@@ -2,14 +2,7 @@ artifact_name := orders.api.ch.gov.uk
22version := "unversioned"
33
44dependency_check_base_suppressions: =common_suppressions_spring_6.xml
5-
6- # dependency_check_suppressions_repo_branch
7- # The branch of the dependency-check-suppressions repository to use
8- # as the source of the suppressions file.
9- # This should point to "main" branch when being used for release,
10- # but can point to a different branch for experimentation/development.
11- dependency_check_suppressions_repo_branch: =feature/suppressions-for-company-accounts-api
12-
5+ dependency_check_suppressions_repo_branch: =main
136dependency_check_minimum_cvss := 4
147dependency_check_assembly_analyzer_enabled := false
158dependency_check_suppressions_repo_url: [email protected] :companieshouse/dependency-check-suppressions.git
@@ -105,11 +98,12 @@ dependency-check:
10598 suppressions_path=" $$ {suppressions_home}/suppressions/$( dependency_check_base_suppressions) " ; \
10699 if [ -f " $$ {suppressions_path}" ; then \
107100 cp -av " $$ {suppressions_path}" $(suppressions_file ) ; \
108- mvn org.owasp:dependency-check-maven:check -DfailBuildOnCVSS=$(dependency_check_minimum_cvss ) -DassemblyAnalyzerEnabled=$(dependency_check_assembly_analyzer_enabled ) -DsuppressionFiles=$(suppressions_file ) ; \
101+ mvn org.owasp:dependency-check-maven:check -Dformats= " json,html " -DprettyPrint - DfailBuildOnCVSS=$(dependency_check_minimum_cvss ) -DassemblyAnalyzerEnabled=$(dependency_check_assembly_analyzer_enabled ) -DsuppressionFiles=$(suppressions_file ) ; \
109102 else \
110103 printf -- " \n ERROR Cannot find suppressions file at '%s'\n" " $$ {suppressions_path}" >&2 ; \
111104 exit 1; \
112105 fi
113106
114107.PHONY : security-check
115- security-check : dependency-check
108+ security-check : dependency-check
109+
0 commit comments