From 5acef501689a79dbe96bf1191e3a1a8adacb025d Mon Sep 17 00:00:00 2001
From: Ezhilmaran Nandhagopal <n.ezhilmaran@metro-advertising.de>
Date: Fri, 21 Sep 2018 12:00:40 +0530
Subject: [PATCH] Add OWASP dependency check and fix the vulnerabilities

---
 build.gradle           |  6 ++++--
 gradle/security.gradle | 20 ++++++++++++++++++++
 2 files changed, 24 insertions(+), 2 deletions(-)
 create mode 100644 gradle/security.gradle

diff --git a/build.gradle b/build.gradle
index 09362cb..41e8fa7 100644
--- a/build.gradle
+++ b/build.gradle
@@ -7,6 +7,7 @@ buildscript {
         classpath 'org.kt3k.gradle.plugin:coveralls-gradle-plugin:2.0.1'
         classpath 'com.jfrog.bintray.gradle:gradle-bintray-plugin:1.7.3'
         classpath "org.jfrog.buildinfo:build-info-extractor-gradle:4.4.18"
+        classpath 'org.owasp:dependency-check-gradle:3.3.2'
     }
 }
 description = 'A Swagger assertion library'
@@ -20,6 +21,7 @@ apply plugin: 'com.github.kt3k.coveralls'
 apply plugin: 'com.jfrog.bintray'
 apply plugin: "com.jfrog.artifactory"
 apply from: 'gradle/publishing.gradle'
+apply from: 'gradle/security.gradle'
 
 tasks.withType(JavaCompile) {
     sourceCompatibility = "1.8"
@@ -36,8 +38,8 @@ repositories {
 }
 
 dependencies {
-    compile "io.swagger:swagger-compat-spec-parser:1.0.34"
-    compile "commons-collections:commons-collections:3.2.1"
+    compile "io.swagger:swagger-compat-spec-parser:1.0.35"
+    compile "commons-collections:commons-collections:3.2.2"
     compile "org.slf4j:slf4j-api:1.7.12"
     compile "org.assertj:assertj-core:3.9.1"
     testCompile "junit:junit:4.11"
diff --git a/gradle/security.gradle b/gradle/security.gradle
new file mode 100644
index 0000000..ef61590
--- /dev/null
+++ b/gradle/security.gradle
@@ -0,0 +1,20 @@
+apply plugin: 'org.owasp.dependencycheck'
+
+check.dependsOn dependencyCheckAnalyze
+
+dependencyCheck {
+    cveValidForHours = 8
+    failBuildOnCVSS = 5
+    analyzers {
+        nexusEnabled = false
+        pyDistributionEnabled = false
+        pyPackageEnabled = false
+        rubygemsEnabled = false
+        cmakeEnabled = false
+        autoconfEnabled = false
+        composerEnabled = false
+        nodeEnabled = false
+        nuspecEnabled = false
+        assemblyEnabled = false
+    }
+}
\ No newline at end of file