Maven owasp dep update (#776)

* add pmd and owasp dependency check through -P owasp profile * suppress full stack trace in log * revert to spring 2.2.0 as 2.2.4 failed in travis * added owasp dependency check maven configuration details to vulenerable lesson page 7
2020-04-06 16:01:09 +02:00
parent bb6d06713f
commit c4153ecbfb
10 changed files with 1940 additions and 36 deletions
--- a/webgoat-container/pom.xml
+++ b/webgoat-container/pom.xml
@ -1,7 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
-    <groupId>org.owasp.webgoat</groupId>
    <name>webgoat-container</name>
    <modelVersion>4.0.0</modelVersion>
    <artifactId>webgoat-container</artifactId>
@ -18,7 +17,6 @@
            <plugin>
                <groupId>org.apache.maven.plugins</groupId>
                <artifactId>maven-surefire-plugin</artifactId>
-                <version>${maven-surefire-plugin.version}</version>
                <configuration>
                    <forkCount>0</forkCount>
                    <reuseForks>true</reuseForks>
@ -30,7 +28,6 @@
            <plugin>
                <groupId>org.apache.maven.plugins</groupId>
                <artifactId>maven-jar-plugin</artifactId>
-                <version>3.0.2</version>
                <executions>
                    <execution>
                        <goals>
@ -88,7 +85,6 @@
        <dependency>
            <groupId>org.apache.commons</groupId>
            <artifactId>commons-lang3</artifactId>
-            <version>${commons-lang3.version}</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
@ -105,7 +101,6 @@
        <dependency>
            <groupId>org.hsqldb</groupId>
            <artifactId>hsqldb</artifactId>
-            <version>${hsqldb.version}</version>
        </dependency>

        <!-- ************* END spring MVC and related dependencies ************** -->
@ -118,13 +113,12 @@
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-test</artifactId>
-            <version>4.1.3.RELEASE</version>
+            <!-- <version>4.1.3.RELEASE</version>-->
            <scope>test</scope>
        </dependency>
        <dependency>
            <groupId>junit</groupId>
            <artifactId>junit</artifactId>
-            <version>${junit.version}</version>
            <type>jar</type>
            <scope>test</scope>
        </dependency>