mirror of
https://github.com/ysoftdevs/DependencyCheck.git
synced 2026-03-22 17:19:30 +01:00
checkstyle updates
This commit is contained in:
Jeremy Long
@@ -62,39 +62,53 @@ public class Engine implements FileFilter, AutoCloseable {
|
|||||||
*/
|
*/
|
||||||
public enum Mode {
|
public enum Mode {
|
||||||
/**
|
/**
|
||||||
* In evidence collection mode the {@link Engine} only collects evidence from the scan targets,
|
* In evidence collection mode the {@link Engine} only collects evidence
|
||||||
* and doesn't require a database.
|
* from the scan targets, and doesn't require a database.
|
||||||
*/
|
*/
|
||||||
EVIDENCE_COLLECTION(
|
EVIDENCE_COLLECTION(
|
||||||
false,
|
false,
|
||||||
INITIAL,
|
INITIAL,
|
||||||
PRE_INFORMATION_COLLECTION,
|
PRE_INFORMATION_COLLECTION,
|
||||||
INFORMATION_COLLECTION,
|
INFORMATION_COLLECTION,
|
||||||
POST_INFORMATION_COLLECTION
|
POST_INFORMATION_COLLECTION
|
||||||
),
|
),
|
||||||
/**
|
/**
|
||||||
* In evidence processing mode the {@link Engine} processes the evidence collected using the
|
* In evidence processing mode the {@link Engine} processes the evidence
|
||||||
* {@link #EVIDENCE_COLLECTION} mode. Dependencies should be injected into the {@link Engine}
|
* collected using the {@link #EVIDENCE_COLLECTION} mode. Dependencies
|
||||||
* using {@link Engine#setDependencies(List)}.
|
* should be injected into the {@link Engine} using
|
||||||
|
* {@link Engine#setDependencies(List)}.
|
||||||
*/
|
*/
|
||||||
EVIDENCE_PROCESSING(
|
EVIDENCE_PROCESSING(
|
||||||
true,
|
true,
|
||||||
PRE_IDENTIFIER_ANALYSIS,
|
PRE_IDENTIFIER_ANALYSIS,
|
||||||
IDENTIFIER_ANALYSIS,
|
IDENTIFIER_ANALYSIS,
|
||||||
POST_IDENTIFIER_ANALYSIS,
|
POST_IDENTIFIER_ANALYSIS,
|
||||||
PRE_FINDING_ANALYSIS,
|
PRE_FINDING_ANALYSIS,
|
||||||
FINDING_ANALYSIS,
|
FINDING_ANALYSIS,
|
||||||
POST_FINDING_ANALYSIS,
|
POST_FINDING_ANALYSIS,
|
||||||
FINAL
|
FINAL
|
||||||
),
|
),
|
||||||
/**
|
/**
|
||||||
* In standalone mode the {@link Engine} will collect and process evidence in a single execution.
|
* In standalone mode the {@link Engine} will collect and process
|
||||||
|
* evidence in a single execution.
|
||||||
*/
|
*/
|
||||||
STANDALONE(true, AnalysisPhase.values());
|
STANDALONE(true, AnalysisPhase.values());
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Whether the database is required in this mode.
|
||||||
|
*/
|
||||||
public final boolean requiresDatabase;
|
public final boolean requiresDatabase;
|
||||||
|
/**
|
||||||
|
* The analysis phases included in the mode.
|
||||||
|
*/
|
||||||
public final AnalysisPhase[] phases;
|
public final AnalysisPhase[] phases;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Constructs a new mode.
|
||||||
|
*
|
||||||
|
* @param requiresDatabase if the database is required for the mode
|
||||||
|
* @param phases the analysis phases to include in the mode
|
||||||
|
*/
|
||||||
Mode(boolean requiresDatabase, AnalysisPhase... phases) {
|
Mode(boolean requiresDatabase, AnalysisPhase... phases) {
|
||||||
this.requiresDatabase = requiresDatabase;
|
this.requiresDatabase = requiresDatabase;
|
||||||
this.phases = phases;
|
this.phases = phases;
|
||||||
@@ -116,7 +130,8 @@ public class Engine implements FileFilter, AutoCloseable {
|
|||||||
private final Set<FileTypeAnalyzer> fileTypeAnalyzers = new HashSet<>();
|
private final Set<FileTypeAnalyzer> fileTypeAnalyzers = new HashSet<>();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The engine execution mode indicating it will either collect evidence or process evidence or both.
|
* The engine execution mode indicating it will either collect evidence or
|
||||||
|
* process evidence or both.
|
||||||
*/
|
*/
|
||||||
private final Mode mode;
|
private final Mode mode;
|
||||||
|
|
||||||
@@ -143,9 +158,11 @@ public class Engine implements FileFilter, AutoCloseable {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Creates a new Engine.
|
* Creates a new Engine.
|
||||||
|
*
|
||||||
|
* @param mode the mode of operation
|
||||||
*/
|
*/
|
||||||
public Engine(Mode mode) {
|
public Engine(Mode mode) {
|
||||||
this(Thread.currentThread().getContextClassLoader(), mode);
|
this(Thread.currentThread().getContextClassLoader(), mode);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
@@ -32,6 +32,7 @@ import static java.util.Arrays.asList;
|
|||||||
* @author Jeremy Long
|
* @author Jeremy Long
|
||||||
*/
|
*/
|
||||||
public class AnalyzerService {
|
public class AnalyzerService {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The Logger for use throughout the class.
|
* The Logger for use throughout the class.
|
||||||
*/
|
*/
|
||||||
@@ -45,7 +46,8 @@ public class AnalyzerService {
|
|||||||
/**
|
/**
|
||||||
* Creates a new instance of AnalyzerService.
|
* Creates a new instance of AnalyzerService.
|
||||||
*
|
*
|
||||||
* @param classLoader the ClassLoader to use when dynamically loading Analyzer and Update services
|
* @param classLoader the ClassLoader to use when dynamically loading
|
||||||
|
* Analyzer and Update services
|
||||||
*/
|
*/
|
||||||
public AnalyzerService(ClassLoader classLoader) {
|
public AnalyzerService(ClassLoader classLoader) {
|
||||||
service = ServiceLoader.load(Analyzer.class, classLoader);
|
service = ServiceLoader.load(Analyzer.class, classLoader);
|
||||||
@@ -61,8 +63,10 @@ public class AnalyzerService {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns a list of all instances of the Analyzer interface that are bound to one of the given phases.
|
* Returns a list of all instances of the Analyzer interface that are bound
|
||||||
|
* to one of the given phases.
|
||||||
*
|
*
|
||||||
|
* @param phases the phases to obtain analyzers for
|
||||||
* @return a list of Analyzers.
|
* @return a list of Analyzers.
|
||||||
*/
|
*/
|
||||||
public List<Analyzer> getAnalyzers(AnalysisPhase... phases) {
|
public List<Analyzer> getAnalyzers(AnalysisPhase... phases) {
|
||||||
@@ -70,9 +74,11 @@ public class AnalyzerService {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns a list of all instances of the Analyzer interface that are bound to one of the given phases.
|
* Returns a list of all instances of the Analyzer interface that are bound
|
||||||
|
* to one of the given phases.
|
||||||
*
|
*
|
||||||
* @return a list of Analyzers.
|
* @param phases the phases to obtain analyzers for
|
||||||
|
* @return a list of Analyzers
|
||||||
*/
|
*/
|
||||||
private List<Analyzer> getAnalyzers(List<AnalysisPhase> phases) {
|
private List<Analyzer> getAnalyzers(List<AnalysisPhase> phases) {
|
||||||
final List<Analyzer> analyzers = new ArrayList<>();
|
final List<Analyzer> analyzers = new ArrayList<>();
|
||||||
|
|||||||
@@ -114,7 +114,7 @@ public class AssemblyAnalyzer extends AbstractFileTypeAnalyzer {
|
|||||||
public void analyzeDependency(Dependency dependency, Engine engine)
|
public void analyzeDependency(Dependency dependency, Engine engine)
|
||||||
throws AnalysisException {
|
throws AnalysisException {
|
||||||
|
|
||||||
File test = new File(dependency.getActualFilePath());
|
final File test = new File(dependency.getActualFilePath());
|
||||||
if (!test.isFile()) {
|
if (!test.isFile()) {
|
||||||
throw new AnalysisException(String.format("%s does not exist and cannot be analyzed by dependency-check",
|
throw new AnalysisException(String.format("%s does not exist and cannot be analyzed by dependency-check",
|
||||||
dependency.getActualFilePath()));
|
dependency.getActualFilePath()));
|
||||||
|
|||||||
@@ -150,7 +150,7 @@ public class NspAnalyzer extends AbstractFileTypeAnalyzer {
|
|||||||
try (JsonReader jsonReader = Json.createReader(FileUtils.openInputStream(file))) {
|
try (JsonReader jsonReader = Json.createReader(FileUtils.openInputStream(file))) {
|
||||||
|
|
||||||
// Do not scan the node_modules directory
|
// Do not scan the node_modules directory
|
||||||
if (file.getCanonicalPath().contains(File.separator + "node_modules" + File.separator )) {
|
if (file.getCanonicalPath().contains(File.separator + "node_modules" + File.separator)) {
|
||||||
LOGGER.debug("Skipping analysis of node module: " + file.getCanonicalPath());
|
LOGGER.debug("Skipping analysis of node module: " + file.getCanonicalPath());
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -128,7 +128,7 @@ public class RubyBundleAuditAnalyzer extends AbstractFileTypeAnalyzer {
|
|||||||
final ProcessBuilder builder = new ProcessBuilder(args);
|
final ProcessBuilder builder = new ProcessBuilder(args);
|
||||||
builder.directory(folder);
|
builder.directory(folder);
|
||||||
try {
|
try {
|
||||||
LOGGER.info("Launching: {} from {}",args, folder);
|
LOGGER.info("Launching: {} from {}", args, folder);
|
||||||
return builder.start();
|
return builder.start();
|
||||||
} catch (IOException ioe) {
|
} catch (IOException ioe) {
|
||||||
throw new AnalysisException("bundle-audit initialization failure; this error can be ignored if you are not analyzing Ruby. "
|
throw new AnalysisException("bundle-audit initialization failure; this error can be ignored if you are not analyzing Ruby. "
|
||||||
@@ -204,7 +204,7 @@ public class RubyBundleAuditAnalyzer extends AbstractFileTypeAnalyzer {
|
|||||||
|
|
||||||
if (isEnabled()) {
|
if (isEnabled()) {
|
||||||
LOGGER.info("{} is enabled. It is necessary to manually run \"bundle-audit update\" "
|
LOGGER.info("{} is enabled. It is necessary to manually run \"bundle-audit update\" "
|
||||||
+ "occasionally to keep its database up to date.",ANALYZER_NAME);
|
+ "occasionally to keep its database up to date.", ANALYZER_NAME);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -273,15 +273,15 @@ public class RubyBundleAuditAnalyzer extends AbstractFileTypeAnalyzer {
|
|||||||
for (FileTypeAnalyzer analyzer : engine.getFileTypeAnalyzers()) {
|
for (FileTypeAnalyzer analyzer : engine.getFileTypeAnalyzers()) {
|
||||||
if (analyzer instanceof RubyBundlerAnalyzer) {
|
if (analyzer instanceof RubyBundlerAnalyzer) {
|
||||||
((RubyBundlerAnalyzer) analyzer).setEnabled(false);
|
((RubyBundlerAnalyzer) analyzer).setEnabled(false);
|
||||||
LOGGER.info("Disabled {} to avoid noisy duplicate results.",RubyBundlerAnalyzer.class.getName());
|
LOGGER.info("Disabled {} to avoid noisy duplicate results.", RubyBundlerAnalyzer.class.getName());
|
||||||
} else if (analyzer instanceof RubyGemspecAnalyzer) {
|
} else if (analyzer instanceof RubyGemspecAnalyzer) {
|
||||||
((RubyGemspecAnalyzer) analyzer).setEnabled(false);
|
((RubyGemspecAnalyzer) analyzer).setEnabled(false);
|
||||||
LOGGER.info("Disabled {} to avoid noisy duplicate results.",className);
|
LOGGER.info("Disabled {} to avoid noisy duplicate results.", className);
|
||||||
failed = false;
|
failed = false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (failed) {
|
if (failed) {
|
||||||
LOGGER.warn("Did not find {}.",className);
|
LOGGER.warn("Did not find {}.", className);
|
||||||
}
|
}
|
||||||
needToDisableGemspecAnalyzer = false;
|
needToDisableGemspecAnalyzer = false;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -300,6 +300,9 @@ public final class CveDB implements AutoCloseable {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Releases the resources used by CveDB.
|
||||||
|
*/
|
||||||
private synchronized void releaseResources() {
|
private synchronized void releaseResources() {
|
||||||
instance.statementBundle = null;
|
instance.statementBundle = null;
|
||||||
instance.preparedStatements.clear();
|
instance.preparedStatements.clear();
|
||||||
|
|||||||
@@ -172,7 +172,7 @@ public class NvdCveUpdater implements CachedWebDataSource {
|
|||||||
throw new UpdateException("Database Exception", ex);
|
throw new UpdateException("Database Exception", ex);
|
||||||
} finally {
|
} finally {
|
||||||
shutdownExecutorServices();
|
shutdownExecutorServices();
|
||||||
if(cveDb != null) {
|
if (cveDb != null) {
|
||||||
cveDb.close();
|
cveDb.close();
|
||||||
}
|
}
|
||||||
if (lock != null) {
|
if (lock != null) {
|
||||||
|
|||||||
@@ -261,7 +261,7 @@ public class EvidenceCollection implements Serializable, Iterable<Evidence> {
|
|||||||
|
|
||||||
for (Evidence e : EvidenceCollection.EVIDENCE_USED.filter(this)) {
|
for (Evidence e : EvidenceCollection.EVIDENCE_USED.filter(this)) {
|
||||||
//TODO consider changing the regex to only compare alpha-numeric (i.e. strip everything else)
|
//TODO consider changing the regex to only compare alpha-numeric (i.e. strip everything else)
|
||||||
String item = e.getValue();
|
final String item = e.getValue();
|
||||||
if (item != null) {
|
if (item != null) {
|
||||||
final String uc = urlCorrection(item.toLowerCase());
|
final String uc = urlCorrection(item.toLowerCase());
|
||||||
if (uc != null) {
|
if (uc != null) {
|
||||||
|
|||||||
@@ -174,7 +174,7 @@ public final class Downloader {
|
|||||||
} else {
|
} else {
|
||||||
reader = conn.getInputStream();
|
reader = conn.getInputStream();
|
||||||
}
|
}
|
||||||
|
|
||||||
final byte[] buffer = new byte[4096];
|
final byte[] buffer = new byte[4096];
|
||||||
int bytesRead;
|
int bytesRead;
|
||||||
while ((bytesRead = reader.read(buffer)) > 0) {
|
while ((bytesRead = reader.read(buffer)) > 0) {
|
||||||
|
|||||||
Reference in New Issue
Block a user