POM文件内容: |
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.owasp.esapi</groupId>
<artifactId>esapi</artifactId>
<version>2.0.1</version>
<packaging>jar</packaging>
<parent>
<groupId>org.sonatype.oss</groupId>
<artifactId>oss-parent</artifactId>
<version>5</version>
</parent>
<licenses>
<license>
<name>BSD</name>
<url>http://www.opensource.org/licenses/bsd-license.php</url>
<comments>Code License - New BSD License</comments>
</license>
<license>
<name>Creative Commons 3.0 BY-SA</name>
<url>http://creativecommons.org/licenses/by-sa/3.0/</url>
<comments>Content License - Create Commons 3.0 BY-SA</comments>
</license>
</licenses>
<name>ESAPI</name>
<url>http://www.esapi.org/</url>
<description>The Enterprise Security API (ESAPI) project is an OWASP project
to create simple strong security controls for every web platform.
Security controls are not simple to build. You can read about the
hundreds of pitfalls for unwary developers on the OWASP website. By
providing developers with a set of strong controls, we aim to
eliminate some of the complexity of creating secure web applications.
This can result in significant cost savings across the SDLC.
</description>
<organization>
<name>The Open Web Application Security Project (OWASP)</name>
<url>http://www.owasp.org/index.php</url>
</organization>
<mailingLists>
<mailingList>
<name>ESAPI-Users</name>
<subscribe>https://lists.owasp.org/mailman/listinfo/esapi-user/</subscribe>
<unsubscribe>https://lists.owasp.org/mailman/listinfo/esapi-user/</unsubscribe>
<post>mailto:esapi-users@lists.owasp.org</post>
<archive>https://lists.owasp.org/pipermail/esapi-users/</archive>
<!--This is the OWASP ESAPI mailing list for ESAPI users, regardless of programming language. For example, ESAPI users with questions about ESAPI for Java or ESAPI for PHP would both post here.-->
</mailingList>
<mailingList>
<name>ESAPI-Developers</name>
<subscribe>https://lists.owasp.org/mailman/listinfo/esapi-dev/</subscribe>
<unsubscribe>https://lists.owasp.org/mailman/listinfo/esapi-dev/</unsubscribe>
<post>mailto:esapi-dev@lists.owasp.org</post>
<archive>https://lists.owasp.org/pipermail/esapi-dev/</archive>
<!--This is the OWASP ESAPI mailing list for ESAPI for Java developers. While the list is not closed, the topics of discussion are likely to be less relevant to those only using ESAPI. Note that this is the list for ESAPI for Java. Most other language implementations, such ESAPI for PHP, have their own mailing lists.-->
</mailingList>
<mailingList>
<name>OWASP-ESAPI (Inactive! Archive only!)</name>
<archive>https://lists.owasp.org/pipermail/owasp-esapi/</archive>
<!--The name of the obsolete mailing list that previously was a combination of an ESAPI users lists and ESAP development list. While obsolete, it is still sometimes useful for searching through old historical posts. NOTE: NEW POSTS SHOULD NO LONGER BE MADE TO THIS LIST!-->
</mailingList>
</mailingLists>
<scm>
<connection>scm:svn:http://owasp-esapi-java.googlecode.com/svn/tags/esapi-2.0.1</connection>
<developerConnection>scm:svn:https://owasp-esapi-java.googlecode.com/svn/tags/esapi-2.0.1</developerConnection>
<url>http://code.google.com/p/owasp-esapi-java/source/checkout/tags/esapi-2.0.1</url>
</scm>
<issueManagement>
<system>Google Code Issue Tracking</system>
<url>http://code.google.com/p/owasp-esapi-java/issues/list</url>
</issueManagement>
<developers>
<developer>
<name>Jeff Williams</name>
<organization>Aspect Security</organization>
<roles>
<role>Project Owner</role>
<role>Architect</role>
<role>Developer</role>
</roles>
</developer>
<developer>
<name>Jim Manico</name>
<roles>
<role>Project Manager</role>
<role>BuildMaster</role>
<role>Developer</role>
<role>Architect</role>
</roles>
</developer>
<developer>
<name>Chris Schmidt</name>
<organization>Aspect Security</organization>
<roles>
<role>Project Manager</role>
<role>Continuous Integration Admin</role>
<role>Architect</role>
<role>Developer</role>
</roles>
</developer>
<developer>
<name>Kevin Wall</name>
<organization>Qwest</organization>
<roles>
<role>Project Manager</role>
<role>Architect</role>
<role>Developer</role>
<role>Crypto Guy</role>
</roles>
</developer>
</developers>
<contributors>
<contributor>
<name>Dave Wichers</name>
<organization>Aspect Security</organization>
<roles>
<role>Documentation and Examples</role>
<role>Minor Code Contributions</role>
<role>Project Guidance</role>
</roles>
</contributor>
</contributors>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
</properties>
<dependencies>
<dependency>
<groupId>commons-configuration</groupId>
<artifactId>commons-configuration</artifactId>
<version>1.5</version>
</dependency>
<dependency>
<groupId>commons-beanutils</groupId>
<artifactId>commons-beanutils-core</artifactId>
<version>1.7.0</version>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.4</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>servlet-api</artifactId>
<version>2.4</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>jsp-api</artifactId>
<version>2.0</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>commons-fileupload</groupId>
<artifactId>commons-fileupload</artifactId>
<version>1.2</version>
<scope>compile</scope>
</dependency>
<!-- unused according to dependancy:analyze
this is a optional dependency of commons-fileupload which
is at least needed for testing...
-->
<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
<version>1.3</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>commons-collections</groupId>
<artifactId>commons-collections</artifactId>
<version>3.2</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
<version>1.2.16</version>
<scope>compile</scope>
<type>jar</type>
</dependency>
<dependency>
<groupId>xom</groupId>
<artifactId>xom</artifactId>
<version>1.1</version>
</dependency>
<dependency>
<groupId>org.beanshell</groupId>
<artifactId>bsh-core</artifactId>
<version>2.0b4</version>
</dependency>
<dependency>
<groupId>org.owasp.antisamy</groupId>
<artifactId>antisamy</artifactId>
<version>1.4.3</version>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<artifactId>maven-compiler-plugin</artifactId>
<version>2.3.2</version>
<configuration>
<source>1.5</source>
<target>1.5</target>
<debug>true</debug>
<showWarnings>true</showWarnings>
<showDeprecation>false</showDeprecation>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-eclipse-plugin</artifactId>
<version>2.8</version>
<configuration>
<downloadSources>true</downloadSources>
</configuration>
</plugin>
<plugin>
<artifactId>maven-jar-plugin</artifactId>
<version>2.3.1</version>
<configuration>
<archive>
<manifest>
<addDefaultImplementationEntries>true</addDefaultImplementationEntries>
<addDefaultSpecificationEntries>true</addDefaultSpecificationEntries>
</manifest>
</archive>
</configuration>
</plugin>
<!-- Check for updates to dependencies and report on them. -->
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>versions-maven-plugin</artifactId>
<version>1.2</version>
<executions>
<execution>
<id>check-for-dependency-updates</id>
<goals>
<goal>display-dependency-updates</goal>
<goal>display-plugin-updates</goal>
<goal>display-property-updates</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
<reporting>
<plugins>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>findbugs-maven-plugin</artifactId>
<version>2.3.1</version>
<configuration>
<findbugsXmlOutput>true</findbugsXmlOutput>
<findbugsXmlWithMessages>true</findbugsXmlWithMessages>
<xmlOutput>true</xmlOutput>
<threshold>Low</threshold>
<effort>Max</effort>
<relaxed>false</relaxed>
</configuration>
</plugin>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>cobertura-maven-plugin</artifactId>
<version>2.4</version>
<configuration>
<formats>
<format>html</format>
<format>xml</format>
</formats>
</configuration>
</plugin>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>jdepend-maven-plugin</artifactId>
<version>2.0-beta-2</version>
</plugin>
<plugin>
<artifactId>maven-pmd-plugin</artifactId>
<version>2.5</version>
<configuration>
<targetJdk>1.5</targetJdk>
<sourceEncoding>utf-8</sourceEncoding>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId>
<version>2.7</version>
<configuration>
<detectJavaApiLink>false</detectJavaApiLink>
<detectLinks>false</detectLinks>
</configuration>
</plugin>
<plugin>
<groupId>net.sourceforge.maven-taglib</groupId>
<artifactId>maven-taglib-plugin</artifactId>
<version>2.4</version>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-changelog-plugin</artifactId>
<version>2.2</version>
<configuration>
<issueIDRegexPattern>[Ii]ssue[# ]*(\d)+</issueIDRegexPattern>
<issueLinkUrl>http://code.google.com/p/owasp-esapi-java/issues/detail?id=%ISSUE%</issueLinkUrl>
<type>date</type>
<dates>
<date>2011-05-11 00:00:00</date>
</dates>
</configuration>
</plugin>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>versions-maven-plugin</artifactId>
<version>1.2</version>
<reportSets>
<reportSet>
<reports>
<report>dependency-updates-report</report>
<report>plugin-updates-report</report>
<report>property-updates-report</report>
</reports>
</reportSet>
</reportSets>
</plugin>
</plugins>
</reporting>
<profiles>
<profile>
<!-- Activate to sign jars and build distributable download. -->
<id>dist</id>
<!-- This profile is activated when mvn release:perform is called from the command line
to actually do a release. If you need this profile active for some reason outside
of performing a release, use mvn <command> -Pdist
-->
<activation>
<property>
<name>performRelease</name>
<value>true</value>
</property>
</activation>
<distributionManagement>
<snapshotRepository>
<id>sonatype-nexus-snapshots</id>
<url>https://oss.sonatype.org/content/repositories/snapshots</url>
</snapshotRepository>
<repository>
<id>sonatype-nexus-staging</id>
<url>https://oss.sonatype.org/service/local/staging/deploy/maven2</url>
</repository>
</distributionManagement>
<build>
<plugins>
<!-- Signs all artifacts prior to deploying to maven central -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<executions>
<execution>
<id>sign-artifacts</id>
<phase>deploy</phase>
<goals>
<goal>sign</goal>
</goals>
<configuration>
<keyname>9F460575</keyname>
</configuration>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-jar-plugin</artifactId>
<version>2.3.1</version>
<executions>
<execution>
<phase>package</phase>
<goals>
<goal>sign</goal>
</goals>
</execution>
</executions>
<configuration>
<keystore>codesign.keystore</keystore>
<alias>owasp foundation, inc.'s godaddy.com, inc. id</alias>
<verify>true</verify>
<archive>
<manifest>
<addDefaultImplementationEntries>true</addDefaultImplementationEntries>
<addDefaultSpecificationEntries>true</addDefaultSpecificationEntries>
</manifest>
<manifestEntries>
<Sealed>true</Sealed>
</manifestEntries>
</archive>
</configuration>
</plugin>
<!-- Baseline for ESAPI 2.0 is JDK1.5 - Enforces that a JDK1.5 compiler is being
used to build this release -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-enforcer-plugin</artifactId>
<executions>
<execution>
<id>enforce-jdk-version</id>
<goals>
<goal>enforce</goal>
</goals>
<configuration>
<rules>
<requireJavaVersion>
<version>1.5</version>
<message>
ESAPI 2.0 uses the JDK1.5 for it's baseline. Please make sure that your
JAVA_HOME environment variable is pointed to a JDK1.5 distribution.
</message>
</requireJavaVersion>
</rules>
</configuration>
</execution>
</executions>
</plugin>
<!-- Attached JavaDocs are required by Sonatype Nexus Repository -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId>
<executions>
<execution>
<id>attach-javadocs</id>
<goals>
<goal>jar</goal>
</goals>
</execution>
</executions>
</plugin>
<!-- For building the distribution zip file. -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-assembly-plugin</artifactId>
<version>2.2</version>
<configuration>
<descriptors>
<descriptor>src/main/assembly/dist.xml</descriptor>
</descriptors>
</configuration>
<executions>
<execution>
<id>make-dist</id>
<phase>package</phase>
<goals>
<goal>single</goal>
</goals>
</execution>
</executions>
</plugin>
<!-- Performs a full release. See release documentation for information on how to
perform an ESAPI release using Maven -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-release-plugin</artifactId>
<version>2.1</version>
<configuration>
<tagBase>https://owasp-esapi-java.googlecode.com/svn/tags/releases/</tagBase>
</configuration>
</plugin>
</plugins>
</build>
</profile>
</profiles>
</project>
|