gabrysbiz / directory-content-maven-plugin Goto Github PK
View Code? Open in Web Editor NEWProvides a collection of tools for working with directories.
Home Page: http://directory-content-maven-plugin.projects.gabrys.biz/
License: Other
Provides a collection of tools for working with directories.
Home Page: http://directory-content-maven-plugin.projects.gabrys.biz/
License: Other
We should use A successful Git branching model.
We should add Jenkinsfile
: https://jenkins.io/doc/book/pipeline/jenkinsfile/
An XML External Entity or XSLT External Entity (XXE) vulnerability can occur when a javax.xml.transform.Transformer
is created without enabling "Secure Processing" or when one is created without disabling external DTDs. If that external entity is hijacked by an attacker it may lead to the disclosure of confidential data, denial of service, server side request forgery, port scanning from the perspective of the machine where the parser is located, and other system impacts.
Description copied from XML External Entity (XXE) Injection:
XXE Injection is a type of attack against an application that parses XML input. XML is a markup language that defines a set of rules for encoding documents in a format that is both human-readable and machine-readable. By default, many XML processors allow specification of an external entity, a URI that is dereferenced and evaluated during XML processing. When an XML document is being parsed, the parser can make a request and include the content at the specified URI inside of the XML document.
Attacks can include disclosing local files, which may contain sensitive data such as passwords or private user data, using file: schemes or relative paths in the system identifier.
For example, below is a sample XML document, containing an XML element- username.
<?xml version="1.0" encoding="ISO-8859-1"?>
<username>John</username>
</xml>
An external XML entity - xxe, is defined using a system identifier and present within a DOCTYPE header. These entities can access local or remote content. For example the below code contains an external XML entity that would fetch the content of /etc/passwd and display it to the user rendered by username.
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE foo [
<!ENTITY xxe SYSTEM "file:///etc/passwd" >]>
<username>&xxe;</username>
</xml>
Other XXE Injection attacks can access local resources that may not stop returning data, possibly impacting application availability and leading to Denial of Service.
We should use new functionality which will be provided by plugin-utils 1.3.0:
We should be sure that plugin works on JDK 10 and JDK 11.
AC:
We should add to main website info about:
We should be sure that plugin works on JDK9.
AC:
Maven Plugin Utils 2.0.0 is compatible with JDK 6+ and Maven 3+.
AC:
Declarative Pipeline presents a more simplified and opinionated syntax on top of the Pipeline sub-systems. Read more here: https://jenkins.io/doc/book/pipeline/syntax/#declarative-pipeline
We should use the same layout for examples as Css Splitter Maven Plugin.
Example: http://css-splitter-maven-plugin.projects.gabrys.biz/1.0.0/examples.html
We need a flag which will prevents against build failure when source file does not exist.
The goal should allows to copy file to other directory. The goal should support save file under different name.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.