github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-03-27 19:41:38 +01:00
Code Issues Packages Projects Releases Wiki Activity

general cleanup/enhancement

Browse Source 
Former-commit-id: 6320ac1c59644bcb83ecf171f0d00e7f96b8c7ff
This commit is contained in:
jeremylong
2012-09-29 15:48:55 -04:00
parent e80408d4c2
commit 0df0073a90
4 changed files with 34 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
pom.xml
View File

@@ -317,24 +317,10 @@ along with DependencyCheck. If not, see <http://www.gnu.org/licenses/>.
<artifactId>commons-cli</artifactId> <artifactId>commons-cli</artifactId>
<version>1.2</version> <version>1.2</version>
</dependency> </dependency>
<dependency>
<groupId>commons-cli</groupId>
<artifactId>commons-cli</artifactId>
<version>1.2</version>
<classifier>javadoc</classifier>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>commons-cli</groupId>
<artifactId>commons-cli</artifactId>
<version>1.2</version>
<classifier>sources</classifier>
<scope>provided</scope>
</dependency>
<dependency> <dependency>
<groupId>junit</groupId> <groupId>junit</groupId>
<artifactId>junit</artifactId> <artifactId>junit</artifactId>
<version>4.8.2</version> <version>4.10</version>
<scope>test</scope> <scope>test</scope>
<type>jar</type> <type>jar</type>
</dependency> </dependency>
@@ -397,11 +383,5 @@ along with DependencyCheck. If not, see <http://www.gnu.org/licenses/>.
</exclusion> </exclusion>
</exclusions> </exclusions>
</dependency> </dependency>
<!--<dependency>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
<version>1.2.17</version>
</dependency>-->
</dependencies> </dependencies>
</project> </project>

15
src/main/java/org/codesecure/dependencycheck/Engine.java
View File

@@ -38,8 +38,8 @@ import org.codesecure.dependencycheck.utils.FileUtils;
/** /**
* Scans files, directories, etc. for Dependencies. Analyzers are loaded and * Scans files, directories, etc. for Dependencies. Analyzers are loaded and
* used to process the files found by the scan, if a file is encountered and * used to process the files found by the scan, if a file is encountered and an
* an Analyzer is associated with the file type then the file is turned into a * Analyzer is associated with the file type then the file is turned into a
* dependency. * dependency.
* *
* @author Jeremy Long (jeremy.long@gmail.com) * @author Jeremy Long (jeremy.long@gmail.com)
@@ -68,7 +68,8 @@ public class Engine {
} }
/** /**
* Loads the analyzers specified in the configuration file (or system properties). * Loads the analyzers specified in the configuration file (or system
* properties).
*/ */
private void loadAnalyzers() { private void loadAnalyzers() {
@@ -108,8 +109,8 @@ public class Engine {
/** /**
* Scans a given file or directory. If a directory is specified, it will be * Scans a given file or directory. If a directory is specified, it will be
* scanned recursively. * scanned recursively. Any dependencies identified are added to the
* Any dependencies identified are added to the dependency collection. * dependency collection.
* *
* @param path the path to a file or directory to be analyzed. * @param path the path to a file or directory to be analyzed.
*/ */
@@ -125,8 +126,8 @@ public class Engine {
} }
/** /**
* Recursively scans files and directories. * Recursively scans files and directories. Any dependencies identified are
* Any dependencies identified are added to the dependency collection. * added to the dependency collection.
* *
* @param dir the directory to scan. * @param dir the directory to scan.
*/ */

16
src/main/java/org/codesecure/dependencycheck/data/cpe/CPEAnalyzer.java
View File

@@ -215,7 +215,7 @@ public class CPEAnalyzer implements org.codesecure.dependencycheck.analyzer.Anal
} }
/** /**
* Returns the text created by concatonating the text and the values from the * Returns the text created by concatenating the text and the values from the
* EvidenceCollection (filtered for a specific confidence). This attempts to * EvidenceCollection (filtered for a specific confidence). This attempts to
* prevent duplicate terms from being added.<br/<br/> * prevent duplicate terms from being added.<br/<br/>
* Note, if the evidence is longer then 200 characters it will be truncated. * Note, if the evidence is longer then 200 characters it will be truncated.
@@ -241,11 +241,11 @@ public class CPEAnalyzer implements org.codesecure.dependencycheck.analyzer.Anal
value = value.substring(8).replaceAll("\\.", " "); value = value.substring(8).replaceAll("\\.", " ");
} }
if (sb.indexOf(value) < 0) { if (sb.indexOf(value) < 0) {
if (value.length() > 200) { // if (value.length() > 200) {
sb.append(value.substring(0, 200)).append(' '); // sb.append(value.substring(0, 200)).append(' ');
} else { // } else {
sb.append(value).append(' '); sb.append(value).append(' ');
} // }
} }
} }
return sb.toString(); return sb.toString();
@@ -361,14 +361,14 @@ public class CPEAnalyzer implements org.codesecure.dependencycheck.analyzer.Anal
if (sb.indexOf("^") > 0) { if (sb.indexOf("^") > 0) {
//if we have a weighting on something else, reduce the weighting on the version a lot //if we have a weighting on something else, reduce the weighting on the version a lot
for (String v : version.split(" ")) { for (String v : version.split(" ")) {
LuceneUtils.appendEscapedLuceneQuery(sb, v); LuceneUtils.appendEscapedLuceneQuery(sb, cleanseText(v));
sb.append("^0.2 "); sb.append("^0.2 ");
} }
} else { } else {
//LuceneUtils.appendEscapedLuceneQuery(sb, version); //LuceneUtils.appendEscapedLuceneQuery(sb, version);
//if we have a weighting on something else, reduce the weighting on the version a lot //if we have a weighting on something else, reduce the weighting on the version a lot
for (String v : version.split(" ")) { for (String v : version.split(" ")) {
LuceneUtils.appendEscapedLuceneQuery(sb, v); LuceneUtils.appendEscapedLuceneQuery(sb, cleanseText(v));
sb.append("^0.7 "); sb.append("^0.7 ");
} }
} }
@@ -442,7 +442,7 @@ public class CPEAnalyzer implements org.codesecure.dependencycheck.analyzer.Anal
* *
* @param l string one to compare. * @param l string one to compare.
* @param r string two to compare. * @param r string two to compare.
* @return whether or not the two strings are similiar. * @return whether or not the two strings are similar.
*/ */
private boolean equalsIgnoreCaseAndNonAlpha(String l, String r) { private boolean equalsIgnoreCaseAndNonAlpha(String l, String r) {
if (l == null || r == null) { if (l == null || r == null) {

21
src/main/resources/templates/HtmlReport.vsl
View File

@@ -307,14 +307,27 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
#if ( $dependency.analysisExceptions.size() != 0 ) #if ( $dependency.analysisExceptions.size() != 0 )
#set($cnt=$cnt+1) #set($cnt=$cnt+1)
<h4 id="header$cnt" class="subsectionheader red">Analysis Exceptions</h4> <h4 id="header$cnt" class="subsectionheader expandablesubsection red">Exceptions Occured During Analysis</h4>
<div id="content$cnt" class="subsectioncontent standardsubsection"> <div id="content$cnt" class="subsectioncontent standardsubsection hidden">
<ul> <ul>
#foreach($ex in $dependency.analysisExceptions) #foreach($ex in $dependency.analysisExceptions)
<li>$esc.html($ex.message)<br/><br/><pre class="indent">$esc.html($ex.stackTrace)</pre> <li>$esc.html($ex.message)
#if ( $ex.stackTrace )
<div class="indent">
#foreach ($st in $ex.stackTrace)
$esc.html($st)<br/>
#end
</div>
#end
#if ( $ex.cause ) #if ( $ex.cause )
<br/><b>Caused by:</b> $esc.html($ex.cause.message) <br/><b>Caused by:</b> $esc.html($ex.cause.message)
<br/><br/><pre class="indent">$esc.html($ex.cause.stackTrace)</pre> #if ( $ex.cause.stackTrace )
<div class="indent">
#foreach ($st in $ex.cause.stackTrace)
$esc.html($st)<br/>
#end
</div>
#end
#end #end
</li> </li>
#end #end