How to add a plugin to Maven (or SBT) scans?

[Vít Šesták]

When I use standalone ODC, I can add the JARs into plugins directory. When I use Gradle plugin, I can put them as build dependencies in build.gradle. But what about Maven plugin? Maybe I could use bootclasspath, but this is a heavy hack.

I would like to know this also for SBT.

Regards,
Vít Šesták 'v6ak'

[Alexander von Buchholtz]

Hi Vít,

 

for sbt you can define your unmanaged jars by either definding a base directory or a jar file in build.sbt.

Please see sbt documentation for more details: http://www.scala-sbt.org/1.x/docs/Library-Dependencies.html#Unmanaged+dependencies

 

Cheers Alex

--
You received this message because you are subscribed to the Google Groups "Dependency Check" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dependency-che...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Vít Šesták]

Hi Alexander,
thank you, but adding unmanaged dependencies is not what I need. The plugins are in our local repository, so I can locate them by their identifiers. But this would add them to the project (so ODC would analyze their potential vulnerabilities). I need them on the ODC classpath, so ODC uses them as plugins.

Regards,
Vít Šesták 'v6ak'

[Alexander von Buchholtz]

Hi Vít,

 

you can add additional dependencies to your build environment in the project/plugins.sbt file so that they are available in the classpath during build time, e.g.

 

addSbtPlugin("net.vonbuchholtz" % "sbt-dependency-check" % "0.2.1")

// plain library (not an sbt plugin) for use in the build definition
libraryDependencies += "org.example" % "utilities" % "1.3"

 

See http://www.scala-sbt.org/1.0/docs/Plugins.html#Using+an+auto+plugin for details.

 

Hope this solves your use case.

Regards

[Vít Šesták]

Aha, got it. Thank you.

I can answer myself the Maven question: https://maven.apache.org/guides/mini/guide-configuring-plugins.html#Using_the_dependencies_Tag

Regards,
Vít Šesták 'v6ak'