github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-02-25 20:05:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

Added 'deep scan' argument/property to indicate more evidence should be collected even if it increases false positives

Browse Source 
Former-commit-id: cc2c489f8187eb459301a132ff63a2ebe4289e01
This commit is contained in:
Jeremy Long
2013-03-08 17:33:01 -05:00
parent 55004e7832
commit 34d5ba7d35
4 changed files with 55 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
src/main/java/org/owasp/dependencycheck/utils/CliParser.java
View File

@@ -160,6 +160,9 @@ public final class CliParser {
Option advancedHelp = new Option(ArgumentName.ADVANCED_HELP_SHORT, ArgumentName.ADVANCED_HELP, false,
"shows additional help regarding properties file.");
Option deepScan = new Option(ArgumentName.PERFORM_DEEP_SCAN_SHORT, ArgumentName.PERFORM_DEEP_SCAN, false,
"extracts extra information from dependencies that may increase false positives, but also decrease false negatives.");
Option version = new Option(ArgumentName.VERSION_SHORT, ArgumentName.VERSION,
false, "print the version information.");
@@ -199,6 +202,7 @@ public final class CliParser {
opts.addOption(version);
opts.addOption(help);
opts.addOption(noupdate);
opts.addOption(deepScan);
opts.addOption(props);
opts.addOption(advancedHelp);
return opts;
@@ -238,7 +242,7 @@ public final class CliParser {
HelpFormatter formatter = new HelpFormatter();
String nl = System.getProperty("line.separator");
String advancedHelp = null;
if (line.hasOption(ArgumentName.ADVANCED_HELP)) {
if (line != null && line.hasOption(ArgumentName.ADVANCED_HELP)) {
advancedHelp = nl + nl
+ "Additionally, the following properties are supported and can be specified either"
+ "using the -p <file> argument or by passing them in as system properties." + nl
@@ -323,6 +327,13 @@ public final class CliParser {
return (line == null) || !line.hasOption(ArgumentName.DISABLE_AUTO_UPDATE);
}
/**
* Checks if a deep scan of the dependencies was requested.
* @return whether a deep scan of the evidence within the dependencies was requested.
*/
public boolean isDeepScan() {
return (line != null) && line.hasOption(ArgumentName.PERFORM_DEEP_SCAN);
}
/**
* A collection of static final strings that represent the possible command
* line arguments.
@@ -401,6 +412,16 @@ public final class CliParser {
* The short CLI argument name asking for advanced help.
*/
public static final String ADVANCED_HELP = "advancedhelp";
/*
* The short CLI argument name indicating a deep scan of the dependencies
* should be performed.
*/
public static final String PERFORM_DEEP_SCAN_SHORT = "d";
/*
* The CLI argument name indicating a deep scan of the dependencies
* should be performed.
*/
public static final String PERFORM_DEEP_SCAN = "deepscan";
/**
* The short CLI argument name for setting the location of an additional
* properties file.

17
src/main/java/org/owasp/dependencycheck/utils/Settings.java
View File

@@ -117,6 +117,10 @@ public class Settings {
* The properties key for the connection timeout.
*/
public static final String CONNECTION_TIMEOUT = "connection.timeout";
/**
* The properties key indicating a deep scan should be performed.
*/
public static final String PERFORM_DEEP_SCAN = "perform.deepscan";
}
private static final String PROPERTIES_FILE = "configuration/dependencycheck.properties";
private static final Settings INSTANCE = new Settings();
@@ -145,6 +149,19 @@ public class Settings {
public static void setString(String key, String value) {
INSTANCE.props.setProperty(key, value);
}
/**
* Sets a property value.
*
* @param key the key for the property.
* @param value the value for the property.
*/
public static void setBoolean(String key, boolean value) {
if (value) {
INSTANCE.props.setProperty(key, Boolean.TRUE.toString());
} else {
INSTANCE.props.setProperty(key, Boolean.FALSE.toString());
}
}
/**
* Merges a new properties file into the current properties. This method