Updated owasp gradle plugin to 12.0.2 (#103)

Nikita-Smirnov-Exactpro · web-flow · commit ba5aa3ebf8f4 · 2025-02-11T09:00:24.000+01:00
diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml
@@ -16,7 +16,7 @@ protobuf = { group = "com.google.protobuf", name = "protobuf-gradle-plugin", ver
 licenses = { group = "com.github.jk1.dependency-license-report", name = "com.github.jk1.dependency-license-report.gradle.plugin", version = "2.8" }
 download = { group = "de.undercouch.download", name = "de.undercouch.download.gradle.plugin", version = "5.6.0" }
 git-properties = { group = "com.gorylenko.gradle-git-properties", name = "gradle-git-properties", version = "2.4.2" }
-owasp = { group = "org.owasp", name = "dependency-check-gradle", version = "10.0.4" }
+owasp = { group = "org.owasp", name = "dependency-check-gradle", version = "12.0.2" }
 junit-bom = { group = "org.junit", name = "junit-bom", version = "5.11.4" }
 junit-parameters = { group = "org.junit.jupiter", name = "junit-jupiter-params" }
 junit-launcher = { group = "org.junit.platform", name = "junit-platform-launcher" }
diff --git a/plugin/src/main/kotlin/com/exactpro/th2/gradle/BaseTh2Plugin.kt b/plugin/src/main/kotlin/com/exactpro/th2/gradle/BaseTh2Plugin.kt
@@ -94,7 +94,9 @@ class BaseTh2Plugin : Plugin<Project> {
                 nugetconfEnabled = false
                 nodeEnabled = false
 
-                knownExploitedURL = project.findProperty("analyzersKnownExploitedURL") as? String
+                kev.apply {
+                    url = project.findProperty("analyzersKnownExploitedURL") as? String
+                }
             }
         }
     }
@@ -106,13 +108,18 @@ class BaseTh2Plugin : Plugin<Project> {
                 project.findProperty(TH2_LICENCE_LICENSE_NORMALIZER_BUNDLE_PATH_PROP)?.toString()?.let(::File)
 
             if (licenseNormalizerBundlePath == null) {
-                licenseNormalizerBundlePath = project.layout.buildDirectory.asFile.get().resolve("license-normalizer-bundle.json")
+                licenseNormalizerBundlePath =
+                    project.layout.buildDirectory.asFile
+                        .get()
+                        .resolve("license-normalizer-bundle.json")
                 if (!licenseNormalizerBundlePath.exists()) {
-                    DownloadAction(project).apply {
-                        src("$BASE_EXTERNAL_CONFIGURATION_URL/license-compliance/gradle-license-report/license-normalizer-bundle.json")
-                        dest(licenseNormalizerBundlePath)
-                        overwrite(false)
-                    }.execute().get()
+                    DownloadAction(project)
+                        .apply {
+                            src("$BASE_EXTERNAL_CONFIGURATION_URL/license-compliance/gradle-license-report/license-normalizer-bundle.json")
+                            dest(licenseNormalizerBundlePath)
+                            overwrite(false)
+                        }.execute()
+                        .get()
                 }
             }
 
diff --git a/plugin/src/test/kotlin/com/exactpro/th2/gradle/BaseTh2PluginTest.kt b/plugin/src/test/kotlin/com/exactpro/th2/gradle/BaseTh2PluginTest.kt
@@ -109,7 +109,7 @@ internal class BaseTh2PluginTest {
             {
                 assertEquals(
                     analyzersKnownExploitedURL,
-                    analyzers.knownExploitedURL,
+                    analyzers.kev.url,
                     "unexpected dependencyCheck.analyzers.knownExploitedURL",
                 )
             },
@@ -142,6 +142,7 @@ internal class BaseTh2PluginTest {
         assertNotNull(bom, "bom not found in the $configuration configuration")
     }
 
+    @Suppress("unused")
     private fun requiredPlugins() = listOf("java", "java-library", "org.jetbrains.kotlin.jvm")
 
     private fun assertDependencyCheck(extension: DependencyCheckExtension) =
@@ -169,7 +170,7 @@ internal class BaseTh2PluginTest {
             { assertFalse(extension.assemblyEnabled, "unexpected analyzers.assemblyEnabled") },
             { assertFalse(extension.nugetconfEnabled, "unexpected analyzers.nugetconfEnabled") },
             { assertFalse(extension.nodeEnabled, "unexpected analyzers.nodeEnabled") },
-            { assertNull(extension.knownExploitedURL, "unexpected analyzers.knownExploitedURL") },
+            { assertNull(extension.kev.url, "unexpected analyzers.knownExploitedURL") },
         )
 
     private fun assertNvd(extension: NvdExtension) =

Original file line number	Diff line number	Diff line change
`@@ -109,7 +109,7 @@ internal class BaseTh2PluginTest {`
`109`	`109`	`{`
`110`	`110`	`assertEquals(`
`111`	`111`	`analyzersKnownExploitedURL,`
`112`		`- analyzers.knownExploitedURL,`
	`112`	`+ analyzers.kev.url,`
`113`	`113`	`"unexpected dependencyCheck.analyzers.knownExploitedURL",`
`114`	`114`	`)`
`115`	`115`	`},`
`@@ -142,6 +142,7 @@ internal class BaseTh2PluginTest {`
`142`	`142`	`assertNotNull(bom, "bom not found in the $configuration configuration")`
`143`	`143`	`}`
`144`	`144`
	`145`	`+ @Suppress("unused")`
`145`	`146`	`private fun requiredPlugins() = listOf("java", "java-library", "org.jetbrains.kotlin.jvm")`
`146`	`147`
`147`	`148`	`private fun assertDependencyCheck(extension: DependencyCheckExtension) =`
`@@ -169,7 +170,7 @@ internal class BaseTh2PluginTest {`
`169`	`170`	`{ assertFalse(extension.assemblyEnabled, "unexpected analyzers.assemblyEnabled") },`
`170`	`171`	`{ assertFalse(extension.nugetconfEnabled, "unexpected analyzers.nugetconfEnabled") },`
`171`	`172`	`{ assertFalse(extension.nodeEnabled, "unexpected analyzers.nodeEnabled") },`
`172`		`- { assertNull(extension.knownExploitedURL, "unexpected analyzers.knownExploitedURL") },`
	`173`	`+ { assertNull(extension.kev.url, "unexpected analyzers.knownExploitedURL") },`
`173`	`174`	`)`
`174`	`175`
`175`	`176`	`private fun assertNvd(extension: NvdExtension) =`