From 40beec2e40614cac98bac75e3a2c83c7d9f2f6c3 Mon Sep 17 00:00:00 2001 From: Jeremy Long Date: Wed, 18 Feb 2015 20:08:14 -0500 Subject: [PATCH] additional parsing of the data from Central was used to determine if the POM file is available in Central (part of the patch for issue #196) Former-commit-id: 1805be75b101546b166c9eb4ad1efc30e53983cf --- .../data/central/CentralSearch.java | 24 +++++++++++++------ 1 file changed, 17 insertions(+), 7 deletions(-) diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/central/CentralSearch.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/central/CentralSearch.java index fb6d86a1d..5699cbeb2 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/central/CentralSearch.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/central/CentralSearch.java @@ -60,8 +60,8 @@ public class CentralSearch { /** * Creates a NexusSearch for the given repository URL. * - * @param rootURL the URL of the repository on which searches should execute. Only parameters are added to this (so - * it should end in /select) + * @param rootURL the URL of the repository on which searches should execute. Only parameters are added to this (so it should + * end in /select) */ public CentralSearch(URL rootURL) { this.rootURL = rootURL; @@ -75,13 +75,12 @@ public class CentralSearch { } /** - * Searches the configured Central URL for the given sha1 hash. If the artifact is found, a - * MavenArtifact is populated with the GAV. + * Searches the configured Central URL for the given sha1 hash. If the artifact is found, a MavenArtifact is + * populated with the GAV. * * @param sha1 the SHA-1 hash string for which to search * @return the populated Maven GAV. - * @throws IOException if it's unable to connect to the specified repository or if the specified artifact is not - * found. + * @throws IOException if it's unable to connect to the specified repository or if the specified artifact is not found. */ public List searchSha1(String sha1) throws IOException { if (null == sha1 || !sha1.matches("^[0-9A-Fa-f]{40}$")) { @@ -124,8 +123,19 @@ public class CentralSearch { final String a = xpath.evaluate("./str[@name='a']", docs.item(i)); LOGGER.finest(String.format("ArtifactId: %s", a)); final String v = xpath.evaluate("./str[@name='v']", docs.item(i)); + final NodeList atts = (NodeList) xpath.evaluate("./arr[@name='ec']/str", docs.item(i), XPathConstants.NODESET); + boolean pomAvailable = false; + boolean jarAvailable = false; + for (int x = 0; x < atts.getLength(); x++) { + final String tmp = xpath.evaluate(".", atts.item(x)); + if (".pom".equals(tmp)) { + pomAvailable = true; + } else if (".jar".equals(tmp)) { + jarAvailable = true; + } + } LOGGER.finest(String.format("Version: %s", v)); - result.add(new MavenArtifact(g, a, v, url.toString())); + result.add(new MavenArtifact(g, a, v, jarAvailable, pomAvailable)); } return result;