From 6bff4a2eaaffca423bf0a1cdf0fa48640f873a36 Mon Sep 17 00:00:00 2001
From: Ovidiu Popa <ovidiu.popa@armory.io>
Date: Wed, 6 Mar 2024 16:06:18 +0200
Subject: [PATCH] fix(cve): Update nebula config

---
 .../spinnaker-dependencies.gradle             | 21 +++++++++++++++++--
 1 file changed, 19 insertions(+), 2 deletions(-)

diff --git a/spinnaker-dependencies/spinnaker-dependencies.gradle b/spinnaker-dependencies/spinnaker-dependencies.gradle
index e87d00535..688102501 100644
--- a/spinnaker-dependencies/spinnaker-dependencies.gradle
+++ b/spinnaker-dependencies/spinnaker-dependencies.gradle
@@ -1,9 +1,26 @@
 apply plugin: "java-platform"
-
+apply plugin: "nebula.maven-publish"
 javaPlatform {
   allowDependencies()
 }
-artifactoryPublish.skip = true
+// without this building the pom fails when using the Nebula publishing plugin
+configurations {
+  implementation
+}
+artifactoryPublish.skip = false
+// This is a BOM - aka there is actually no CODE - it's PURE BOM
+publishing {
+  publications {
+    nebula(MavenPublication) {
+      from components.javaPlatform
+    }
+  }
+}
+
+artifactoryPublish {
+  skip = false //Skip build info analysis and publishing (false by default)
+  publications ('nebula')
+}
 
 ext {
   versions = [