From e24d1517e6470166e8a646b8a434ee985a9f317f Mon Sep 17 00:00:00 2001 From: Subhobrata Dey Date: Wed, 7 Sep 2022 13:22:33 -0700 Subject: [PATCH] fix snakeyaml vulnerability issue by disabling detekt (#237) Signed-off-by: Subhobrata Dey --- build.gradle | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/build.gradle b/build.gradle index bd940e22..2fa22931 100644 --- a/build.gradle +++ b/build.gradle @@ -23,7 +23,7 @@ buildscript { classpath "${opensearch_group}.gradle:build-tools:${opensearch_version}" classpath "org.jetbrains.kotlin:kotlin-gradle-plugin:${kotlin_version}" classpath "org.jetbrains.kotlin:kotlin-allopen:${kotlin_version}" - classpath "io.gitlab.arturbosch.detekt:detekt-gradle-plugin:1.20.0-RC1" +// classpath "io.gitlab.arturbosch.detekt:detekt-gradle-plugin:1.20.0-RC1" } } @@ -59,7 +59,7 @@ apply plugin: 'jacoco' apply plugin: 'signing' apply plugin: 'maven-publish' apply plugin: 'com.github.johnrengelman.shadow' -apply plugin: 'io.gitlab.arturbosch.detekt' +// apply plugin: 'io.gitlab.arturbosch.detekt' apply plugin: 'org.jetbrains.kotlin.jvm' apply plugin: 'org.jetbrains.kotlin.plugin.allopen' apply plugin: 'opensearch.repositories' @@ -67,6 +67,7 @@ apply from: 'build-tools/opensearchplugin-coverage.gradle' configurations { ktlint + all*.exclude group: 'org.yaml', module: 'snakeyaml' } dependencies { @@ -103,10 +104,12 @@ spotless { eclipse().configFile rootProject.file('.eclipseformat.xml') } } -detekt { + +// TODO: enable detekt only when snakeyaml vulnerability is fixed +/*detekt { config = files("detekt.yml") buildUponDefaultConfig = true -} +}*/ task ktlint(type: JavaExec, group: "verification") { description = "Check Kotlin code style."