4.0.0 io.github.pmckeown dependency-track-maven-plugin 1.10.2 maven-plugin Dependency Track Maven Plugin Maven plugin to integrate with a Dependency Track server to submit dependency manifests and gather project metrics. Can be used within build pipelines to analyse the current project and optionally fail the build if vulnerabilities are found. https://github.com/pmckeown/dependency-track-maven-plugin 2019 Apache-2.0 http://www.apache.org/licenses/LICENSE-2.0.txt repo Paul McKeown Developer scm:git:git@github.com:pmckeown/dependency-track-maven-plugin.git scm:git:git@github.com:pmckeown/dependency-track-maven-plugin.git HEAD https://github.com/pmckeown/dependency-track-maven-plugin.git github https://github.com/pmckeown/dependency-track-maven-plugin/issues github-actions https://github.com/pmckeown/dependency-track-maven-plugin/actions/workflows/maven.yml ossrh https://oss.sonatype.org/service/local/staging/deploy/maven2/ ossrh https://oss.sonatype.org/content/repositories/snapshots UTF-8 8 3.9.5 11 pmckeown https://sonarcloud.io 2.7.10 com.konghq unirest-java 3.14.5 standalone com.konghq unirest-objectmapper-jackson 3.14.5 com.fasterxml.jackson.core jackson-core 2.17.2 com.fasterxml.jackson.core jackson-databind 2.17.2 org.apache.commons commons-lang3 3.12.0 javax.inject javax.inject 1 com.google.inject guice 5.1.0 org.eclipse.sisu org.eclipse.sisu.inject 0.3.5 com.google.guava guava 32.1.1-jre org.apache.maven maven-plugin-api ${maven.version} provided org.apache.maven maven-core ${maven.version} provided org.apache.maven maven-artifact ${maven.version} provided com.evanlennick retry4j 0.15.0 javax.xml.bind jaxb-api 2.4.0-b180830.0359 com.sun.activation javax.activation 1.2.0 com.sun.xml.bind jaxb-core 2.3.0.1 com.sun.xml.bind jaxb-impl 2.3.3 org.cyclonedx cyclonedx-core-java 9.0.4 org.apache.maven maven-compat ${maven.version} test org.apache.maven.plugin-tools maven-plugin-annotations 3.15.1 provided junit junit 4.13.2 test org.apache.maven.plugin-testing maven-plugin-testing-harness 3.3.0 test org.wiremock wiremock 3.0.4 test org.mockito mockito-core 5.14.2 test maven-clean-plugin 3.4.0 maven-resources-plugin 3.3.1 org.apache.maven.plugins maven-compiler-plugin 3.13.0 ${java.version} ${java.version} ${java.version} maven-plugin-plugin 3.15.1 true maven-surefire-plugin 3.5.2 maven-jar-plugin 3.4.2 maven-install-plugin 3.1.3 maven-deploy-plugin 3.1.3 maven-invoker-plugin 3.8.1 maven-source-plugin 3.3.1 maven-javadoc-plugin 3.11.2 org.sonarsource.scanner.maven sonar-maven-plugin 5.0.0.4389 org.jacoco jacoco-maven-plugin 0.8.12 true org.apache.maven.plugins maven-enforcer-plugin 3.6.1 enforce-maven enforce ${maven.version} ${java.build.version} org.jacoco jacoco-maven-plugin prepare-agent prepare-agent prepare-agent-integration prepare-agent-integration jacoco-site report verify maven-resources-plugin copy-resources copy-resources validate ${basedir}/target/classes/META-INF src/main/resources true com.diffplug.spotless spotless-maven-plugin 2.45.0 pom.xml src/it/*/pom.xml 4 schemaLocation check verify release org.apache.maven.plugins maven-plugin-plugin mojo-descriptor descriptor help-goal helpmojo org.apache.maven.plugins maven-source-plugin attach-sources jar-no-fork org.apache.maven.plugins maven-javadoc-plugin attach-javadocs jar org.apache.maven.plugins maven-gpg-plugin 3.1.0 sign-artifacts sign verify org.sonatype.central central-publishing-maven-plugin 0.6.0 true central org.eclipse.sisu sisu-maven-plugin 0.3.5 generate-index index package sonar env.SONAR_TOKEN io.github.pmckeown:dependency-track-maven-plugin ${env.SONAR_TOKEN} ${project.basedir}/target/site/jacoco/jacoco.xml org.sonarsource.scanner.maven sonar-maven-plugin sonar verify eat-your-own-dog-food org.cyclonedx cyclonedx-maven-plugin ${cyclonedx-maven-plugin.version} 1.4 true true true true true false generate-bom makeAggregateBom verify io.github.pmckeown dependency-track-maven-plugin ${project.version} ${env.DEPENDENCY_TRACK_BASE_URL} ${env.DEPENDENCY_TRACK_API_KEY} true upload-bom upload-bom verify true true dog-food fail-if-vulnerabilities-present findings verify 0 0 0 0 org.codehaus.mojo build-helper-maven-plugin 3.6.0 timestamp-property validate yyyyMMddHHmmss it.snapshot.timestamp org.apache.maven.plugins maven-invoker-plugin 3.9.0 local-plugin-install install integration-test run verify ${skipITs}