diff options
author | gjoranv <gv@verizonmedia.com> | 2022-01-07 22:06:06 +0100 |
---|---|---|
committer | gjoranv <gv@verizonmedia.com> | 2022-01-07 22:06:06 +0100 |
commit | ede5a1def77618209aaf15f276e6d50807918a2f (patch) | |
tree | 8cb53adbdb9b05b27170d0e7d460a677702b9394 /tenant-base | |
parent | d16c8302f36b331fa1ad9bd1d64386267de37bdf (diff) |
Fail the build for any hosted application with log4j deps:
- log4j:log4j
- org.apache.logging.log4j:log4j-core
Diffstat (limited to 'tenant-base')
-rw-r--r-- | tenant-base/pom.xml | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/tenant-base/pom.xml b/tenant-base/pom.xml index f4923bf79f1..c43e9e116d4 100644 --- a/tenant-base/pom.xml +++ b/tenant-base/pom.xml @@ -366,6 +366,23 @@ </rules> </configuration> </execution> + <execution> + <id>enforce-no-log4j</id> + <goals> + <goal>enforce</goal> + </goals> + <configuration> + <rules> + <bannedDependencies> + <!-- Fail validation for apps with log4j deps, in any scope. --> + <excludes> + <exclude>log4j:log4j:*:jar:*</exclude> + <exclude>org.apache.logging.log4j:log4j-core:*:jar:*</exclude> + </excludes> + </bannedDependencies> + </rules> + </configuration> + </execution> </executions> </plugin> |