diff --git a/dependency-check-ant/src/main/java/org/owasp/dependencycheck/taskdefs/Check.java b/dependency-check-ant/src/main/java/org/owasp/dependencycheck/taskdefs/Check.java index afc2cdb86..54bf39046 100644 --- a/dependency-check-ant/src/main/java/org/owasp/dependencycheck/taskdefs/Check.java +++ b/dependency-check-ant/src/main/java/org/owasp/dependencycheck/taskdefs/Check.java @@ -568,6 +568,102 @@ public class Check extends Update { public void setCMakeAnalyzerEnabled(Boolean cmakeAnalyzerEnabled) { this.cmakeAnalyzerEnabled = cmakeAnalyzerEnabled; } + +//start changes + /** + * Whether or not the Ruby Bundle Audit Analyzer is enabled. + */ + private Boolean bundleAuditAnalyzerEnabled; + + /** + * Returns if the Bundle Audit Analyzer is enabled. + * + * @return if the Bundle Audit Analyzer is enabled. + */ + public Boolean isBundleAuditAnalyzerEnabled() { + return bundleAuditAnalyzerEnabled; + } + + /** + * Sets if the Bundle Audit Analyzer is enabled. + * + * @param bundleAuditAnalyzerEnabled whether or not the analyzer should be + * enabled + */ + public void setBundleAuditAnalyzerEnabled(Boolean bundleAuditAnalyzerEnabled) { + this.bundleAuditAnalyzerEnabled = bundleAuditAnalyzerEnabled; + } + + /** + * Sets the path for the bundle-audit binary. + */ + private String bundleAuditPath; + + /** + * Returns the path to the bundle audit executable. + * + * @return the path to the bundle audit executable + */ + public String getBundleAuditPath() { + return bundleAuditPath; + } + + /** + * Sets the path to the bundle audit executable. + * + * @param bundleAuditPath the path to the bundle audit executable + */ + public void setBundleAuditPath(String bundleAuditPath) { + this.bundleAuditPath = bundleAuditPath; + } + /** + * Whether or not the CocoaPods Analyzer is enabled. + */ + private Boolean cocoapodsAnalyzerEnabled; + + /** + * Returns if the cocoapods analyyzer is enabled. + * + * @return if the cocoapods analyyzer is enabled + */ + public boolean isCocoapodsAnalyzerEnabled() { + return cocoapodsAnalyzerEnabled; + } + + /** + * Sets whether or not the cocoapods analyzer is enabled. + * + * @param cocoapodsAnalyzerEnabled the state of the cocoapods analyzer + */ + public void setCocoapodsAnalyzerEnabled(Boolean cocoapodsAnalyzerEnabled) { + this.cocoapodsAnalyzerEnabled = cocoapodsAnalyzerEnabled; + } + + /** + * Whether or not the Swift package Analyzer is enabled. + */ + private Boolean swiftPackageManagerAnalyzerEnabled; + + /** + * Returns whether or not the Swift package Analyzer is enabled. + * + * @return whether or not the Swift package Analyzer is enabled + */ + public Boolean isSwiftPackageManagerAnalyzerEnabled() { + return swiftPackageManagerAnalyzerEnabled; + } + + /** + * Sets the enabled state of the swift package manager analyzer. + * + * @param swiftPackageManagerAnalyzerEnabled the enabled state of the swift + * package manager + */ + public void setSwiftPackageManagerAnalyzerEnabled(Boolean swiftPackageManagerAnalyzerEnabled) { + this.swiftPackageManagerAnalyzerEnabled = swiftPackageManagerAnalyzerEnabled; + } +//end changes + /** * Whether or not the openssl analyzer is enabled. */ @@ -934,6 +1030,10 @@ public class Check extends Update { Settings.setBooleanIfNotNull(Settings.KEYS.ANALYZER_RUBY_GEMSPEC_ENABLED, rubygemsAnalyzerEnabled); Settings.setBooleanIfNotNull(Settings.KEYS.ANALYZER_OPENSSL_ENABLED, opensslAnalyzerEnabled); Settings.setBooleanIfNotNull(Settings.KEYS.ANALYZER_CMAKE_ENABLED, cmakeAnalyzerEnabled); + Settings.setBooleanIfNotNull(Settings.KEYS.ANALYZER_SWIFT_PACKAGE_MANAGER_ENABLED, swiftPackageManagerAnalyzerEnabled); + Settings.setBooleanIfNotNull(Settings.KEYS.ANALYZER_COCOAPODS_ENABLED, cocoapodsAnalyzerEnabled); + Settings.setBooleanIfNotNull(Settings.KEYS.ANALYZER_BUNDLE_AUDIT_ENABLED, bundleAuditAnalyzerEnabled); + Settings.setStringIfNotNull(Settings.KEYS.ANALYZER_BUNDLE_AUDIT_PATH, bundleAuditPath); Settings.setBooleanIfNotNull(Settings.KEYS.ANALYZER_AUTOCONF_ENABLED, autoconfAnalyzerEnabled); Settings.setBooleanIfNotNull(Settings.KEYS.ANALYZER_COMPOSER_LOCK_ENABLED, composerAnalyzerEnabled); Settings.setBooleanIfNotNull(Settings.KEYS.ANALYZER_NODE_PACKAGE_ENABLED, nodeAnalyzerEnabled); diff --git a/dependency-check-cli/src/main/java/org/owasp/dependencycheck/App.java b/dependency-check-cli/src/main/java/org/owasp/dependencycheck/App.java index c5cec9ccb..b4e33f28a 100644 --- a/dependency-check-cli/src/main/java/org/owasp/dependencycheck/App.java +++ b/dependency-check-cli/src/main/java/org/owasp/dependencycheck/App.java @@ -431,6 +431,8 @@ public class App { Settings.setBoolean(Settings.KEYS.ANALYZER_OPENSSL_ENABLED, !cli.isOpenSSLDisabled()); Settings.setBoolean(Settings.KEYS.ANALYZER_COMPOSER_LOCK_ENABLED, !cli.isComposerDisabled()); Settings.setBoolean(Settings.KEYS.ANALYZER_NODE_PACKAGE_ENABLED, !cli.isNodeJsDisabled()); + Settings.setBoolean(Settings.KEYS.ANALYZER_SWIFT_PACKAGE_MANAGER_ENABLED, !cli.isSwiftPackageAnalyzerDisabled()); + Settings.setBoolean(Settings.KEYS.ANALYZER_COCOAPODS_ENABLED, !cli.isCocoapodsAnalyzerDisabled()); Settings.setBoolean(Settings.KEYS.ANALYZER_RUBY_GEMSPEC_ENABLED, !cli.isRubyGemspecDisabled()); Settings.setBoolean(Settings.KEYS.ANALYZER_CENTRAL_ENABLED, !cli.isCentralDisabled()); Settings.setBoolean(Settings.KEYS.ANALYZER_NEXUS_ENABLED, !cli.isNexusDisabled()); diff --git a/dependency-check-cli/src/main/java/org/owasp/dependencycheck/CliParser.java b/dependency-check-cli/src/main/java/org/owasp/dependencycheck/CliParser.java index a5c17e41c..9a488719d 100644 --- a/dependency-check-cli/src/main/java/org/owasp/dependencycheck/CliParser.java +++ b/dependency-check-cli/src/main/java/org/owasp/dependencycheck/CliParser.java @@ -437,6 +437,11 @@ public final class CliParser { final Option disableCmakeAnalyzer = Option.builder().longOpt(ARGUMENT.DISABLE_CMAKE) .desc("Disable the Cmake Analyzer.").build(); + final Option cocoapodsAnalyzerEnabled = Option.builder().longOpt(ARGUMENT.DISABLE_COCOAPODS) + .desc("Disable the CocoaPods Analyzer.").build(); + final Option swiftPackageManagerAnalyzerEnabled = Option.builder().longOpt(ARGUMENT.DISABLE_SWIFT) + .desc("Disable the swift package Analyzer.").build(); + final Option disableCentralAnalyzer = Option.builder().longOpt(ARGUMENT.DISABLE_CENTRAL) .desc("Disable the Central Analyzer. If this analyzer is disabled it is likely you also want to disable " + "the Nexus Analyzer.").build(); @@ -481,6 +486,8 @@ public final class CliParser { .addOption(disableNuspecAnalyzer) .addOption(disableCentralAnalyzer) .addOption(disableNexusAnalyzer) + .addOption(cocoapodsAnalyzerEnabled) + .addOption(swiftPackageManagerAnalyzerEnabled) .addOption(Option.builder().longOpt(ARGUMENT.DISABLE_NODE_JS) .desc("Disable the Node.js Package Analyzer.").build()) .addOption(nexusUrl) @@ -701,6 +708,28 @@ public final class CliParser { return (line != null) && line.hasOption(ARGUMENT.DISABLE_NODE_JS); } + /** + * Returns true if the disableCocoapodsAnalyzer command line argument was + * specified. + * + * @return true if the disableCocoapodsAnalyzer command line argument was + * specified; otherwise false + */ + public boolean isCocoapodsAnalyzerDisabled() { + return (line != null) && line.hasOption(ARGUMENT.DISABLE_COCOAPODS); + } + + /** + * Returns true if the disableSwiftPackageManagerAnalyzer command line + * argument was specified. + * + * @return true if the disableSwiftPackageManagerAnalyzer command line + * argument was specified; otherwise false + */ + public boolean isSwiftPackageAnalyzerDisabled() { + return (line != null) && line.hasOption(ARGUMENT.DISABLE_SWIFT); + } + /** * Returns true if the disableCentral command line argument was specified. * @@ -1352,6 +1381,14 @@ public final class CliParser { * Disables the Cmake Analyzer. */ public static final String DISABLE_CMAKE = "disableCmake"; + /** + * Disables the cocoapods analyzer. + */ + public static final String DISABLE_COCOAPODS = "disableCocoapodsAnalyzer"; + /** + * Disables the swift package manager analyzer. + */ + public static final String DISABLE_SWIFT = "disableSwiftPackageManagerAnalyzer"; /** * Disables the Assembly Analyzer. */ diff --git a/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java b/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java index 769e6826f..da8785178 100644 --- a/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java +++ b/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java @@ -322,66 +322,12 @@ public abstract class BaseDependencyCheckMojo extends AbstractMojo implements Ma @Parameter(property = "cocoapodsAnalyzerEnabled", required = false) private Boolean cocoapodsAnalyzerEnabled; - /** - * Whether or not the CPE Analyzer is enabled. - */ - @Parameter(property = "cpeAnalyzerEnabled", required = false) - private Boolean cpeAnalyzerEnabled; - - /** - * Whether or not the CPE Suppressions Analyzer is enabled. - */ - @Parameter(property = "cpeSuppressionAnalyzerEnabled", required = false) - private Boolean cpeSuppressionAnalyzerEnabled; - - /** - * Whether or not the Ruby Dependency Bundling Analyzer is enabled. - */ - @Parameter(property = "dependencyBundlingAnalyzerEnabled", required = false) - private Boolean dependencyBundlingAnalyzerEnabled; - - /** - * Whether or not the Ruby Dependency Merging Analyzer is enabled. - */ - @Parameter(property = "dependencyMergingAnalyzerEnabled", required = false) - private Boolean dependencyMergingAnalyzerEnabled; - - /** - * Whether or not the False Positives Analyzer is enabled. - */ - @Parameter(property = "falsePositiveAnalyzerEnabled", required = false) - private Boolean falsePositiveAnalyzerEnabled; - - /** - * Whether or not the File Name Analyzer is enabled. - */ - @Parameter(property = "fileNameAnalyzerEnabled", required = false) - private Boolean fileNameAnalyzerEnabled; - - /** - * Whether or not the Hint Analyzer is enabled. - */ - @Parameter(property = "hintAnalyzerEnabled", required = false) - private Boolean hintAnalyzerEnabled; - - /** - * Whether or not the nvd/cve Analyzer is enabled. - */ - @Parameter(property = "nvdCveAnalyzerEnabled", required = false) - private Boolean nvdCveAnalyzerEnabled; - /** * Whether or not the Swift package Analyzer is enabled. */ @Parameter(property = "swiftPackageManagerAnalyzerEnabled", required = false) private Boolean swiftPackageManagerAnalyzerEnabled; - - /** - * Whether or not the Vulnerability Suppression Analyzer is enabled. - */ - @Parameter(property = "vulnerabilitySuppressionAnalyzerEnabled", required = false) - private Boolean vulnerabilitySuppressionAnalyzerEnabled; - + /** * The URL of a Nexus server's REST API end point * (http://domain/nexus/service/local). @@ -964,19 +910,8 @@ public abstract class BaseDependencyCheckMojo extends AbstractMojo implements Ma Settings.setBooleanIfNotNull(Settings.KEYS.ANALYZER_NODE_PACKAGE_ENABLED, nodeAnalyzerEnabled); Settings.setBooleanIfNotNull(Settings.KEYS.ANALYZER_BUNDLE_AUDIT_ENABLED, bundleAuditAnalyzerEnabled); Settings.setStringIfNotNull(Settings.KEYS.ANALYZER_BUNDLE_AUDIT_PATH, bundleAuditPath); - Settings.setBooleanIfNotNull(Settings.KEYS.ANALYZER_COCOAPODS_ENABLED, cocoapodsAnalyzerEnabled); - Settings.setBooleanIfNotNull(Settings.KEYS.ANALYZER_CPE_ENABLED, cpeAnalyzerEnabled); - Settings.setBooleanIfNotNull(Settings.KEYS.ANALYZER_CPE_SUPPRESSION_ENABLED, cpeSuppressionAnalyzerEnabled); - Settings.setBooleanIfNotNull(Settings.KEYS.ANALYZER_DEPENDENCY_BUNDLING_ENABLED, dependencyBundlingAnalyzerEnabled); - Settings.setBooleanIfNotNull(Settings.KEYS.ANALYZER_DEPENDENCY_MERGING_ENABLED, dependencyMergingAnalyzerEnabled); - Settings.setBooleanIfNotNull(Settings.KEYS.ANALYZER_FALSE_POSITIVE_ENABLED, falsePositiveAnalyzerEnabled); - Settings.setBooleanIfNotNull(Settings.KEYS.ANALYZER_FILE_NAME_ENABLED, fileNameAnalyzerEnabled); - Settings.setBooleanIfNotNull(Settings.KEYS.ANALYZER_HINT_ENABLED, hintAnalyzerEnabled); - Settings.setBooleanIfNotNull(Settings.KEYS.ANALYZER_NVD_CVE_ENABLED, nvdCveAnalyzerEnabled); Settings.setBooleanIfNotNull(Settings.KEYS.ANALYZER_SWIFT_PACKAGE_MANAGER_ENABLED, swiftPackageManagerAnalyzerEnabled); - Settings.setBooleanIfNotNull(Settings.KEYS.ANALYZER_VULNERABILITY_SUPPRESSION_ENABLED, vulnerabilitySuppressionAnalyzerEnabled); - //Database configuration Settings.setStringIfNotEmpty(Settings.KEYS.DB_DRIVER_NAME, databaseDriverName);