mirror of
https://github.com/ysoftdevs/DependencyCheck.git
synced 2026-03-21 00:29:21 +01:00
per issue #429 updates will only occur if the database schema and expected schema match exactly
This commit is contained in:
Jeremy Long
@@ -324,8 +324,11 @@ public final class ConnectionFactory {
|
|||||||
int c0 = Integer.parseInt(currentDbVersion.getVersionParts().get(0));
|
int c0 = Integer.parseInt(currentDbVersion.getVersionParts().get(0));
|
||||||
int e1 = Integer.parseInt(appExpectedVersion.getVersionParts().get(1));
|
int e1 = Integer.parseInt(appExpectedVersion.getVersionParts().get(1));
|
||||||
int c1 = Integer.parseInt(currentDbVersion.getVersionParts().get(1));
|
int c1 = Integer.parseInt(currentDbVersion.getVersionParts().get(1));
|
||||||
if (e0 == c0 && e1 <= c1) {
|
if (e0 == c0 && e1 < c1) {
|
||||||
LOGGER.warn("A new version of dependency-check is available; consider upgrading");
|
LOGGER.warn("A new version of dependency-check is available; consider upgrading");
|
||||||
|
Settings.setBoolean(Settings.KEYS.AUTO_UPDATE, false);
|
||||||
|
} else if (e0 == c0 && e1 == c1) {
|
||||||
|
//do nothing - not sure how we got here, but just incase...
|
||||||
} else {
|
} else {
|
||||||
LOGGER.error("The database schema must be upgraded to use this version of dependency-check. Please see {} for more information.", UPGRADE_HELP_URL);
|
LOGGER.error("The database schema must be upgraded to use this version of dependency-check. Please see {} for more information.", UPGRADE_HELP_URL);
|
||||||
throw new DatabaseException("Database schema is out of date");
|
throw new DatabaseException("Database schema is out of date");
|
||||||
|
|||||||
@@ -18,6 +18,9 @@
|
|||||||
package org.owasp.dependencycheck.data.update;
|
package org.owasp.dependencycheck.data.update;
|
||||||
|
|
||||||
import java.net.MalformedURLException;
|
import java.net.MalformedURLException;
|
||||||
|
import java.sql.CallableStatement;
|
||||||
|
import java.sql.ResultSet;
|
||||||
|
import java.sql.SQLException;
|
||||||
import java.util.Calendar;
|
import java.util.Calendar;
|
||||||
import java.util.HashSet;
|
import java.util.HashSet;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
@@ -25,6 +28,7 @@ import java.util.concurrent.ExecutionException;
|
|||||||
import java.util.concurrent.ExecutorService;
|
import java.util.concurrent.ExecutorService;
|
||||||
import java.util.concurrent.Executors;
|
import java.util.concurrent.Executors;
|
||||||
import java.util.concurrent.Future;
|
import java.util.concurrent.Future;
|
||||||
|
import static org.owasp.dependencycheck.data.nvdcve.ConnectionFactory.DB_SCHEMA_VERSION;
|
||||||
import org.owasp.dependencycheck.data.nvdcve.CveDB;
|
import org.owasp.dependencycheck.data.nvdcve.CveDB;
|
||||||
import org.owasp.dependencycheck.data.nvdcve.DatabaseException;
|
import org.owasp.dependencycheck.data.nvdcve.DatabaseException;
|
||||||
import org.owasp.dependencycheck.data.nvdcve.DatabaseProperties;
|
import org.owasp.dependencycheck.data.nvdcve.DatabaseProperties;
|
||||||
@@ -37,6 +41,8 @@ import org.owasp.dependencycheck.data.update.nvd.ProcessTask;
|
|||||||
import org.owasp.dependencycheck.data.update.nvd.UpdateableNvdCve;
|
import org.owasp.dependencycheck.data.update.nvd.UpdateableNvdCve;
|
||||||
import org.owasp.dependencycheck.exception.NoDataException;
|
import org.owasp.dependencycheck.exception.NoDataException;
|
||||||
import org.owasp.dependencycheck.utils.DateUtil;
|
import org.owasp.dependencycheck.utils.DateUtil;
|
||||||
|
import org.owasp.dependencycheck.utils.DependencyVersion;
|
||||||
|
import org.owasp.dependencycheck.utils.DependencyVersionUtil;
|
||||||
import org.owasp.dependencycheck.utils.DownloadFailedException;
|
import org.owasp.dependencycheck.utils.DownloadFailedException;
|
||||||
import org.owasp.dependencycheck.utils.InvalidSettingException;
|
import org.owasp.dependencycheck.utils.InvalidSettingException;
|
||||||
import org.owasp.dependencycheck.utils.Settings;
|
import org.owasp.dependencycheck.utils.Settings;
|
||||||
@@ -69,7 +75,13 @@ public class NvdCveUpdater extends BaseUpdater implements CachedWebDataSource {
|
|||||||
public void update() throws UpdateException {
|
public void update() throws UpdateException {
|
||||||
try {
|
try {
|
||||||
openDataStores();
|
openDataStores();
|
||||||
if (checkUpdate()) {
|
boolean autoUpdate = true;
|
||||||
|
try {
|
||||||
|
autoUpdate = Settings.getBoolean(Settings.KEYS.AUTO_UPDATE);
|
||||||
|
} catch (InvalidSettingException ex) {
|
||||||
|
LOGGER.debug("Invalid setting for auto-update; using true.");
|
||||||
|
}
|
||||||
|
if (autoUpdate && checkUpdate()) {
|
||||||
final UpdateableNvdCve updateable = getUpdatesNeeded();
|
final UpdateableNvdCve updateable = getUpdatesNeeded();
|
||||||
if (updateable.isUpdateNeeded()) {
|
if (updateable.isUpdateNeeded()) {
|
||||||
performUpdate(updateable);
|
performUpdate(updateable);
|
||||||
|
|||||||
Reference in New Issue
Block a user