Skip to content
/ victims-plugin-nexus Public

Nexus plugin to prevent distribution of vulnerable artifacts when running maven

License

AGPL-3.0 license
2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

skavanagh/victims-plugin-nexus

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits
src
src
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
pom.xml
pom.xml
 
 

Repository files navigation

victims-plugin-nexus

About

Nexus plugin to prevent distribution of vulnerable artifacts when running maven. For more information see The Victims Project

A vulnerable package request will result in a 500 error with a list CVE vulnerabilities.

Prerequisites

Java JDK 1.7 http://www.oracle.com/technetwork/java/javase/overview/index.html

Apache Maven 3.0.4 or 3.0.5 (the newer versions of maven will NOT work!!) http://maven.apache.org/download.cgi

victims-lib >= 1.4-SNAPSHOT https://github.com/victims/victims-lib-java

Nexus http://www.sonatype.org/nexus/go/

Build and Install

Export environment variables

export JAVA_HOME=/path/to/jdk
export M2_HOME=/path/to/maven
export PATH=$JAVA_HOME/bin:$M2_HOME/bin:$PATH

Download, build, and install victims-lib

cd victims-lib-java
mvn clean package install

Build victims-plugin-nexus

cd victims-plugin-nexus
mvn clean package

Unzip victims-plugin-nexus-2.10.0-02-bundle.zip in the $NEXUS_HOME/nexus/WEB-INF/plugin-repository directory and restart nexus

Author

Sean Kavanagh

About

Nexus plugin to prevent distribution of vulnerable artifacts when running maven

Resources

Readme

License

AGPL-3.0 license
Activity

Stars

2 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages