From 46460bc53b3971db43d6db81ac7a808ddf26c2c1 Mon Sep 17 00:00:00 2001
From: Mattrixwv <m_ellison@ymail.com>
Date: Sat, 30 Jul 2022 15:36:58 -0400
Subject: [PATCH] Added sonarqube dependency scanning

---
 .gitignore         |  2 ++
 .vscode/tasks.json | 31 +++++++++++++++++++------------
 pom.xml            | 33 +++++++++++++++++++++++++++++----
 3 files changed, 50 insertions(+), 16 deletions(-)

diff --git a/.gitignore b/.gitignore
index b91e40d..453681b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -3,3 +3,5 @@
 .project
 .settings/
 target/
+sonarBuild.ps1
+sonarBuild.sh
diff --git a/.vscode/tasks.json b/.vscode/tasks.json
index f866770..9ebb26a 100644
--- a/.vscode/tasks.json
+++ b/.vscode/tasks.json
@@ -16,22 +16,29 @@
 			"group": "test"
 		},
 		{
-			"label": "sonarqube build",
+			"label": "sonarqube build (Windows)",
 			"group": "build",
 			"type": "shell",
-			"command": "mvn",
-			"args": [
-				"clean",
-				"verify",
-				"sonar:sonar",
-				"-D'sonar.projectKey=mattrixwv_matrix_AYGcc3wBopaC7KAbzMEd'",
-				"-D'sonar.host.url=http://192.168.1.4:9000'",
-				"-D'sonar.login=sqp_7edfbc2b6a7d612a4492cafa51e210e5a61f5f7d'"
-			],
+			"command": "./sonarBuild.ps1",
 			"presentation": {
 				"echo": true,
 				"reveal": "always",
-				"focus": false,
+				"focus": true,
+				"panel": "shared",
+				"showReuseMessage": true,
+				"clear": false
+			},
+			"problemMatcher": []
+		},
+		{
+			"label": "sonarqube build (Linux)",
+			"group": "build",
+			"type": "shell",
+			"command": "./sonarBuild.sh",
+			"presentation": {
+				"echo": true,
+				"reveal": "always",
+				"focus": true,
 				"panel": "shared",
 				"showReuseMessage": true,
 				"clear": false
@@ -39,4 +46,4 @@
 			"problemMatcher": []
 		}
 	]
-}
\ No newline at end of file
+}
diff --git a/pom.xml b/pom.xml
index eadc750..29561e4 100644
--- a/pom.xml
+++ b/pom.xml
@@ -6,23 +6,29 @@
 
 	<groupId>com.mattrixwv</groupId>
 	<artifactId>matrix</artifactId>
-	<version>1.0.0</version>
+	<version>1.0.1</version>
 
 	<name>Matrix</name>
 	<url>https://www.mattrixwv.com</url>
 
 	<properties>
+		<!--Compile-->
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+		<java.version>18</java.version>
 		<maven.compiler.source>18</maven.compiler.source>
 		<maven.compiler.target>18</maven.compiler.target>
-		<java.version>18</java.version>
+
+		<!--Sonarqube-->
+		<sonar.java.source>18</sonar.java.source>
+		<sonar.dependencyCheck.jsonReportPath>target/dependency-check-report.json</sonar.dependencyCheck.jsonReportPath>
+		<sonar.dependencyCheck.htmlReportPath>target/dependency-check-report.html</sonar.dependencyCheck.htmlReportPath>
 	</properties>
 
 	<dependencies>
 		<dependency>
 			<groupId>org.junit.jupiter</groupId>
 			<artifactId>junit-jupiter-api</artifactId>
-			<version>5.8.2</version>
+			<version>5.9.0</version>
 			<scope>test</scope>
 		</dependency>
 	</dependencies>
@@ -106,7 +112,7 @@
 					<rulesUri>file://${session.executionRootDirectory}/version-rules.xml</rulesUri>
 				</configuration>
 			</plugin>
-			<!--Sonar-->
+			<!--Sonarqube-->
 			<plugin>
 				<groupId>org.sonarsource.scanner.maven</groupId>
 				<artifactId>sonar-maven-plugin</artifactId>
@@ -132,6 +138,25 @@
 					</execution>
 				</executions>
 			</plugin>
+			<plugin>
+				<groupId>org.owasp</groupId>
+				<artifactId>dependency-check-maven</artifactId>
+				<version>7.1.1</version>
+				<executions>
+					<execution>
+						<phase>verify</phase>
+						<goals>
+							<goal>check</goal>
+						</goals>
+					</execution>
+				</executions>
+				<configuration>
+					<formats>
+						<format>json</format>
+						<format>html</format>
+					</formats>
+				</configuration>
+			</plugin>
 		</plugins>
 	</build>
 </project>