Adding RewriteDependencyCheckPlugin to the base plugin

Some repositories are failing to complete the vulnerability check because they are missing the "DependencyCheck" which is provided by the DependencyCheckPlugin. We want to validate vulnerabilities on all repositiories but not all repositories have the "RewriteDependencyCheckPlugin" which applies the "DependencyCheckPlugin". Instead of adding it to all repositories, I'm adding this to the base plugin Note, we are applying the RewriteDependencyCheckPlugin instead of the DependencyCheckPlugin to the base plugin. This is done because the RewriteDependencyCheckPlugin will apply the shared suppressions to to all repositories when we run the validation
openrewrite · Jan 2, 2025 · 7bf2bae · 7bf2bae
1 parent f6a807e
commit 7bf2bae
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/src/main/java/org/openrewrite/gradle/RewriteJavaPlugin.java b/src/main/java/org/openrewrite/gradle/RewriteJavaPlugin.java
@@ -36,6 +36,8 @@ public class RewriteJavaPlugin implements Plugin<Project> {
 
     @Override
     public void apply(Project project) {
+        project.getPlugins().apply(RewriteDependencyCheckPlugin.class);
+
         RewriteJavaExtension ext = project.getExtensions().create("rewriteJava", RewriteJavaExtension.class);
         ext.getJacksonVersion().convention("2.17.2");
 
@@ -105,7 +107,7 @@ private static void configureTesting(Project project) {
 //        );
 
         project.getTasks().withType(Test.class).configureEach(task -> {
-            if(System.getenv("CI") == null) {
+            if (System.getenv("CI") == null) {
                 // Developer machines typically use CPUs with hyper-threading, so the logical core count is double
                 // what is useful to enable
                 task.setMaxParallelForks(