- (https://www.owasp.org/index.php/OWASP_Dependency_Check) (https://search.maven.org/artifact/org.owasp/dependency-check-maven/5.2.1/maven-plugin)
- (https://spotbugs.github.io/) (https://find-sec-bugs.github.io/)
- if github: (https://dependabot.com/) https://github.com/dependabot
- (https://github.com/meitar/awesome-cybersecurity-blueteam)
- (https://github.com/STAMP-project/dspot)
- (http://mvnrepository.com/)
Analyzes your Java Maven Project dependencies for security issues and technical debts (CVE/EOL/+).
-
(https://www.microsoft.com/en-us/msrc/technical-security-notifications)
-
(http://www.oracle.com/technetwork/topics/security/alerts-086861.html)
-
(http://cert.europa.eu/cert/newsletter/en/latest_Security%20Bulletins_.html) ** (http://cert.europa.eu/cert/filteredition/en/CERT-LatestNews.html)
-
(http://www.govcert.nl/english/service-provision/knowledge-and-publications/factsheets)
-
(http://www.securitepublique.gc.ca/cnt/rsrcs/cybr-ctr/index-fra.aspx)
Notes: http://maven.apache.org/plugins/maven-project-info-reports-plugin/xref/index.html
https://github.com/skuro/plan-maven-plugin http://maven.40175.n5.nabble.com/ANN-Rate-my-Mojo-part-II-Launchify-td5696672.html http://mojo.codehaus.org/cassandra-maven-plugin/ http://code.google.com/p/pulloid/ java,pull,xml,parser,java,android,license_aslv2 http://maven.apache.org/plugins/localization.html http://www.displaytag.org http://www.jboss.org/shrinkwrap license_aslv2,jar http://sourceforge.net/projects/dnsjnio/ dns,java,nio,license_aslv2 https://docs.sonatype.org/display/Repository/Sonatype+OSS+Maven+Repository+Usage+Guide maven,upload,artifact,new,central,upload http://jira.codehaus.org/browse/MAVENUPLOAD
return getDirBySystemProperty( "JAVAFX_HOME" ); https://bitbucket.org/cedarsoft/org.jfxtras.maven-plugin/src/6db3cbe0665b/src/main/java/org/jfxtras/InstallSdkToLocalRepository.java http://blog.cedarsoft.com/2010/10/hierarchical-structures-with-java-enums/ enums,java,hierarchy,tree http://blog.cedarsoft.com/2010/08/unit-testing-time-zone-and-stuff/ testing,time,zone,java http://blog.cedarsoft.com/2010/11/setting-java-library-path-programmatically/#comments path,java,java.library.path http://www.cdnjs.com/ cdn,js https://github.com/lenniboy/jspc-maven-plugin maven,jsp,precompilation,java,plugin http://searls.github.com/jasmine-maven-plugin/ maven,java,testing,plugin https://github.com/lenniboy/debug-maven-plugin tree,maven,plugin,debug,dependency,conflict http://www.trackyourtests.com/ java,testing,maven,history,github http://www.thebuzzmedia.com/software/exiftool-enhanced-java-integration-for-exiftool/ java,exif,exiftool,photo,metadata http://jawr.java.net/features.html java,license_aslv2,maven,bundle,cdn,jawr
http://www.xebialabs.com/features deployit http://jduchess.org/duchess-france/blog/paris-jug-de-mai-build-share-deploy-jusquau-bout-de-la-nuit-5/ deployit,itil,cdn,maven,fr http://www.dbmaintain.org/overview.html maven,database,deployment,ant,version,sql,testing https://evolvis.org/plugins/mediawiki/wiki/kaliko/index.php/Main_Page scheduler,webservice,java
https://docs.sonatype.org/display/AETHER/Using+Aether+in+Maven+Plugins maven,aether,mojo,plugin http://www.eclipse.org/aether/ maven,aether,eclipse https://github.com/sonatype/mvnsh mvn,shell,maven http://stackoverflow.com/questions/6291146/arquillian-shrinkwrap-mavendependencyresolver-behind-proxy http://philippe.poumaroux.free.fr/public/thucydides/thucydides-fr.html java,testing,thucydides,tdd,maven,fr,manuel https://github.com/thucydides-webtests/thucydides java,testing,thucydides,tdd,maven,github http://maven.40175.n5.nabble.com/Converting-an-Artifact-Aether-to-MavenProject-td5609901.html http://git.eclipse.org/c/aether/aether-demo.git/tree/aether-demo-snippets/src/main/java/org/eclipse/aether/examples/ResolveTransitiveDependencies.java http://git.eclipse.org/c/aether/aether-demo.git/tree/aether-demo-snippets/src/main/java/org/eclipse/aether/examples/ResolveTransitiveDependencies.java http://stackoverflow.com/questions/5393873/epl-eclipse-public-license-gpl-gnu-public-license-lgpl-lesser-gpl-and-lic license,license_epl,license_gpl,discussion,epl,gpl http://www.fsf.org/blogs/licensing/using-the-gpl-for-eclipse-plug-ins license,license_epl,license_gpl,discussion,epl,gpl http://maven.apache.org/plugins/maven-shade-plugin/examples/resource-transformers.html maven,uberjar,jar,onejar https://github.com/eclipse/aether-demo/tree/master/aether-demo-snippets/src/main/java/org/eclipse/aether/examples http://objenesis.googlecode.com/svn/docs/index.html java,reflection,license_aslv2 https://dev.eclipse.org/mailman/listinfo/aether-users maven,aether,mailing list,archive http://www.rexsl.com/ xml,java,maven,xsl,rest,services,license_bsd,jaxb,jax-rs http://www.jcabi.com/ java,aether,maven http://www.jcabi.com/jcabi-log/decors.html java,logging,formatting,decors,license_bsd http://trac.fazend.com/rempl/ rempl,code,analysis,java http://superuser.com/questions/261440/whats-the-closest-equivalent-of-little-snitch-mac-program-on-windows privacy,personal active filter,little snitch
http://www.jarvana.com/jarvana/view/org/sonatype/aether/aether-spi/1.1/aether-spi-1.1-javadoc.jar!/overview-summary.html http://code.google.com/p/vosao/ cms,gae http://news.ycombinator.com/item?id=3988801 rabk,karma,reputation https://bugs.eclipse.org/bugs/buglist.cgi?query_format=specific&order=relevance+desc&bug_status=__open__&product=Aether aether,bugtracker
testing java.io.IOException: Stream closed at java.io.BufferedInputStream.getInIfOpen(Unknown Source) at java.io.BufferedInputStream.fill(Unknown Source) at java.io.BufferedInputStream.read(Unknown Source) at org.codehaus.plexus.util.xml.XmlReader.getBOMEncoding(XmlReader.java:635) at org.codehaus.plexus.util.xml.XmlReader.doRawStream(XmlReader.java:459) at org.codehaus.plexus.util.xml.XmlReader.(XmlReader.java:180) at org.codehaus.plexus.util.xml.XmlReader.(XmlReader.java:143) at org.codehaus.plexus.util.xml.XmlStreamReader.(XmlStreamReader.java:86) at org.codehaus.plexus.util.ReaderFactory.newXmlReader(ReaderFactory.java:104) at org.apache.maven.plugin.testing.AbstractMojoTestCase.setUp(AbstractMojoTestCase.java:91) at junit.framework.TestCase.runBare(TestCase.java:132) at junit.framework.TestResult$1.protect(TestResult.java:110) at junit.framework.TestResult.runProtected(TestResult.java:128) at junit.framework.TestResult.run(TestResult.java:113) at junit.framework.TestCase.run(TestCase.java:124) at junit.framework.TestSuite.runTest(TestSuite.java:243) at junit.framework.TestSuite.run(TestSuite.java:238) at org.junit.internal.runners.JUnit38ClassRunner.run(JUnit38ClassRunner.java:83) at org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:50) at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:467) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:683) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:390) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:197)
ExecutionEnvironment Exception in thread "main" java.lang.NullPointerException: mavenProject may not be null at org.twdata.maven.mojoexecutor.MojoExecutor$ExecutionEnvironment.(MojoExecutor.java:280) at org.twdata.maven.mojoexecutor.MojoExecutor.executionEnvironment(MojoExecutor.java:122) at org.github.based2.maven.plugin.checker.MavenSecurityChecker.loadMavenDependencyTree(MavenSecurityChecker.java:150) at org.github.based2.maven.plugin.checker.MavenSecurityChecker.main(MavenSecurityChecker.java:284)
MavenProject project; MavenSession session BuildPluginManager pluginManager
The plugins support several configuration options that can either be expressed in your project's POM file or in your settings.xml file. Where you put the plugin settings depends on whether you want a specific setting to be configured globally or on a per-project basis.
All GitHub Maven plugins support the following core configuration elements.
The notation below shows the plugin configuration property name followed by the settings configuration property in parentheses.
- host (github.global.host)
- Domain of GitHub API calls (defaults to
api.github.com)
- Domain of GitHub API calls (defaults to
- oauth2Token (github.global.oauth2Token)
- OAuth2 access token for API authentication
- More about GitHub OAuth support
- userName (github.global.userName)
- GitHub user name used for API authentication
- password (github.global.password)
- GitHub password used for API authentication
- repositoryName
- Name of repository that downloads will be uploaded to
- repositoryOwner
- Owner of repository that downloads will be uploaded to
Note: repositoryOwner property and repositoryName are optional and will be
inferred from the following properties if not specified
project.urlproject.scm.urlproject.scm.connectionproject.scm.developerConnection
Maven plugin that creates and uploads built resources to be available as
GitHub repository downloads. The plugin has an upload goal and is configured
with a goal prefix of ghDownloads. The plugin will upload the single build
artifact by default but can be reconfigured to include/exclude files found in
the build directory or to include attached artifacts such as Javadoc jars or
sources jars.
- description
- Description visible on the repository download page
- includes
- Sub-elements will be treated as patterns to include from the
project.build.directoryas downloads - This element is optional and will default to create a download of the build's main artifact
- Sub-elements will be treated as patterns to include from the
- excludes
- Sub-elements will be treated as patterns to exclude from the
project.build.directoryas downloads - This element is optional and will default to create a download of the build's main artifact
- Sub-elements will be treated as patterns to exclude from the
- includeAttached (github.downloads.includeAttached)
- true | false (default: false)
- Whether to create downloads from attached artifacts, by default only the main artifact is uploaded
- dryRun (github.downloads.dryRun)
- true | false (default: false)
- Log what files would be uploaded and what existing downloads would be deleted without actually modifying the current downloads
- override (github.downloads.override)
- true | false (default: false)
- Whether existing downloads with the same name will be deleted before attempting to upload a new version
- Note: Attempts to upload a download with the same name as one that already exists will fail unless this is set to true
- suffix
- String to be appended after file name but before file extension for uploaded files
- A suffix of
-masterwould cause artifacts to be uploaded asmyartifact-1.0-master.jar
<build>
<plugins>
<plugin>
<groupId>com.github.github</groupId>
<artifactId>downloads-maven-plugin</artifactId>
<version>0.4</version>
<configuration>
<description>${project.version} release of ${project.name}</description>
<override>true</override>
<includeAttached>true</includeAttached>
</configuration>
</plugin>
</plugins>
</build>To upload a built artifact run the following command:
$ mvn clean install ghDownloads:upload
You can also bind the upload goal to execute as part of a specific phase:
<executions>
<execution>
<goals>
<goal>upload</goal>
</goals>
<phase>install</phase>
</execution>
</executions>Maven plugin that commits files generated and updates a specific branch
reference in a GitHub repository. This plugin can be used to deploy a created
Maven site to a gh-pages branch so that it can be served statically as a
GitHub Project Page. The plugin has a site goal and is configured with a goal
prefix of ghSite.
- branch
- Branch ref that will be updated to commit made
- Default:
refs/heads/gh-pages
- message
- Message used for commit
- outputDirectory
- Directory that includes and excludes will be relative to
- Defaults to
siteOutputDirectoryorproject.reporting.outputDirectory
- includes
- Sub-elements will be treated as patterns to include from the
outputDirectory
- Sub-elements will be treated as patterns to include from the
- excludes
- Sub-elements will be treated as patterns to exclude from the
outputDirectory
- Sub-elements will be treated as patterns to exclude from the
- path
- Path relative to the root of the repository that all blobs should be relative to
- force (github.site.force)
- true | false (default: false)
- Whether to force a ref update, default is fast-forwards only
- merge (github.site.merge)
- true | false (default: false)
- Whether to merge with the current tree or completely replace the tree that the commit points to
- dryRun (github.site.dryRun)
- true | false (default: false)
- Log what blobs, tree, and commits would be created without actually creating them
- noJekyll (github.site.noJekyll)
- true | false (default: false)
- Whether to always create a
.nojekyllfile at the root of the site if one doesn't already exist. This setting should be enabled if your site contains any folders that begin with an underscore.