Merge pull request #35 from EasyPost/remove_dependency-check-maven

chore: remove dependency-check-maven

Author: Justintime50

.github/workflows/ci.yml

@@ -83,26 +83,3 @@ jobs:
           fail_on_error: true
           checkstyle_config: easypost_java_style.xml
           tool_name: "style_enforcer"
-  security:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - name: Set up JDK for compilation
-        uses: actions/setup-java@v4
-        with:
-          distribution: "zulu"
-          java-version: "23" # Always use the latest JDK for building
-      - name: Load Maven dependencies and CVE database cache
-        uses: actions/cache@v3
-        with:
-          path: ~/.m2/repository # The CVE database is included in the Maven repository folder
-          key: ${{ runner.os }}-maven-security-${{ hashFiles('**/pom.xml') }}
-          restore-keys: |
-            ${{ runner.os }}-maven-
-      - name: Run security analysis
-        run: make scan
-      - name: Upload Test results
-        uses: actions/upload-artifact@master
-        with:
-          name: DependencyCheck report
-          path: ${{github.workspace}}/target/dependency-check-report.html

Makefile

@@ -45,12 +45,8 @@ publish-dry:
 release:
 	gh release create ${tag} target/*.jar target/*.asc target/*.pom
 
-## scan - Scan the project for serious security issues
-scan:
-	mvn verify -DskipTests=true -Dgpg.skip=true -Dcheckstyle.skip=true -Djavadoc.skip=true -Ddependency-check.failBuildOnCVSS=0 -Ddependency-check.junitFailOnCVSS=0
-
 ## test - Test the project
 test:
 	mvn surefire:test
 
-.PHONY: help build clean coverage install-checkstyle install lint publish publish-dry release scan test
+.PHONY: help build clean coverage install-checkstyle install lint publish publish-dry release test

pom.xml

@@ -258,23 +258,6 @@
                     </execution>
                 </executions>
             </plugin>
-            <plugin>
-                <groupId>org.owasp</groupId>
-                <artifactId>dependency-check-maven</artifactId>
-                <version>7.4.4</version>
-                <configuration>
-                    <failBuildOnCVSS>7</failBuildOnCVSS>
-                    <junitFailOnCVSS>7</junitFailOnCVSS>
-                </configuration>
-                <executions>
-                    <execution>
-                        <goals>
-                            <goal>check</goal>
-                        </goals>
-                    </execution>
-                </executions>
-            </plugin>
         </plugins>
     </build>
-
 </project>