|  | /* | 
|  | * Licensed to the Apache Software Foundation (ASF) under one or more | 
|  | * contributor license agreements.  See the NOTICE file distributed with | 
|  | * this work for additional information regarding copyright ownership. | 
|  | * The ASF licenses this file to You under the Apache License, Version 2.0 | 
|  | * (the "License"); you may not use this file except in compliance with | 
|  | * the License.  You may obtain a copy of the License at | 
|  | * | 
|  | *     http://www.apache.org/licenses/LICENSE-2.0 | 
|  | * | 
|  | * Unless required by applicable law or agreed to in writing, software | 
|  | * distributed under the License is distributed on an "AS IS" BASIS, | 
|  | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | 
|  | * See the License for the specific language governing permissions and | 
|  | * limitations under the License. | 
|  | */ | 
|  |  | 
|  |  | 
|  | // This adds OWASP vulnerability validation of project dependencies | 
|  |  | 
|  | // If -Pvalidation.owasp=true is set the validation will also run as part of the check task. | 
|  |  | 
|  | def resources = scriptResources(buildscript) | 
|  |  | 
|  | configure(rootProject) { | 
|  | dependencyCheck { | 
|  | failBuildOnCVSS = propertyOrDefault("validation.owasp.threshold", 7) as Integer | 
|  | formats = ['HTML', 'JSON'] | 
|  | skipProjects = [] | 
|  | skipConfigurations = ['unifiedClasspath'] | 
|  | suppressionFile = file("${resources}/exclusions.xml") | 
|  | } | 
|  |  | 
|  | task owasp() { | 
|  | group "Verification" | 
|  | description "Check project dependencies against OWASP vulnerability database." | 
|  | dependsOn dependencyCheckAggregate | 
|  | } | 
|  |  | 
|  | // Unless explicitly enabled, do not attach owasp to check. It has a large download | 
|  | // footprint and takes a significant amount of time. This should be enabled for | 
|  | // nightly CI runs only, I think. | 
|  | if (propertyOrDefault("validation.owasp", false).toBoolean()) { | 
|  | check.dependsOn owasp | 
|  | } | 
|  | } |