Compare commits
2 Commits
9ce66b1207
...
fa849c71ca
Author | SHA1 | Date | |
---|---|---|---|
|
fa849c71ca | ||
|
72ac61300d |
12
README.md
12
README.md
@ -497,9 +497,19 @@ We'll see if this changes when the project progresses and more validations are a
|
|||||||
|
|
||||||
### OWASP Security Vulnerability Check
|
### OWASP Security Vulnerability Check
|
||||||
|
|
||||||
An OWASP security vulnerability is configured and can be utilized by running:
|
An OWASP security vulnerability is configured, but you need an API key.
|
||||||
|
Fetch it from https://nvd.nist.gov/developers/request-an-api-key.
|
||||||
|
|
||||||
|
Then add it to your `~/.gradle/gradle.properties` file:
|
||||||
|
|
||||||
|
```
|
||||||
|
OWASP_API_KEY=........-....-....-....-............
|
||||||
|
```
|
||||||
|
|
||||||
|
Now you can run the dependency vulnerability check:
|
||||||
|
|
||||||
```shell
|
```shell
|
||||||
|
gw dependencyCheckUpdate
|
||||||
gw dependencyCheckAnalyze
|
gw dependencyCheckAnalyze
|
||||||
```
|
```
|
||||||
|
|
||||||
|
35
build.gradle
35
build.gradle
@ -1,10 +1,10 @@
|
|||||||
plugins {
|
plugins {
|
||||||
id 'java'
|
id 'java'
|
||||||
id 'org.springframework.boot' version '3.2.10'
|
id 'org.springframework.boot' version '3.3.4'
|
||||||
id 'io.spring.dependency-management' version '1.1.6'
|
id 'io.spring.dependency-management' version '1.1.6'
|
||||||
id 'io.openapiprocessor.openapi-processor' version '2023.2'
|
id 'io.openapiprocessor.openapi-processor' version '2023.2'
|
||||||
id 'com.github.jk1.dependency-license-report' version '2.6'
|
id 'com.github.jk1.dependency-license-report' version '2.9'
|
||||||
id "org.owasp.dependencycheck" version "10.0.2"
|
id "org.owasp.dependencycheck" version "10.0.4"
|
||||||
id "com.diffplug.spotless" version "6.25.0"
|
id "com.diffplug.spotless" version "6.25.0"
|
||||||
id 'jacoco'
|
id 'jacoco'
|
||||||
id 'info.solidsoft.pitest' version '1.15.0'
|
id 'info.solidsoft.pitest' version '1.15.0'
|
||||||
@ -58,19 +58,20 @@ dependencies {
|
|||||||
implementation 'org.springframework.boot:spring-boot-starter-jdbc'
|
implementation 'org.springframework.boot:spring-boot-starter-jdbc'
|
||||||
implementation 'org.springframework.boot:spring-boot-starter-web'
|
implementation 'org.springframework.boot:spring-boot-starter-web'
|
||||||
implementation 'org.springframework.boot:spring-boot-starter-validation'
|
implementation 'org.springframework.boot:spring-boot-starter-validation'
|
||||||
implementation 'com.github.gavlyukovskiy:datasource-proxy-spring-boot-starter:1.9.1'
|
implementation 'com.github.gavlyukovskiy:datasource-proxy-spring-boot-starter:1.9.2'
|
||||||
implementation 'org.springdoc:springdoc-openapi:2.4.0'
|
implementation 'org.springdoc:springdoc-openapi:2.6.0'
|
||||||
implementation 'org.postgresql:postgresql:42.7.3'
|
implementation 'org.postgresql:postgresql:42.7.4'
|
||||||
implementation 'org.liquibase:liquibase-core:4.27.0'
|
implementation 'org.liquibase:liquibase-core:4.29.2'
|
||||||
implementation 'io.hypersistence:hypersistence-utils-hibernate-63:3.7.3'
|
implementation 'io.hypersistence:hypersistence-utils-hibernate-63:3.8.3'
|
||||||
implementation 'com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.17.0'
|
implementation 'com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.18.0'
|
||||||
implementation 'org.openapitools:jackson-databind-nullable:0.2.6'
|
implementation 'org.openapitools:jackson-databind-nullable:0.2.6'
|
||||||
implementation 'org.apache.commons:commons-text:1.11.0'
|
implementation 'org.apache.commons:commons-text:1.12.0'
|
||||||
implementation 'net.java.dev.jna:jna:5.8.0'
|
implementation 'net.java.dev.jna:jna:5.15.0'
|
||||||
implementation 'org.modelmapper:modelmapper:3.2.0'
|
implementation 'org.modelmapper:modelmapper:3.2.1'
|
||||||
implementation 'org.iban4j:iban4j:3.2.7-RELEASE'
|
implementation 'org.iban4j:iban4j:3.2.10-RELEASE'
|
||||||
implementation 'org.springdoc:springdoc-openapi-starter-webmvc-ui:2.4.0'
|
implementation 'org.springdoc:springdoc-openapi-starter-webmvc-ui:2.6.0'
|
||||||
implementation 'org.reflections:reflections:0.9.12'
|
implementation 'org.webjars:swagger-ui:5.17.14'
|
||||||
|
implementation 'org.reflections:reflections:0.10.2'
|
||||||
|
|
||||||
compileOnly 'org.projectlombok:lombok'
|
compileOnly 'org.projectlombok:lombok'
|
||||||
testCompileOnly 'org.projectlombok:lombok'
|
testCompileOnly 'org.projectlombok:lombok'
|
||||||
@ -85,9 +86,9 @@ dependencies {
|
|||||||
testImplementation 'org.testcontainers:junit-jupiter'
|
testImplementation 'org.testcontainers:junit-jupiter'
|
||||||
testImplementation 'org.junit.jupiter:junit-jupiter'
|
testImplementation 'org.junit.jupiter:junit-jupiter'
|
||||||
testImplementation 'org.testcontainers:postgresql'
|
testImplementation 'org.testcontainers:postgresql'
|
||||||
testImplementation 'com.tngtech.archunit:archunit-junit5:1.2.1'
|
testImplementation 'com.tngtech.archunit:archunit-junit5:1.3.0'
|
||||||
testImplementation 'io.rest-assured:spring-mock-mvc'
|
testImplementation 'io.rest-assured:spring-mock-mvc'
|
||||||
testImplementation 'org.hamcrest:hamcrest-core:2.2'
|
testImplementation 'org.hamcrest:hamcrest-core:3.0'
|
||||||
testImplementation 'org.pitest:pitest-junit5-plugin:1.2.1'
|
testImplementation 'org.pitest:pitest-junit5-plugin:1.2.1'
|
||||||
testImplementation 'org.junit.jupiter:junit-jupiter-api'
|
testImplementation 'org.junit.jupiter:junit-jupiter-api'
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user