|
|
|
<?xml version="1.0" encoding="UTF-8"?>
|
|
|
|
<project xmlns="http://maven.apache.org/POM/4.0.0"
|
|
|
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
|
|
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
|
|
|
<modelVersion>4.0.0</modelVersion>
|
|
|
|
|
|
|
|
<parent>
|
|
|
|
<groupId>com.keyware.sonar</groupId>
|
|
|
|
<artifactId>sonar-keyware</artifactId>
|
|
|
|
<version>1.0</version>
|
|
|
|
</parent>
|
|
|
|
|
|
|
|
<name>Java 信息安全性设计准则</name>
|
|
|
|
<artifactId>sonar-keyware-plugins-java</artifactId>
|
|
|
|
<packaging>sonar-plugin</packaging>
|
|
|
|
<version>1.0</version>
|
|
|
|
<description>用于检查Java源代码的安全性设计准则的Sonarqube插件</description>
|
|
|
|
|
|
|
|
<dependencies>
|
|
|
|
<dependency>
|
|
|
|
<groupId>org.sonarsource.api.plugin</groupId>
|
|
|
|
<artifactId>sonar-plugin-api</artifactId>
|
|
|
|
<version>9.9.0.229</version>
|
|
|
|
<scope>provided</scope>
|
|
|
|
</dependency>
|
|
|
|
|
|
|
|
<dependency>
|
|
|
|
<groupId>org.slf4j</groupId>
|
|
|
|
<artifactId>slf4j-api</artifactId>
|
|
|
|
<scope>provided</scope>
|
|
|
|
</dependency>
|
|
|
|
|
|
|
|
<dependency>
|
|
|
|
<groupId>org.sonarsource.java</groupId>
|
|
|
|
<artifactId>sonar-java-plugin</artifactId>
|
|
|
|
<version>${sonar.java.version}</version>
|
|
|
|
<type>sonar-plugin</type>
|
|
|
|
<scope>provided</scope>
|
|
|
|
</dependency>
|
|
|
|
<dependency>
|
|
|
|
<groupId>org.sonarsource.html</groupId>
|
|
|
|
<artifactId>sonar-html-plugin</artifactId>
|
|
|
|
<version>${sonar.html.version}</version>
|
|
|
|
<!--<type>sonar-plugin</type>-->
|
|
|
|
<scope>compile</scope>
|
|
|
|
</dependency>
|
|
|
|
|
|
|
|
<dependency>
|
|
|
|
<groupId>org.sonarsource.analyzer-commons</groupId>
|
|
|
|
<artifactId>sonar-analyzer-commons</artifactId>
|
|
|
|
</dependency>
|
|
|
|
<dependency>
|
|
|
|
<groupId>org.apache.logging.log4j</groupId>
|
|
|
|
<artifactId>log4j-slf4j-impl</artifactId>
|
|
|
|
<scope>test</scope>
|
|
|
|
</dependency>
|
|
|
|
|
|
|
|
<dependency>
|
|
|
|
<groupId>org.apache.logging.log4j</groupId>
|
|
|
|
<artifactId>log4j-core</artifactId>
|
|
|
|
<scope>test</scope>
|
|
|
|
</dependency>
|
|
|
|
|
|
|
|
<!-- unit tests -->
|
|
|
|
<dependency>
|
|
|
|
<groupId>org.sonarsource.java</groupId>
|
|
|
|
<artifactId>java-checks-testkit</artifactId>
|
|
|
|
<version>${sonar.java.version}</version>
|
|
|
|
<scope>test</scope>
|
|
|
|
</dependency>
|
|
|
|
<dependency>
|
|
|
|
<groupId>org.assertj</groupId>
|
|
|
|
<artifactId>assertj-core</artifactId>
|
|
|
|
<scope>test</scope>
|
|
|
|
</dependency>
|
|
|
|
<dependency>
|
|
|
|
<groupId>org.junit.jupiter</groupId>
|
|
|
|
<artifactId>junit-jupiter</artifactId>
|
|
|
|
<scope>test</scope>
|
|
|
|
</dependency>
|
|
|
|
<dependency>
|
|
|
|
<groupId>org.junit.jupiter</groupId>
|
|
|
|
<artifactId>junit-jupiter-api</artifactId>
|
|
|
|
<scope>test</scope>
|
|
|
|
</dependency>
|
|
|
|
<dependency>
|
|
|
|
<groupId>org.junit.jupiter</groupId>
|
|
|
|
<artifactId>junit-jupiter-engine</artifactId>
|
|
|
|
<scope>test</scope>
|
|
|
|
</dependency>
|
|
|
|
<dependency>
|
|
|
|
<groupId>org.junit.jupiter</groupId>
|
|
|
|
<artifactId>junit-jupiter-migrationsupport</artifactId>
|
|
|
|
<scope>test</scope>
|
|
|
|
</dependency>
|
|
|
|
<dependency>
|
|
|
|
<groupId>org.sonarsource.sonarqube</groupId>
|
|
|
|
<artifactId>sonar-plugin-api-impl</artifactId>
|
|
|
|
<scope>test</scope>
|
|
|
|
</dependency>
|
|
|
|
<dependency>
|
|
|
|
<groupId>com.fasterxml.jackson.core</groupId>
|
|
|
|
<artifactId>jackson-databind</artifactId>
|
|
|
|
<version>2.16.0</version>
|
|
|
|
<scope>compile</scope>
|
|
|
|
</dependency>
|
|
|
|
<dependency>
|
|
|
|
<groupId>org.yaml</groupId>
|
|
|
|
<artifactId>snakeyaml</artifactId>
|
|
|
|
<version>1.28</version>
|
|
|
|
<scope>compile</scope>
|
|
|
|
</dependency>
|
|
|
|
</dependencies>
|
|
|
|
|
|
|
|
<build>
|
|
|
|
<plugins>
|
|
|
|
<plugin>
|
|
|
|
<groupId>org.sonarsource.sonar-packaging-maven-plugin</groupId>
|
|
|
|
<artifactId>sonar-packaging-maven-plugin</artifactId>
|
|
|
|
<extensions>true</extensions>
|
|
|
|
<configuration>
|
|
|
|
<pluginKey>keywareJavaPlugin</pluginKey>
|
|
|
|
<pluginName>Java 安全性设计准则</pluginName>
|
|
|
|
<pluginClass>com.keyware.sonar.java.JavaSecurityDesignRulesPlugin</pluginClass>
|
|
|
|
<sonarLintSupported>true</sonarLintSupported>
|
|
|
|
<skipDependenciesPackaging>true</skipDependenciesPackaging>
|
|
|
|
<sonarQubeMinVersion>8.9</sonarQubeMinVersion>
|
|
|
|
<requirePlugins>java:${sonar.java.version},web:${sonar.html.version}</requirePlugins>
|
|
|
|
<jreMinVersion>11</jreMinVersion>
|
|
|
|
</configuration>
|
|
|
|
</plugin>
|
|
|
|
|
|
|
|
<plugin>
|
|
|
|
<groupId>org.apache.maven.plugins</groupId>
|
|
|
|
<artifactId>maven-shade-plugin</artifactId>
|
|
|
|
<configuration>
|
|
|
|
</configuration>
|
|
|
|
<executions>
|
|
|
|
<execution>
|
|
|
|
<phase>package</phase>
|
|
|
|
<goals>
|
|
|
|
<goal>shade</goal>
|
|
|
|
</goals>
|
|
|
|
</execution>
|
|
|
|
</executions>
|
|
|
|
</plugin>
|
|
|
|
|
|
|
|
<plugin>
|
|
|
|
<groupId>org.apache.maven.plugins</groupId>
|
|
|
|
<artifactId>maven-compiler-plugin</artifactId>
|
|
|
|
<configuration>
|
|
|
|
<source>11</source>
|
|
|
|
<target>11</target>
|
|
|
|
</configuration>
|
|
|
|
</plugin>
|
|
|
|
|
|
|
|
<plugin>
|
|
|
|
<groupId>org.jacoco</groupId>
|
|
|
|
<artifactId>jacoco-maven-plugin</artifactId>
|
|
|
|
<version>${version.jacoco.plugin}</version>
|
|
|
|
<executions>
|
|
|
|
<execution>
|
|
|
|
<id>prepare-agent</id>
|
|
|
|
<goals>
|
|
|
|
<goal>prepare-agent</goal>
|
|
|
|
</goals>
|
|
|
|
</execution>
|
|
|
|
<execution>
|
|
|
|
<id>report</id>
|
|
|
|
<goals>
|
|
|
|
<goal>report</goal>
|
|
|
|
</goals>
|
|
|
|
</execution>
|
|
|
|
</executions>
|
|
|
|
</plugin>
|
|
|
|
|
|
|
|
<!-- only required to run UT - these are UT dependencies -->
|
|
|
|
<plugin>
|
|
|
|
<groupId>org.apache.maven.plugins</groupId>
|
|
|
|
<artifactId>maven-dependency-plugin</artifactId>
|
|
|
|
<executions>
|
|
|
|
<execution>
|
|
|
|
<id>copy</id>
|
|
|
|
<phase>test-compile</phase>
|
|
|
|
<goals>
|
|
|
|
<goal>copy</goal>
|
|
|
|
</goals>
|
|
|
|
<configuration>
|
|
|
|
<artifactItems>
|
|
|
|
<artifactItem>
|
|
|
|
<groupId>org.slf4j</groupId>
|
|
|
|
<artifactId>slf4j-api</artifactId>
|
|
|
|
<version>1.7.30</version>
|
|
|
|
<type>jar</type>
|
|
|
|
</artifactItem>
|
|
|
|
<artifactItem>
|
|
|
|
<groupId>org.apache.commons</groupId>
|
|
|
|
<artifactId>commons-collections4</artifactId>
|
|
|
|
<version>4.0</version>
|
|
|
|
<type>jar</type>
|
|
|
|
</artifactItem>
|
|
|
|
<artifactItem>
|
|
|
|
<groupId>javax</groupId>
|
|
|
|
<artifactId>javaee-api</artifactId>
|
|
|
|
<version>6.0</version>
|
|
|
|
<type>jar</type>
|
|
|
|
</artifactItem>
|
|
|
|
<artifactItem>
|
|
|
|
<groupId>org.springframework</groupId>
|
|
|
|
<artifactId>spring-webmvc</artifactId>
|
|
|
|
<version>4.3.3.RELEASE</version>
|
|
|
|
<type>jar</type>
|
|
|
|
</artifactItem>
|
|
|
|
<artifactItem>
|
|
|
|
<groupId>org.springframework</groupId>
|
|
|
|
<artifactId>spring-web</artifactId>
|
|
|
|
<version>4.3.3.RELEASE</version>
|
|
|
|
<type>jar</type>
|
|
|
|
</artifactItem>
|
|
|
|
<artifactItem>
|
|
|
|
<groupId>org.springframework</groupId>
|
|
|
|
<artifactId>spring-context</artifactId>
|
|
|
|
<version>4.3.3.RELEASE</version>
|
|
|
|
<type>jar</type>
|
|
|
|
</artifactItem>
|
|
|
|
<artifactItem>
|
|
|
|
<groupId>junit</groupId>
|
|
|
|
<artifactId>junit</artifactId>
|
|
|
|
<version>4.13.2</version>
|
|
|
|
<type>jar</type>
|
|
|
|
</artifactItem>
|
|
|
|
</artifactItems>
|
|
|
|
<outputDirectory>${project.build.directory}/test-jars</outputDirectory>
|
|
|
|
</configuration>
|
|
|
|
</execution>
|
|
|
|
</executions>
|
|
|
|
</plugin>
|
|
|
|
<plugin>
|
|
|
|
<groupId>com.mycila</groupId>
|
|
|
|
<artifactId>license-maven-plugin</artifactId>
|
|
|
|
<configuration>
|
|
|
|
<header>${project.basedir}/src/main/resources/license-header.txt</header>
|
|
|
|
<!--排除文件-->
|
|
|
|
<excludes>
|
|
|
|
<exclude>**/*.properties</exclude>
|
|
|
|
<exclude>*.sh</exclude>
|
|
|
|
<exclude>*.yml</exclude>
|
|
|
|
<exclude>.editorconfig</exclude>
|
|
|
|
<exclude>.gitignore</exclude>
|
|
|
|
<exclude>**/*.md</exclude>
|
|
|
|
<exclude>**/*.xml</exclude>
|
|
|
|
</excludes>
|
|
|
|
</configuration>
|
|
|
|
</plugin>
|
|
|
|
</plugins>
|
|
|
|
</build>
|
|
|
|
</project>
|