From 1fb8caa7470fcf480ae614b9cddfbba2e78fe1c4 Mon Sep 17 00:00:00 2001
From: Antti Luomi <antti.luomi@id.ethz.ch>
Date: Fri, 18 May 2018 08:14:06 +0200
Subject: [PATCH] SSDM-6219: Task to run OWASP dependency check

---
 openbis_standard_technologies/build.gradle | 33 +++++++++++++++-------
 1 file changed, 23 insertions(+), 10 deletions(-)

diff --git a/openbis_standard_technologies/build.gradle b/openbis_standard_technologies/build.gradle
index d0ba4842f03..5f670d58efb 100644
--- a/openbis_standard_technologies/build.gradle
+++ b/openbis_standard_technologies/build.gradle
@@ -1,3 +1,25 @@
+buildscript {
+    apply from: '../gradle/repository.gradle'
+    
+    repositories repositoryConfig
+    
+    dependencies {
+        classpath 'apache:commons-codec:+',
+                  'owasp:dependency-check-gradle-full:+'
+    }
+}
+
+plugins {
+  id "org.owasp.dependencycheck" version "3.1.2"
+}
+
+dependencyCheck {
+  failBuildOnCVSS = 7 // 0 - 4 = low, 4 - 7 = medium, 7 - 9 = high, 9-10 = critical
+  analyzers{
+    assemblyEnabled = false
+  }
+}
+
 evaluationDependsOn(':commonbase')
 evaluationDependsOn(':common')
 evaluationDependsOn(':openbis_api')
@@ -12,6 +34,7 @@ evaluationDependsOn(':rtd_yeastx')
 evaluationDependsOn(':deep_sequencing_unit')
 evaluationDependsOn(':plasmid')
 
+
 apply from: '../gradle/javaproject.gradle'
 apply from: 'query-api.gradle'
 apply from: 'screening-api.gradle'
@@ -80,16 +103,6 @@ dependencies {
 				    	project(path:':screening')
 }
 
-buildscript {
-    apply from: '../gradle/repository.gradle'
-    
-    repositories repositoryConfig
-    
-    dependencies {
-        classpath 'apache:commons-codec:+'
-    }
-}
-
 task compileGwt (dependsOn: classes, type: JavaExec) {
 
 	ext.buildDir = "${project.buildDir}/gwt"
-- 
GitLab