github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-03-20 08:14:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

add project URL evidence from pom

Browse Source
This commit is contained in:
bjiang
2016-04-15 11:28:33 -04:00
parent 739f595f13
commit 48af120db8
3 changed files with 32 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java
View File

@@ -566,6 +566,11 @@ public class JarAnalyzer extends AbstractFileTypeAnalyzer {
addMatchingValues(classes, trimmedDescription, dependency.getProductEvidence()); addMatchingValues(classes, trimmedDescription, dependency.getProductEvidence());
} }
String projectURL = pom.getProjectURL();
if(projectURL != null && !projectURL.trim().isEmpty()) {
dependency.getVersionEvidence().addEvidence("pom", "url", projectURL, Confidence.HIGHEST);
}
extractLicense(pom, dependency); extractLicense(pom, dependency);
return foundSomething; return foundSomething;
} }

25
dependency-check-core/src/main/java/org/owasp/dependencycheck/xml/pom/Model.java
View File

@@ -261,6 +261,29 @@ public class Model {
licenses.add(license); licenses.add(license);
} }
/**
* The project URL.
*/
private String projectURL;
/**
* Get the value of projectURL.
*
* @return the value of projectURL
*/
public String getProjectURL() {
return projectURL;
}
/**
* Set the value of projectURL.
*
* @param parentVersion new value of projectURL
*/
public void setProjectURL(String projectURL) {
this.projectURL = projectURL;
}
/** /**
* Process the Maven properties file and interpolate all properties. * Process the Maven properties file and interpolate all properties.
* *
@@ -276,11 +299,11 @@ public class Model {
l.setUrl(interpolateString(l.getUrl(), properties)); l.setUrl(interpolateString(l.getUrl(), properties));
} }
this.name = interpolateString(this.name, properties); this.name = interpolateString(this.name, properties);
this.projectURL = interpolateString(this.projectURL, properties);
this.organization = interpolateString(this.organization, properties); this.organization = interpolateString(this.organization, properties);
this.parentGroupId = interpolateString(this.parentGroupId, properties); this.parentGroupId = interpolateString(this.parentGroupId, properties);
this.parentArtifactId = interpolateString(this.parentArtifactId, properties); this.parentArtifactId = interpolateString(this.parentArtifactId, properties);
this.parentVersion = interpolateString(this.parentVersion, properties); this.parentVersion = interpolateString(this.parentVersion, properties);
} }
/** /**

2
dependency-check-core/src/main/java/org/owasp/dependencycheck/xml/pom/PomHandler.java
View File

@@ -145,6 +145,8 @@ public class PomHandler extends DefaultHandler {
model.setOrganization(currentText.toString()); model.setOrganization(currentText.toString());
} else if (DESCRIPTION.equals(qName)) { } else if (DESCRIPTION.equals(qName)) {
model.setDescription(currentText.toString()); model.setDescription(currentText.toString());
} else if (URL.equals(qName)) {
model.setProjectURL(currentText.toString());
} }
} else if (PARENT.equals(parentNode)) { } else if (PARENT.equals(parentNode)) {
if (GROUPID.equals(qName)) { if (GROUPID.equals(qName)) {