YETUS-441 Add a plugin that uses OWASP's depenency-check tool.
* precommit plugin 'dependency_check' for maven or cli if given
* jenkins job that will handle updating a cached vulnerability database
3 files changed
Apache Yetus Source
Apache Yetus is a collection of libraries and tools that enable contribution and release process for software projects.
:warning: A Note About Repository Layout Yetus currently has no unified build tool, so individual components handle their own tooling. The current layout is temporary until such time as we adopt a project-wide build system. For more information, watch YETUS-125
The current repository is broken up by major component:
- Website source Holds our documentation, which is presented via our website. See the guide to contributing for instructions on building the rendered version.
- Precommit Precommit provides robust tools to deal with contributions, including applying patches from a variety of project sources and evaluating them against project norms via a system of plugins. See the precommit overview to get started working with precommit. Note that even if the top level layout doesn't change, the layout of Precommit might when it adds in unit tests under YETUS-15.
- Yetus Project Pom Provides common configuration and dependency management for Yetus' java based component. Currently builds with Maven 3.2.0+.
- Audience Annotations Audience Annotations allows projects to use Java Annotations to delineate public and non-public parts of their APIs. It also provides doclets to generate javadocs filtered by intended audience. Currently builds with Maven 3.2.0+.
- Shelldocs Shelldocs processes comments on Bash functions for a annotations similar to Javadoc. It also includes built in audience scoping functionality similar to the doclet from Audience Annotations.
- Release Doc Maker Release Doc Maker analyzes Jira and Git information to produce Markdown formatted release notes.