Merge pull request #58 from element-hq/renovate/org.owasp.dependencyc…

…heck-10.x Update plugin dependencycheck to v10.0.2
element-hq · Jul 11, 2024 · 6774890 · 6774890
2 parents 1f0f143 + bdc14bd
commit 6774890
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 2 deletions.
diff --git a/.github/workflows/nightlyReports.yml b/.github/workflows/nightlyReports.yml
@@ -66,7 +66,7 @@ jobs:
         with:
           cache-read-only: ${{ github.ref != 'refs/heads/main' }}
       - name: Dependency analysis
-        run: ./gradlew dependencyCheckAnalyze $CI_GRADLE_ARG_PROPERTIES
+        run: ./gradlew :compound:dependencyCheckAnalyze $CI_GRADLE_ARG_PROPERTIES -PNVD_API_KEY="${{ secrets.NVD_API_KEY }}"
       - name: Upload dependency analysis
         if: always()
         uses: actions/upload-artifact@v4

diff --git a/compound/build.gradle.kts b/compound/build.gradle.kts
@@ -23,6 +23,7 @@ plugins {
     alias(libs.plugins.ksp)
     alias(libs.plugins.kover)
     alias(libs.plugins.roborazzi)
+    alias(libs.plugins.dependencycheck)
 }
 
 android {
@@ -95,6 +96,11 @@ kotlin {
     jvmToolchain(17)
 }
 
+configure<org.owasp.dependencycheck.gradle.extension.DependencyCheckExtension> {
+    (properties["NVD_API_KEY"] as? String)?.let { nvd.apiKey = it }
+    nvd.delay = 1600
+}
+
 mavenPublishing {
     publishToMavenCentral(SonatypeHost.S01)
     signAllPublications()

diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml
@@ -53,5 +53,5 @@ ksp = { id = "com.google.devtools.ksp", version.ref = "ksp" }
 maven_publish = { id = "com.vanniktech.maven.publish", version = "0.29.0" }
 kover = { id = "org.jetbrains.kotlinx.kover", version.ref = "kover" }
 roborazzi = { id = "io.github.takahirom.roborazzi", version.ref = "roborazzi" }
-dependencycheck = "org.owasp.dependencycheck:10.0.1"
+dependencycheck = "org.owasp.dependencycheck:10.0.2"
 sonarqube = "org.sonarqube:5.1.0.4882"