diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 2c09eb6..1d7dedc 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -11,11 +11,12 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - - name: Set up JDK 1.8 - id: jdk-8 - uses: actions/setup-java@v1 + - name: Set up JDK 11 + id: jdk-11 + uses: actions/setup-java@v4 with: - java-version: 1.8 + java-version: 11 + distribution: 'zulu' - name: Build id: build run: | diff --git a/.github/workflows/pull_requests.yml b/.github/workflows/pull_requests.yml index a340fe3..4541df4 100644 --- a/.github/workflows/pull_requests.yml +++ b/.github/workflows/pull_requests.yml @@ -9,11 +9,12 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - - name: Set up JDK 1.8 - id: jdk-8 - uses: actions/setup-java@v1 + - name: Set up JDK 11 + id: jdk-11 + uses: actions/setup-java@v4 with: - java-version: 1.8 + java-version: 11 + distribution: 'zulu' - name: Build id: build run: | diff --git a/.java-version b/.java-version new file mode 100644 index 0000000..2dbc24b --- /dev/null +++ b/.java-version @@ -0,0 +1 @@ +11.0 diff --git a/README.md b/README.md index cf67b78..08c1dba 100644 --- a/README.md +++ b/README.md @@ -5,6 +5,11 @@ The dependency-check gradle plugin allows projects to monitor dependent libraries for known, published vulnerabilities. +## 11.0.0 Upgrade Notice +- The dependency-check-gradle plugin now requires Java 11 or higher. +- The dependency-check-gradle plugin will no longer be published to Maven Central; it + will continue to be published to the Gradle plugin portal. + ## 9.0.0 Upgrade Notice **Breaking Changes** are included in the 9.0.0 release. Please see the [9.0.0 Upgrade Notice](https://github.com/jeremylong/DependencyCheck#900-upgrade-notice) diff --git a/build.gradle b/build.gradle index 56d820a..db448ca 100644 --- a/build.gradle +++ b/build.gradle @@ -52,8 +52,8 @@ test { test.onlyIf { !project.hasProperty('skipTests') } java { - sourceCompatibility = JavaVersion.VERSION_1_8 - targetCompatibility = JavaVersion.VERSION_1_8 + sourceCompatibility = JavaVersion.VERSION_11 + targetCompatibility = JavaVersion.VERSION_11 } javadoc { @@ -64,37 +64,6 @@ javadoc { publishing { publications { - maven(MavenPublication) { - groupId = project.group - artifactId = 'dependency-check-gradle' - version = project.version - from components.java - pom { - name = 'dependency-check-gradle' - description = 'OWASP dependency-check gradle plugin is a software composition analysis tool used to find known vulnerable dependencies.' - - url = 'https://jeremylong.github.io/DependencyCheck/' - - licenses { - license { - name = 'The Apache License, Version 2.0' - url = 'https://github.com/dependency-check/dependency-check-gradle/blob/main/LICENSE.txt' - } - } - developers { - developer { - id = 'jlong' - name = 'Jeremy Long' - email = 'jeremy.long@owasp.org' - } - } - scm { - url = 'https://github.com/dependency-check/dependency-check-gradle' - connection = 'scm:git:https://github.com/dependency-check/dependency-check-gradle.git' - developerConnection = 'scm:git:https://github.com/dependency-check/dependency-check-gradle.git' - } - } - } pluginPublication(MavenPublication) { groupId = project.group artifactId = 'dependency-check-gradle' @@ -127,21 +96,8 @@ publishing { } } } - repositories { - maven { - url "https://oss.sonatype.org/service/local/staging/deploy/maven2" - credentials { - username project.findProperty('sonatypeUsername') ?: System.getenv("SONATYPE_USER") - password project.findProperty('sonatypePassword') ?: System.getenv("SONATYPE_PASSWORD") - } - } - } } -//signing { -// sign publishing.publications.pluginPublication -//} - gradlePlugin { website = 'http://jeremylong.github.io/DependencyCheck/dependency-check-gradle/index.html' vcsUrl = 'https://github.com/dependency-check/dependency-check-gradle/' diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 3d38422..ae42d46 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -4,18 +4,18 @@ spock = '2.3-groovy-3.0' junit = '5.10.3' [libraries] -owasp-dependencyCheck-core = { module = "org.owasp:dependency-check-core", version.ref = "odc" } -owasp-dependencyCheck-utils = { module = "org.owasp:dependency-check-utils", version.ref = "odc" } -openVuln-clients = { module = "io.github.jeremylong:open-vulnerability-clients", version = "6.1.7" } -slack-webhook = { module = "net.gpedro.integrations.slack:slack-webhook", version = "1.4.0" } +owasp-dependencyCheck-core = { module = 'org.owasp:dependency-check-core', version.ref = 'odc' } +owasp-dependencyCheck-utils = { module = 'org.owasp:dependency-check-utils', version.ref = 'odc' } +openVuln-clients = { module = 'io.github.jeremylong:open-vulnerability-clients', version = '6.1.7' } +slack-webhook = { module = 'net.gpedro.integrations.slack:slack-webhook', version = '1.4.0' } -junit-jupiter-api = { module = 'org.junit.jupiter:junit-jupiter-api', version.ref = "junit" } -junit-jupiter-params = { module = 'org.junit.jupiter:junit-jupiter-params', version.ref = "junit" } -junit-jupiter-engine = { module = 'org.junit.jupiter:junit-jupiter-engine', version.ref = "junit" } +junit-jupiter-api = { module = 'org.junit.jupiter:junit-jupiter-api', version.ref = 'junit' } +junit-jupiter-params = { module = 'org.junit.jupiter:junit-jupiter-params', version.ref = 'junit' } +junit-jupiter-engine = { module = 'org.junit.jupiter:junit-jupiter-engine', version.ref = 'junit' } -spock-core = { module = 'org.spockframework:spock-core', version.ref = "spock" } +spock-core = { module = 'org.spockframework:spock-core', version.ref = 'spock' } [bundles] [plugins] -gradle-plugin-publish = { id = "com.gradle.plugin-publish", version = "1.2.1" } \ No newline at end of file +gradle-plugin-publish = { id = 'com.gradle.plugin-publish', version = '1.3.0' } \ No newline at end of file diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties index 09523c0..3e59319 100644 --- a/gradle/wrapper/gradle-wrapper.properties +++ b/gradle/wrapper/gradle-wrapper.properties @@ -1,6 +1,6 @@ distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists -distributionUrl=https\://services.gradle.org/distributions/gradle-8.9-bin.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-7.6.4-bin.zip networkTimeout=10000 validateDistributionUrl=true zipStoreBase=GRADLE_USER_HOME