Tune mvn dep check (#176)

Ignore cvss scan in UI.frontend
valtech-ch · Jan 2, 2024 · 71245a5 · 71245a5
1 parent 32b0ad1
commit 71245a5
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 2 deletions.
diff --git a/pom.xml b/pom.xml
@@ -457,8 +457,7 @@
                     <artifactId>dependency-check-maven</artifactId>
                     <version>8.3.1</version>
                     <configuration>
-                        <failBuildOnCVSS>0</failBuildOnCVSS>
-                        <failBuildOnAnyVulnerability>true</failBuildOnAnyVulnerability>
+                        <failBuildOnCVSS>8</failBuildOnCVSS>
                         <skipProvidedScope>true</skipProvidedScope>
                     </configuration>
                     <executions>

diff --git a/ui.frontend/pom.xml b/ui.frontend/pom.xml
@@ -78,6 +78,9 @@
             <plugin>
                 <groupId>org.owasp</groupId>
                 <artifactId>dependency-check-maven</artifactId>
+                <configuration>
+                    <failBuildOnCVSS>11</failBuildOnCVSS>
+                </configuration>
             </plugin>
         </plugins>
     </build>