From 3ff3cc061a9b2271d75b3448851fe3671e8b978c Mon Sep 17 00:00:00 2001
From: Mattrixwv <m_ellison@ymail.com>
Date: Sat, 30 Jul 2022 16:28:46 -0400
Subject: [PATCH] Added sonarqube dependency scanning

---
 .gitignore        |  2 ++
 pom.xml           | 86 ++++++++++++++++++++++++++++++++++++++++-------
 version-rules.xml | 17 ++++++++++
 3 files changed, 92 insertions(+), 13 deletions(-)
 create mode 100644 version-rules.xml

diff --git a/.gitignore b/.gitignore
index edfa00d..8c05886 100644
--- a/.gitignore
+++ b/.gitignore
@@ -3,6 +3,8 @@
 .classpath
 .project
 .settings
+sonarBuild.ps1
+sonarBuild.sh
 
 #Ignore all bin files
 target/
diff --git a/pom.xml b/pom.xml
index c087e00..2641c28 100644
--- a/pom.xml
+++ b/pom.xml
@@ -8,13 +8,19 @@
 	<version>1.0-SNAPSHOT</version>
 
 	<name>ProjectEulerJava</name>
-	<!-- FIXME change it to the project's website -->
-	<url>http://www.example.com</url>
+	<url>https://www.matrixwv.com/projecteuler</url>
 
 	<properties>
+		<!--Compile-->
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-		<maven.compiler.source>14</maven.compiler.source>
-		<maven.compiler.target>14</maven.compiler.target>
+		<maven.compiler.source>18</maven.compiler.source>
+		<maven.compiler.target>18</maven.compiler.target>
+		<java.version>18</java.version>
+
+		<!--Sonarqube-->
+		<sonar.java.source>18</sonar.java.source>
+		<sonar.dependencyCheck.jsonReportPath>target/dependency-check-report.json</sonar.dependencyCheck.jsonReportPath>
+		<sonar.dependencyCheck.htmlReportPath>target/dependency-check-report.html</sonar.dependencyCheck.htmlReportPath>
 	</properties>
 
 	<dependencies>
@@ -31,7 +37,7 @@
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-enforcer-plugin</artifactId>
-				<version>3.0.0-M3</version>
+				<version>3.1.0</version>
 				<executions>
 					<execution>
 						<id>enforce-maven</id>
@@ -41,7 +47,7 @@
 						<configuration>
 							<rules>
 								<requireMavenVersion>
-									<version>3.1.0</version>
+									<version>3.8.6</version>
 								</requireMavenVersion>
 							</rules>
 						</configuration>
@@ -51,7 +57,7 @@
 			<!-- clean lifecycle, see https://maven.apache.org/ref/current/maven-core/lifecycles.html#clean_Lifecycle -->
 			<plugin>
 				<artifactId>maven-clean-plugin</artifactId>
-				<version>3.1.0</version>
+				<version>3.2.0</version>
 			</plugin>
 			<!-- default lifecycle, jar packaging: see https://maven.apache.org/ref/current/maven-core/default-bindings.html#Plugin_bindings_for_jar_packaging -->
 			<plugin>
@@ -60,9 +66,9 @@
 			</plugin>
 			<plugin>
 				<artifactId>maven-compiler-plugin</artifactId>
-				<version>3.8.1</version>
+				<version>3.10.1</version>
 				<configuration>
-					<release>14</release>
+					<release>18</release>
 				</configuration>
 			</plugin>
 			<plugin>
@@ -71,7 +77,7 @@
 			</plugin>
 			<plugin>
 				<artifactId>maven-jar-plugin</artifactId>
-				<version>3.2.0</version>
+				<version>3.2.2</version>
 			</plugin>
 			<plugin>
 				<artifactId>maven-install-plugin</artifactId>
@@ -84,15 +90,15 @@
 			<!-- site lifecycle, see https://maven.apache.org/ref/current/maven-core/lifecycles.html#site_Lifecycle -->
 			<plugin>
 				<artifactId>maven-site-plugin</artifactId>
-				<version>3.9.1</version>
+				<version>3.12.0</version>
 			</plugin>
 			<plugin>
 				<artifactId>maven-project-info-reports-plugin</artifactId>
-				<version>3.1.1</version>
+				<version>3.3.0</version>
 			</plugin>
 			<plugin>
 				<artifactId>maven-assembly-plugin</artifactId>
-				<version>3.3.0</version>
+				<version>3.4.0</version>
 				<executions>
 					<execution>
 						<phase>package</phase>
@@ -112,6 +118,60 @@
 					</execution>
 				</executions>
 			</plugin>
+			<!--Versions-->
+			<plugin>
+				<groupId>org.codehaus.mojo</groupId>
+				<artifactId>versions-maven-plugin</artifactId>
+				<version>2.11.0</version>
+				<configuration>
+					<rulesUri>file://${session.executionRootDirectory}/version-rules.xml</rulesUri>
+				</configuration>
+			</plugin>
+			<!--Sonarqube-->
+			<plugin>
+				<groupId>org.sonarsource.scanner.maven</groupId>
+				<artifactId>sonar-maven-plugin</artifactId>
+				<version>3.9.1.2184</version>
+			</plugin>
+			<plugin>
+				<groupId>org.jacoco</groupId>
+				<artifactId>jacoco-maven-plugin</artifactId>
+				<version>0.8.8</version>
+				<executions>
+					<execution>
+						<id>jacoco-initialize</id>
+						<goals>
+							<goal>prepare-agent</goal>
+						</goals>
+					</execution>
+					<execution>
+						<id>jacoco-site</id>
+						<phase>package</phase>
+						<goals>
+							<goal>report</goal>
+						</goals>
+					</execution>
+				</executions>
+			</plugin>
+			<plugin>
+				<groupId>org.owasp</groupId>
+				<artifactId>dependency-check-maven</artifactId>
+				<version>7.1.1</version>
+				<executions>
+					<execution>
+						<phase>verify</phase>
+						<goals>
+							<goal>check</goal>
+						</goals>
+					</execution>
+				</executions>
+				<configuration>
+					<formats>
+						<format>json</format>
+						<format>html</format>
+					</formats>
+				</configuration>
+			</plugin>
 		</plugins>
 	</build>
 </project>
diff --git a/version-rules.xml b/version-rules.xml
new file mode 100644
index 0000000..7ab49c9
--- /dev/null
+++ b/version-rules.xml
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<ruleset xmlns="http://mojo.codehaus.org/versions-maven-plugin/rule/2.0.0"
+		 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" comparisonMethod="maven"
+		 xsi:schemaLocation="http://mojo.codehaus.org/versions-maven-plugin/rule/2.0.0 https://www.mojohaus.org/versions-maven-plugin/xsd/rule-2.0.0.xsd">
+	<ignoreVersions>
+		<!-- Ignore Alpha's, Beta's, release candidates and milestones -->
+		<ignoreVersion type="regex">(?i).*Alpha(?:-?\d+)?</ignoreVersion>
+		<ignoreVersion type="regex">(?i).*a(?:-?\d+)?</ignoreVersion>
+		<ignoreVersion type="regex">(?i).*Beta(?:-?\d+)?</ignoreVersion>
+		<ignoreVersion type="regex">(?i).*-B(?:-?\d+)?</ignoreVersion>
+		<ignoreVersion type="regex">(?i).*RC(?:-?\d+)?</ignoreVersion>
+		<ignoreVersion type="regex">(?i).*CR(?:-?\d+)?</ignoreVersion>
+		<ignoreVersion type="regex">(?i).*M(?:-?\d+)?</ignoreVersion>
+	</ignoreVersions>
+	<rules>
+	</rules>
+</ruleset>