Merge branch 'add-android-dependency-audit'

2 files changed, 14 insertions, 0 deletions

diff --git a/android/app/build.gradle b/android/app/build.gradle
index 6af629ec56..95f3b40d55 100644
--- a/android/app/build.gradle
+++ b/android/app/build.gradle
@@ -110,6 +110,14 @@ android {
     }
 }
 
+dependencyCheck {
+    // Skip the lintClassPath configuration, which relies on many dependencies that has been flagged
+    // to have CVEs, as it's related to the lint tooling rather than the project's compilation class
+    // path. The alternative would be to suppress specific CVEs, however that could potentially
+    // result in suppressed CVEs in project compilation class path.
+    skipConfigurations += 'lintClassPath'
+}
+
 tasks.withType(org.jetbrains.kotlin.gradle.tasks.KotlinCompile).all {
     kotlinOptions {
         allWarningsAsErrors = false
diff --git a/android/build.gradle b/android/build.gradle
index 46b04e49d7..dd148cccb1 100644
--- a/android/build.gradle
+++ b/android/build.gradle
@@ -19,6 +19,8 @@ buildscript {
         classpath "com.android.tools.build:gradle:4.1.3"
         classpath "com.github.triplet.gradle:play-publisher:2.7.5"
         classpath "org.jetbrains.kotlin:kotlin-gradle-plugin:$kotlinVersion"
+        classpath "org.owasp:dependency-check-gradle:6.5.0.1"
+
     }
 }
 
@@ -27,6 +29,10 @@ allprojects {
         google()
         mavenCentral()
     }
+    apply plugin: 'org.owasp.dependencycheck'
+    dependencyCheck {
+        failBuildOnCVSS = 0 // All severity levels
+    }
 }
 
 task clean(type: Delete) {