Added sonarqube dependency scanning

.vscode/tasks.json

@@ -16,22 +16,29 @@
 			"group": "test"
 		},
 		{
-			"label": "sonarqube build",
+			"label": "sonarqube build (Windows)",
 			"group": "build",
 			"type": "shell",
-			"command": "mvn",
-			"args":[
-				"clean",
-				"verify",
-				"sonar:sonar",
-				"-D'sonar.projectKey=mattrixwv_javaclasses_AYGcayKpopaC7KAbzMEM'",
-				"-D'sonar.host.url=http://192.168.1.4:9000'",
-				"-D'sonar.login=sqp_2af28d9d9fec79b24bc7db35323d9e2f193b7972'"
-			],
+			"command": "./sonarBuild.ps1",
 			"presentation": {
 				"echo": true,
 				"reveal": "always",
-				"focus": false,
+				"focus": true,
+				"panel": "shared",
+				"showReuseMessage": true,
+				"clear": false
+			},
+			"problemMatcher": []
+		},
+		{
+			"label": "sonarqube build (Linux)",
+			"group": "build",
+			"type": "shell",
+			"command": "./sonarBuild.sh",
+			"presentation": {
+				"echo": true,
+				"reveal": "always",
+				"focus": true,
 				"panel": "shared",
 				"showReuseMessage": true,
 				"clear": false

pom.xml

@@ -6,22 +6,29 @@
 
 	<groupId>mattrixwv</groupId>
 	<artifactId>myClasses</artifactId>
-	<version>1.0.0</version>
+	<version>1.0.1</version>
 
 	<name>myClasses</name>
 	<url>www.mattrixwv.com</url>
 
 	<properties>
+		<!--Compile-->
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 		<maven.compiler.source>18</maven.compiler.source>
 		<maven.compiler.target>18</maven.compiler.target>
+		<java.version>18</java.version>
+
+		<!--Sonarqube-->
+		<sonar.java.source>18</sonar.java.source>
+		<sonar.dependencyCheck.jsonReportPath>target/dependency-check-report.json</sonar.dependencyCheck.jsonReportPath>
+		<sonar.dependencyCheck.htmlReportPath>target/dependency-check-report.html</sonar.dependencyCheck.htmlReportPath>
 	</properties>
 
 	<dependencies>
 		<dependency>
 			<groupId>org.junit.jupiter</groupId>
 			<artifactId>junit-jupiter-api</artifactId>
-			<version>5.8.2</version>
+			<version>5.9.0</version>
 			<scope>test</scope>
 		</dependency>
 	</dependencies>
@@ -97,7 +104,7 @@
 					<rulesUri>file://${session.executionRootDirectory}/version-rules.xml</rulesUri>
 				</configuration>
 			</plugin>
-			<!--Sonar-->
+			<!--Sonarqube-->
 			<plugin>
 				<groupId>org.sonarsource.scanner.maven</groupId>
 				<artifactId>sonar-maven-plugin</artifactId>
@@ -123,6 +130,25 @@
 					</execution>
 				</executions>
 			</plugin>
+			<plugin>
+				<groupId>org.owasp</groupId>
+				<artifactId>dependency-check-maven</artifactId>
+				<version>7.1.1</version>
+				<executions>
+					<execution>
+						<phase>verify</phase>
+						<goals>
+							<goal>check</goal>
+						</goals>
+					</execution>
+				</executions>
+				<configuration>
+					<formats>
+						<format>json</format>
+						<format>html</format>
+					</formats>
+				</configuration>
+			</plugin>
 		</plugins>
 	</build>
 </project>

sonarBuild.ps1

@@ -0,0 +1 @@
+mvn clean verify sonar:sonar -D'sonar.projectKey=JavaClasses' -D'sonar.host.url=https://sonarqube.mattrixwv.com' -D'sonar.login=sqp_3bd68b2363ccad7d2f9ba76cc6e9871044c26c93'