[OWASP-ESAPI] Instructions on ESAPI-Building incorrect

Dave Wichers dave.wichers at owasp.org
Wed Aug 12 09:40:53 EDT 2009


Thanks for pointing this first point out. Can you update the wiki yourself
to make the fix? That's why we have a wiki, so everyone can contribute
easily. :-)

Regarding the 2nd point, I'll have to let other people more knowledgeable
than me answer that question.

Thanks, Dave

-----Original Message-----
From: owasp-esapi-bounces at lists.owasp.org
[mailto:owasp-esapi-bounces at lists.owasp.org] On Behalf Of Kevin W. Wall
Sent: Tuesday, August 11, 2009 8:55 PM
To: owasp-esapi
Subject: [OWASP-ESAPI] Instructions on ESAPI-Building incorrect

The instructions on building ESAPI as given at:

have a step missing. As given, there needs to be a

	$ cd trunk

inserted between the two calls to Maven (mvn).
Otherwise, when you execute

	$ mvn -Dmaven.test.skip=true package

you will get the build error:

	Cannot execute mojo: resources. It requires a project
	with an existing pom.xml, but the build is not using one.

because it can't find the pom.xml file.

Also, is there any standard self-signed cert that we can use
for development to sign the ESAPI-2.0.jar? Maven prompts for
a keystore passphrase and then attempts to sign this jar using
a not existant keystore (unless you happen to be Jeff Williams :)
resulting in a build error.

Kevin W. Wall
Question: Are people who appear as wax figures in Madame Tussaud's
          Wax Museum enshrined in tallowed halls?       - me
OWASP-ESAPI mailing list
OWASP-ESAPI at lists.owasp.org

More information about the OWASP-ESAPI mailing list