify -Ppit -Pci | tee maven.log
NVD_API_KEY: ${{ secrets.NVD_API_KEY }}
run: mvn -V --color always -ntp clean verify -Ppit -Pci -Powasp | tee maven.log
- name: Extract pull request number
uses: jwalton/gh-find-current-pr@v1
id: pr
Expand All @@ -38,79 +44,90 @@ jobs:
pr-number: ${{ steps.pr.outputs.number }}
config: >
{
"tests": {
"name": "Tests",
"tools": [
{
"id": "test",
"name": "Tests",
"pattern": "**/target/*-reports/TEST*.xml"
}
]
},
"analysis": [
{
"name": "Style",
"id": "style",
"tests": {
"tools": [
{
"id": "checkstyle",
"pattern": "**/target/checkstyle-*/checkstyle-result.xml"
},
{
"id": "pmd",
"pattern": "**/target/pmd-*/pmd.xml"
"id": "test",
"name": "Tests",
"pattern": "**/target/*-reports/TEST*.xml"
}
]
],
"name": "Tests"
},
{
"name": "Bugs",
"id": "bugs",
"icon": "bug",
"tools": [
{
"id": "spotbugs",
"sourcePath": "src/main/java",
"pattern": "**/target/spotbugsXml.xml"
},
{
"id": "error-prone",
"pattern": "**/maven.log"
}
]
}
],
"coverage": [
{
"name": "Code Coverage",
"tools": [
{
"id": "jacoco",
"name": "Line Coverage",
"metric": "line",
"sourcePath": "src/main/java",
"pattern": "**/target/site/jacoco/jacoco.xml"
},
{
"id": "jacoco",
"name": "Branch Coverage",
"metric": "branch",
"sourcePath": "src/main/java",
"pattern": "**/target/site/jacoco/jacoco.xml"
}
]
},
{
"name": "Mutation Coverage",
"tools": [
{
"id": "pit",
"name": "Mutation Coverage",
"metric": "mutation",
"sourcePath": "src/main/java",
"pattern": "**/target/pit-reports/mutations.xml"
}
]
}
]
"analysis": [
{
"name": "Style",
"id": "style",
"tools": [
{
"id": "checkstyle",
"pattern": "**/target/**checkstyle-result.xml"
},
{
"id": "pmd",
"pattern": "**/target/**pmd.xml"
}
]
},
{
"name": "Bugs",
"id": "bugs",
"icon": "bug",
"tools": [
{
"id": "spotbugs",
"sourcePath": "src/main/java",
"pattern": "**/target/spotbugsXml.xml"
},
{
"id": "error-prone",
"pattern": "**/maven.log"
}
]
},
{
"name": "Vulnerabilities",
"id": "vulnerabilities",
"icon": "shield",
"tools": [
{
"id": "owasp-dependency-check",
"pattern": "**/target/dependency-check-report.json"
}
]
}
],
"coverage": [
{
"name": "Code Coverage",
"tools": [
{
"id": "jacoco",
"name": "Line Coverage",
"metric": "line",
"sourcePath": "src/main/java",
"pattern": "**/target/site/jacoco/jacoco.xml"
},
{
"id": "jacoco",
"name": "Branch Coverage",
"metric": "branch",
"sourcePath": "src/main/java",
"pattern": "**/target/site/jacoco/jacoco.xml"
}
]
},
{
"name": "Mutation Coverage",
"tools": [
{
"id": "pit",
"name": "Mutation Coverage",
"metric": "mutation",
"sourcePath": "src/main/java",
"pattern": "**/target/pit-reports/mutations.xml"
}
]
}
]
}

0 comments on commit 65c348d

Please sign in to comment.