Skip to content

Instantly share code, notes, and snippets.

@freecastle

freecastle/build-lock.xml

Forked from frastel/build-lock.xml
Created February 22, 2013 11:25
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save freecastle/5012808 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save freecastle/5012808 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
build-lock.xml
<?xml version="1.0" encoding="UTF-8"?>
<project name="Project-name-here" default="build" basedir=".">
<target name="lock_check" description="Checks for vulnerabilities through a SensioLabs web service"
depends="lock_reset,lock_get,lock_show">
<local name="vulnerabilities.clean"/>
<loadfile property="vulnerabilities.clean"
srcfile="${basedir}/build/logs/check_lock.log">
<filterchain>
<linecontainsregexp>
<regexp pattern="No known\* vulnerabilities detected"/>
</linecontainsregexp>
</filterchain>
</loadfile>
<fail message="Vulnerabilities detected" unless="vulnerabilities.clean"/>
</target>
<target name="lock_reset" description="Deletes any existing old lock check log files">
<delete file="${basedir}/build/logs/check_lock.log" failonerror="false" quiet="true"/>
</target>
<target name="lock_get" description="Checks for vulnerabilities through a SensioLabs web service">
<exec dir="${basedir}" executable="curl" failonerror="true">
<arg value="--silent"/>
<arg value="-o"/>
<arg value="${basedir}/build/logs/check_lock.log"/>
<arg value="-H"/>
<arg value="Accept: text/plain"/>
<arg value="https://security.sensiolabs.org/check_lock"/>
<arg value="-F"/>
<arg value="lock=@composer.lock"/>
</exec>
</target>
<target name="lock_show" description="Displays the result of a vulnerability check">
<exec dir="${basedir}" executable="cat" failonerror="false">
<arg value="${basedir}/build/logs/check_lock.log"/>
</exec>
</target>
</project>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment