honeymoose
/
org.hl7.fhir.core
mirror of https://github.com/hapifhir/org.hl7.fhir.core.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update owasp plugin to 11.1.1

This commit is contained in:
dotasek 2024-12-11 13:54:49 -05:00
parent d111d045ef
commit fec504a024
2 changed files with 10 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
.github/workflows/owasp.yml vendored
View File

@ -17,10 +17,16 @@ jobs:
- name: Checkout repository - name: Checkout repository
uses: actions/checkout@v4 uses: actions/checkout@v4
- run: | - env:
NVD_API_KEY:
${{ secrets.NVD_API_KEY }}
run: |
mvn -DskipTests install -P OWASP_CHECK mvn -DskipTests install -P OWASP_CHECK
- run: | - env:
NVD_API_KEY:
${{ secrets.NVD_API_KEY }}
run: |
mvn -DskipTests dependency-check:aggregate -P OWASP_CHECK mvn -DskipTests dependency-check:aggregate -P OWASP_CHECK
- name: Upload SARIF file - name: Upload SARIF file

3
pom.xml
View File

@ -384,8 +384,9 @@
<plugin> <plugin>
<groupId>org.owasp</groupId> <groupId>org.owasp</groupId>
<artifactId>dependency-check-maven</artifactId> <artifactId>dependency-check-maven</artifactId>
<version>8.2.1</version> <version>11.1.1</version>
<configuration> <configuration>
<nvdApiKeyEnvironmentVariable>NVD_API_KEY</nvdApiKeyEnvironmentVariable>
<suppressionFiles> <suppressionFiles>
<suppressionFile>cve-suppression.xml</suppressionFile> <suppressionFile>cve-suppression.xml</suppressionFile>
</suppressionFiles> </suppressionFiles>