From c92d38cdeb867f2f7e2ae9b2515c32c2ecfd1e41 Mon Sep 17 00:00:00 2001
From: Shreyas Gopalakrishna
<11889130+shreyas-gopalakrishna@users.noreply.github.com>
Date: Tue, 30 Jan 2024 09:28:32 -0800
Subject: [PATCH] Adding maven dependency check to identify publicly disclosed
vulnerabilities (#751)
* Added dependency-check-maven and updated grpc modules
* Adding dependency check to pipeline
* Test pipeline
* Test pipeline
* Test pipeline
* Test pipeline
---
azure-pipelines.yml | 6 +++++-
pom.xml | 22 +++++++++++++++++++---
2 files changed, 24 insertions(+), 4 deletions(-)
diff --git a/azure-pipelines.yml b/azure-pipelines.yml
index 23a03933..a18676c5 100644
--- a/azure-pipelines.yml
+++ b/azure-pipelines.yml
@@ -60,6 +60,10 @@ jobs:
.\package-pipeline.ps1 -buildNumber $buildNumber
name: output
displayName: 'Executing build script'
+ - pwsh: |
+ mvn dependency-check:check
+ condition: and(eq(variables['Build.SourceBranch'], 'refs/heads/dev'), eq(variables['SkipMavenDependencyCheck'], 'false'))
+ displayName: 'Maven dependency check'
- task: CopyFiles@2
inputs:
SourceFolder: '$(Build.Repository.LocalPath)/pkg'
@@ -155,7 +159,7 @@ jobs:
displayName: 'Install .NET 6'
inputs:
version: 6.0.x
- - pwsh: | # Download JDK for later installation
+ - pwsh: | # Download JDK for later installation
Invoke-WebRequest $(JDK_DOWNLOAD_LINK) -O "$(JAVA_VERSION).tar.gz"
$current = get-location | select -ExpandProperty Path
Write-Host "##vso[task.setvariable variable=downloadPath;]$current"
diff --git a/pom.xml b/pom.xml
index 1697559b..076679b3 100644
--- a/pom.xml
+++ b/pom.xml
@@ -72,17 +72,17 @@
io.grpc
grpc-protobuf
- 1.57.2
+ 1.61.0
io.grpc
grpc-stub
- 1.45.2
+ 1.61.0
io.grpc
grpc-netty-shaded
- 1.45.2
+ 1.61.0
com.google.code.gson
@@ -303,6 +303,22 @@
+
+
+ org.owasp
+ dependency-check-maven
+ 9.0.9
+
+ 7
+
+
+
+
+ check
+
+
+
+
\ No newline at end of file