fix: resolve build failures (#345)

README.md

@@ -25,7 +25,7 @@ buildscript {
         mavenCentral()
     }
     dependencies {
-        classpath 'org.owasp:dependency-check-gradle:8.1.2'
+        classpath 'org.owasp:dependency-check-gradle:8.3.1'
     }
 }
 
@@ -62,7 +62,7 @@ buildscript {
     mavenCentral()
   }
   dependencies {
-    classpath 'org.owasp:dependency-check-gradle:8.1.2'
+    classpath 'org.owasp:dependency-check-gradle:8.3.1'
   }
 }
 
@@ -79,7 +79,7 @@ buildscript {
     mavenCentral()
   }
   dependencies {
-    classpath 'org.owasp:dependency-check-gradle:8.1.2'
+    classpath 'org.owasp:dependency-check-gradle:8.3.1'
   }
 }
 
@@ -108,7 +108,7 @@ subprojects {
 
 ```kotlin
 plugins {
-    id("org.owasp.dependencycheck") version "8.1.2" apply false 
+    id("org.owasp.dependencycheck") version "8.3.1" apply false 
 }
 
 allprojects {

build.gradle

@@ -17,9 +17,9 @@
  */
 
 ext {
-    odcVersion = '8.1.2'
+    odcVersion = '8.3.1'
     slackWebhookVersion = '1.4.0'
-    spockCoreVersion = '1.1-groovy-2.4'
+    spockCoreVersion = '2.3-groovy-3.0'
 }
 
 group = 'org.owasp'
@@ -71,8 +71,13 @@ dependencies {
     testImplementation("org.spockframework:spock-core:$spockCoreVersion") {
         exclude module: 'groovy-all'
     }
+    testImplementation 'org.junit.jupiter:junit-jupiter-api:5.9.3'
+    testImplementation 'org.junit.jupiter:junit-jupiter-params:5.9.3'
+    testRuntimeOnly 'org.junit.jupiter:junit-jupiter-engine:5.9.3'
+}
+test {
+    useJUnitPlatform()
 }
-
 test.onlyIf { !project.hasProperty('skipTests') }
 
 java {

gradle/wrapper/gradle-wrapper.properties

@@ -1,5 +1,5 @@
 #Sat Feb 13 12:38:28 EST 2021
-distributionUrl=https\://services.gradle.org/distributions/gradle-6.1.1-all.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-7.6.1-all.zip
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
 zipStorePath=wrapper/dists

src/main/groovy/org/owasp/dependencycheck/gradle/tasks/AbstractAnalyze.groovy

@@ -60,7 +60,7 @@ import static org.owasp.dependencycheck.utils.Checksum.*
 abstract class AbstractAnalyze extends ConfiguredTask {
 
     @Internal
-    String currentProjectName = project.getName()
+    transient String currentProjectName = project.getName()
     @Internal
     Attribute artifactType = Attribute.of('artifactType', String)
     // @Internal

src/main/groovy/org/owasp/dependencycheck/gradle/tasks/ConfiguredTask.groovy

@@ -37,9 +37,9 @@ import static org.owasp.dependencycheck.utils.Settings.KEYS.*
 abstract class ConfiguredTask extends DefaultTask {
 
     @Internal
-    DependencyCheckExtension config = (DependencyCheckExtension) project.getExtensions().findByName('dependencyCheck')
+    transient DependencyCheckExtension config = (DependencyCheckExtension) project.getExtensions().findByName('dependencyCheck')
     @Internal
-    Settings settings
+    transient Settings settings
     @Internal
     String PROPERTIES_FILE = 'task.properties'
 

src/test/groovy/org/owasp/dependencycheck/gradle/DependencyCheckConfigurationSelectionIntegSpec.groovy

@@ -2,17 +2,17 @@ package org.owasp.dependencycheck.gradle
 
 import org.gradle.testkit.runner.BuildResult
 import org.gradle.testkit.runner.GradleRunner
-import org.junit.Rule
-import org.junit.rules.TemporaryFolder
+
 import spock.lang.Specification
+import spock.lang.TempDir
+
 import static org.gradle.testkit.runner.TaskOutcome.*
 import static org.owasp.dependencycheck.gradle.DependencyCheckPlugin.*
 
 class DependencyCheckConfigurationSelectionIntegSpec extends Specification {
 
-    @Rule
-    final TemporaryFolder testProjectDir = new TemporaryFolder()
-
+    @TempDir
+    File testProjectDir
 
     def 'test dependencies are ignored by default'() {
         given:
@@ -34,7 +34,7 @@ class DependencyCheckConfigurationSelectionIntegSpec extends Specification {
         //println "-----------------"
         //println result.output
         //println "-----------------"
-        //String fileContents = new File(new File(testProjectDir.root, 'build/reports'), 'dependency-check-report.html').text
+        //String fileContents = new File(new File(testProjectDir, 'build/reports'), 'dependency-check-report.html').text
         //println fileContents
 
         then:
@@ -126,15 +126,15 @@ class DependencyCheckConfigurationSelectionIntegSpec extends Specification {
 
     private void copyResourceFileIntoProjectDir(String resourceFileName, String targetFileName) {
         def resourceFileContent = new File(getClass().getClassLoader().getResource(resourceFileName).toURI()).text
-        def targetDirectory = new File(testProjectDir.root, targetFileName).parentFile
+        def targetDirectory = new File(testProjectDir, targetFileName).parentFile
         targetDirectory.mkdirs()
-        def targetFile = testProjectDir.newFile(targetFileName)
+        def targetFile = new File(testProjectDir, targetFileName)
         targetFile << resourceFileContent
     }
 
     private BuildResult executeTaskAndGetResult(String taskName, boolean isBuildExpectedToPass) {
         def build = GradleRunner.create()
-                .withProjectDir(testProjectDir.root)
+                .withProjectDir(testProjectDir)
                 .withArguments(taskName,"--stacktrace")
                 .forwardOutput()
                 .withDebug(true)

src/test/groovy/org/owasp/dependencycheck/gradle/DependencyCheckPluginIntegSpec.groovy

@@ -1,65 +1,69 @@
 package org.owasp.dependencycheck.gradle
 
 import org.gradle.testkit.runner.GradleRunner
-import org.junit.Rule
-import org.junit.rules.TemporaryFolder
 import spock.lang.Specification
+import spock.lang.TempDir
+import spock.util.io.FileSystemFixture
 
-import static org.gradle.testkit.runner.TaskOutcome.*
+import static org.gradle.testkit.runner.TaskOutcome.SUCCESS
 
 class DependencyCheckPluginIntegSpec extends Specification {
 
-    @Rule final TemporaryFolder testProjectDir = new TemporaryFolder()
-    File buildFile
+    @TempDir
+    private FileSystemFixture fileSystemFixture
 
-    def setup() {
-        buildFile = testProjectDir.newFile('build.gradle')
-    }
 
     def "Plugin can be added"() {
         given:
-        buildFile << """
-            plugins {
-                id 'org.owasp.dependencycheck'
+        fileSystemFixture.create {
+            dir("app") {
+                file("build.gradle").text = """
+                        plugins {
+                            id 'org.owasp.dependencycheck'
+                        }
+                    """.stripIndent()
             }
-        """
-
+        }
         when:
         def result = GradleRunner.create()
-            .withProjectDir(testProjectDir.root)
-            .withArguments('tasks')
-            .withPluginClasspath()
-            .forwardOutput()
-            .build()
+                .withProjectDir(fileSystemFixture.resolve("app").toFile())
+                .withArguments('tasks')
+                .withPluginClasspath()
+                .forwardOutput()
+                .build()
 
         then:
         result.output.contains("$DependencyCheckPlugin.ANALYZE_TASK")
     }
 
     def "custom configurations are skipped when only scanning whitelisted configurations"() {
         given:
-        buildFile << """
-            plugins {
-                id 'org.owasp.dependencycheck'
+        fileSystemFixture.create {
+            dir("custom") {
+                file("build.gradle").text = """
+                    plugins {
+                        id 'org.owasp.dependencycheck'
+                    }
+                    apply plugin: 'java'
+                    
+                    sourceCompatibility = 1.5
+                    version = '1.0'
+                    
+                    repositories {
+                        mavenLocal()
+                        mavenCentral()
+                    }
+                    
+                    dependencies {
+                        implementation group: 'commons-collections', name: 'commons-collections', version: '3.2'
+                    }
+                """.stripIndent()
             }
-            apply plugin: 'java'
-            
-            sourceCompatibility = 1.5
-            version = '1.0'
-            
-            repositories {
-                mavenLocal()
-                mavenCentral()
-            }
-            
-            dependencies {
-                compile group: 'commons-collections', name: 'commons-collections', version: '3.2'
-            }
-        """
+        }
 
         when:
         def result = GradleRunner.create()
-                .withProjectDir(testProjectDir.root)
+                .withProjectDir(fileSystemFixture.resolve("custom").toFile())
                 .withArguments(DependencyCheckPlugin.ANALYZE_TASK)
                 .withPluginClasspath()
                 .withDebug(true)
@@ -72,29 +76,32 @@ class DependencyCheckPluginIntegSpec extends Specification {
 
     def "task completes successfully when configuration cache is enabled in Gradle 7.4"() {
         given:
-        buildFile << """
-            plugins {
-                id 'org.owasp.dependencycheck'
-            }
-            apply plugin: 'java'
-            
-            sourceCompatibility = 1.5
-            version = '1.0'
-            
-            repositories {
-                mavenLocal()
-                mavenCentral()
-            }
-            
-            dependencies {
-                implementation group: 'commons-collections', name: 'commons-collections', version: '3.2'
+        fileSystemFixture.create {
+            dir("configCache") {
+                file("build.gradle").text = """
+                    plugins {
+                        id 'org.owasp.dependencycheck'
+                    }
+                    apply plugin: 'java'
+                    
+                    sourceCompatibility = 1.5
+                    version = '1.0'
+                    
+                    repositories {
+                        mavenLocal()
+                        mavenCentral()
+                    }
+                    
+                    dependencies {
+                        implementation group: 'commons-collections', name: 'commons-collections', version: '3.2'
+                    }
+                """.stripIndent()
             }
-        """
+        }
 
         when:
         def result = GradleRunner.create()
-                .withGradleVersion("7.4")
-                .withProjectDir(testProjectDir.root)
+                .withProjectDir(fileSystemFixture.resolve("configCache").toFile())
                 .withArguments(DependencyCheckPlugin.ANALYZE_TASK, "--configuration-cache")
                 .withPluginClasspath()
                 .withDebug(true)

src/test/resources/aggregateApp.gradle

@@ -1,6 +1,6 @@
 apply plugin: 'application'
 
 dependencies {
-    compile 'log4j:log4j:1.2.17'
-    compile group: 'commons-collections', name: 'commons-collections', version: '3.2'
+    implementation 'log4j:log4j:1.2.17'
+    implementation group: 'commons-collections', name: 'commons-collections', version: '3.2'
 }

src/test/resources/aggregateCore.gradle

@@ -1,4 +1,4 @@
 dependencies {
-    testCompile 'junit:junit:4.11'
-    compile 'com.fasterxml.jackson.dataformat:jackson-dataformat-xml:2.7.0'
+    testImplementation 'junit:junit:4.11'
+    implementation 'com.fasterxml.jackson.dataformat:jackson-dataformat-xml:2.7.0'
 }

src/test/resources/noSkipTestGroups.gradle

@@ -16,12 +16,12 @@ sourceSets {
 }
 
 configurations {
-    intTestCompile.extendsFrom(testCompile)
+    intTestCompile.extendsFrom(testImplementation)
     intTestRuntime.extendsFrom(testRuntime)
 }
 
 dependencies {
-    testCompile group: 'commons-collections', name: 'commons-collections', version: '3.2'
+    testImplementation group: 'commons-collections', name: 'commons-collections', version: '3.2'
     intTestCompileOnly group: 'commons-beanutils', name: 'commons-beanutils-core', version: '1.8.3'
     intTestCompile group: 'commons-fileupload', name: 'commons-fileupload', version: '1.3.1'
     intTestRuntime group: 'commons-httpclient', name: 'commons-httpclient', version: '3.1'

src/test/resources/outputDir.gradle

@@ -16,7 +16,7 @@ repositories {
 }
 
 dependencies {
-    compile group: 'commons-collections', name: 'commons-collections', version: '3.2'
+    implementation group: 'commons-collections', name: 'commons-collections', version: '3.2'
 }
 
 dependencyCheck {

src/test/resources/skipGroups.gradle

@@ -12,9 +12,9 @@ repositories {
 }
 
 dependencies {
-    compile group: 'commons-collections', name: 'commons-collections', version: '3.2'
-    compile group: 'commons-httpclient', name: 'commons-httpclient', version: '3.1'
-    compile group: 'commons-fileupload', name: 'commons-fileupload', version: '1.3.1'
+    implementation group: 'commons-collections', name: 'commons-collections', version: '3.2'
+    implementation group: 'commons-httpclient', name: 'commons-httpclient', version: '3.1'
+    implementation group: 'commons-fileupload', name: 'commons-fileupload', version: '1.3.1'
 }
 
 dependencyCheck {

src/test/resources/skipTestGroups.gradle

@@ -12,7 +12,7 @@ repositories {
 }
 
 dependencies {
-    testCompile group: 'commons-collections', name: 'commons-collections', version: '3.2'
+    testImplementation group: 'commons-collections', name: 'commons-collections', version: '3.2'
 }
 
 dependencyCheck {

src/test/resources/suppressionFiles.gradle

@@ -9,7 +9,7 @@ repositories {
 }
 
 dependencies {
-    compile 'commons-collections:commons-collections:3.2'
+    implementation 'commons-collections:commons-collections:3.2'
 }
 
 dependencyCheck {