mirror of
https://github.com/ysoftdevs/DependencyCheck.git
synced 2026-03-24 10:01:35 +01:00
Jeremy Long
@@ -416,7 +416,7 @@ public class App {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Takes a path and resolves it to be a canonical & absolute path. The caveats are that this method will take an Ant style
|
* Takes a path and resolves it to be a canonical & absolute path. The caveats are that this method will take an Ant style
|
||||||
* file selector path (../someDir/**\/*.jar) and convert it to an absolute/canonical path (at least to the left of the first *
|
* file selector path (../someDir/**\/*.jar) and convert it to an absolute/canonical path (at least to the left of the first *
|
||||||
* or ?).
|
* or ?).
|
||||||
*
|
*
|
||||||
|
|||||||
@@ -280,22 +280,11 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
|
|||||||
<artifactId>slf4j-api</artifactId>
|
<artifactId>slf4j-api</artifactId>
|
||||||
</dependency>
|
</dependency>
|
||||||
<!-- Set this to test so that each project that uses this has to have its own implementation of SLF4J -->
|
<!-- Set this to test so that each project that uses this has to have its own implementation of SLF4J -->
|
||||||
<dependency>
|
|
||||||
<groupId>ch.qos.logback</groupId>
|
|
||||||
<artifactId>logback-core</artifactId>
|
|
||||||
<scope>test</scope>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>ch.qos.logback</groupId>
|
<groupId>ch.qos.logback</groupId>
|
||||||
<artifactId>logback-classic</artifactId>
|
<artifactId>logback-classic</artifactId>
|
||||||
<scope>test</scope>
|
<scope>test</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
<!-- For the CAL10N support -->
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.slf4j</groupId>
|
|
||||||
<artifactId>slf4j-ext</artifactId>
|
|
||||||
<scope>compile</scope>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.owasp</groupId>
|
<groupId>org.owasp</groupId>
|
||||||
<artifactId>dependency-check-utils</artifactId>
|
<artifactId>dependency-check-utils</artifactId>
|
||||||
@@ -342,6 +331,7 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
|
|||||||
<dependency>
|
<dependency>
|
||||||
<groupId>com.h2database</groupId>
|
<groupId>com.h2database</groupId>
|
||||||
<artifactId>h2</artifactId>
|
<artifactId>h2</artifactId>
|
||||||
|
<scope>runtime</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.glassfish</groupId>
|
<groupId>org.glassfish</groupId>
|
||||||
@@ -350,7 +340,6 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
|
|||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.jsoup</groupId>
|
<groupId>org.jsoup</groupId>
|
||||||
<artifactId>jsoup</artifactId>
|
<artifactId>jsoup</artifactId>
|
||||||
<type>jar</type>
|
|
||||||
</dependency>
|
</dependency>
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>com.sun.mail</groupId>
|
<groupId>com.sun.mail</groupId>
|
||||||
|
|||||||
@@ -366,8 +366,7 @@ public class Engine implements FileFilter {
|
|||||||
* This is okay for adds/deletes because it happens per analyzer.
|
* This is okay for adds/deletes because it happens per analyzer.
|
||||||
*/
|
*/
|
||||||
LOGGER.debug("Begin Analyzer '{}'", a.getName());
|
LOGGER.debug("Begin Analyzer '{}'", a.getName());
|
||||||
final Set<Dependency> dependencySet = new HashSet<Dependency>();
|
final Set<Dependency> dependencySet = new HashSet<Dependency>(dependencies);
|
||||||
dependencySet.addAll(dependencies);
|
|
||||||
for (Dependency d : dependencySet) {
|
for (Dependency d : dependencySet) {
|
||||||
boolean shouldAnalyze = true;
|
boolean shouldAnalyze = true;
|
||||||
if (a instanceof FileTypeAnalyzer) {
|
if (a instanceof FileTypeAnalyzer) {
|
||||||
|
|||||||
@@ -184,7 +184,7 @@ public class ArchiveAnalyzer extends AbstractFileTypeAnalyzer {
|
|||||||
if (tempFileLocation != null && tempFileLocation.exists()) {
|
if (tempFileLocation != null && tempFileLocation.exists()) {
|
||||||
LOGGER.debug("Attempting to delete temporary files");
|
LOGGER.debug("Attempting to delete temporary files");
|
||||||
final boolean success = FileUtils.delete(tempFileLocation);
|
final boolean success = FileUtils.delete(tempFileLocation);
|
||||||
if (!success && tempFileLocation != null && tempFileLocation.exists() && tempFileLocation.list().length > 0) {
|
if (!success && tempFileLocation.exists() && tempFileLocation.list().length > 0) {
|
||||||
LOGGER.warn("Failed to delete some temporary files, see the log for more details");
|
LOGGER.warn("Failed to delete some temporary files, see the log for more details");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -271,15 +271,14 @@ public class ArchiveAnalyzer extends AbstractFileTypeAnalyzer {
|
|||||||
* @return any dependencies that weren't known to the engine before
|
* @return any dependencies that weren't known to the engine before
|
||||||
*/
|
*/
|
||||||
private static Set<Dependency> findMoreDependencies(Engine engine, File file) {
|
private static Set<Dependency> findMoreDependencies(Engine engine, File file) {
|
||||||
List<Dependency> before = new ArrayList<Dependency>(engine.getDependencies());
|
final List<Dependency> before = new ArrayList<Dependency>(engine.getDependencies());
|
||||||
engine.scan(file);
|
engine.scan(file);
|
||||||
List<Dependency> after = engine.getDependencies();
|
final List<Dependency> after = engine.getDependencies();
|
||||||
final boolean sizeChanged = before.size() != after.size();
|
final boolean sizeChanged = before.size() != after.size();
|
||||||
final Set<Dependency> newDependencies;
|
final Set<Dependency> newDependencies;
|
||||||
if (sizeChanged) {
|
if (sizeChanged) {
|
||||||
//get the new dependencies
|
//get the new dependencies
|
||||||
newDependencies = new HashSet<Dependency>();
|
newDependencies = new HashSet<Dependency>(after);
|
||||||
newDependencies.addAll(after);
|
|
||||||
newDependencies.removeAll(before);
|
newDependencies.removeAll(before);
|
||||||
} else {
|
} else {
|
||||||
newDependencies = EMPTY_DEPENDENCY_SET;
|
newDependencies = EMPTY_DEPENDENCY_SET;
|
||||||
@@ -452,7 +451,7 @@ public class ArchiveAnalyzer extends AbstractFileTypeAnalyzer {
|
|||||||
*
|
*
|
||||||
* @param closeable to be closed
|
* @param closeable to be closed
|
||||||
*/
|
*/
|
||||||
private static void close(Closeable closeable){
|
private static void close(Closeable closeable) {
|
||||||
if (null != closeable) {
|
if (null != closeable) {
|
||||||
try {
|
try {
|
||||||
closeable.close();
|
closeable.close();
|
||||||
|
|||||||
@@ -17,8 +17,6 @@
|
|||||||
*/
|
*/
|
||||||
package org.owasp.dependencycheck.analyzer;
|
package org.owasp.dependencycheck.analyzer;
|
||||||
|
|
||||||
import ch.qos.cal10n.IMessageConveyor;
|
|
||||||
import ch.qos.cal10n.MessageConveyor;
|
|
||||||
import java.io.BufferedReader;
|
import java.io.BufferedReader;
|
||||||
import java.io.File;
|
import java.io.File;
|
||||||
import java.io.FileFilter;
|
import java.io.FileFilter;
|
||||||
@@ -45,7 +43,6 @@ import javax.xml.xpath.XPathExpressionException;
|
|||||||
import javax.xml.xpath.XPathFactory;
|
import javax.xml.xpath.XPathFactory;
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Locale;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Analyzer for getting company, product, and version information from a .NET assembly.
|
* Analyzer for getting company, product, and version information from a .NET assembly.
|
||||||
@@ -75,10 +72,6 @@ public class AssemblyAnalyzer extends AbstractFileTypeAnalyzer {
|
|||||||
* The DocumentBuilder for parsing the XML
|
* The DocumentBuilder for parsing the XML
|
||||||
*/
|
*/
|
||||||
private DocumentBuilder builder;
|
private DocumentBuilder builder;
|
||||||
/**
|
|
||||||
* Message Conveyer
|
|
||||||
*/
|
|
||||||
private static final IMessageConveyor MESSAGE_CONVERYOR = new MessageConveyor(Locale.getDefault());
|
|
||||||
/**
|
/**
|
||||||
* Logger
|
* Logger
|
||||||
*/
|
*/
|
||||||
|
|||||||
@@ -154,8 +154,7 @@ public class FalsePositiveAnalyzer extends AbstractAnalyzer {
|
|||||||
*/
|
*/
|
||||||
@SuppressWarnings("null")
|
@SuppressWarnings("null")
|
||||||
private void removeSpuriousCPE(Dependency dependency) {
|
private void removeSpuriousCPE(Dependency dependency) {
|
||||||
final List<Identifier> ids = new ArrayList<Identifier>();
|
final List<Identifier> ids = new ArrayList<Identifier>(dependency.getIdentifiers());
|
||||||
ids.addAll(dependency.getIdentifiers());
|
|
||||||
Collections.sort(ids);
|
Collections.sort(ids);
|
||||||
final ListIterator<Identifier> mainItr = ids.listIterator();
|
final ListIterator<Identifier> mainItr = ids.listIterator();
|
||||||
while (mainItr.hasNext()) {
|
while (mainItr.hasNext()) {
|
||||||
|
|||||||
@@ -28,10 +28,16 @@ import org.owasp.dependencycheck.utils.Settings;
|
|||||||
import org.slf4j.Logger;
|
import org.slf4j.Logger;
|
||||||
import org.slf4j.LoggerFactory;
|
import org.slf4j.LoggerFactory;
|
||||||
|
|
||||||
import javax.json.*;
|
|
||||||
import java.io.File;
|
import java.io.File;
|
||||||
import java.io.FileFilter;
|
import java.io.FileFilter;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
|
import java.util.Map;
|
||||||
|
import javax.json.Json;
|
||||||
|
import javax.json.JsonException;
|
||||||
|
import javax.json.JsonObject;
|
||||||
|
import javax.json.JsonReader;
|
||||||
|
import javax.json.JsonString;
|
||||||
|
import javax.json.JsonValue;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Used to analyze Node Package Manager (npm) package.json files, and collect information that can be used to determine
|
* Used to analyze Node Package Manager (npm) package.json files, and collect information that can be used to determine
|
||||||
@@ -120,13 +126,13 @@ public class NodePackageAnalyzer extends AbstractFileTypeAnalyzer {
|
|||||||
"Problem occurred while reading dependency file.", e);
|
"Problem occurred while reading dependency file.", e);
|
||||||
}
|
}
|
||||||
try {
|
try {
|
||||||
JsonObject json = jsonReader.readObject();
|
final JsonObject json = jsonReader.readObject();
|
||||||
final EvidenceCollection productEvidence = dependency.getProductEvidence();
|
final EvidenceCollection productEvidence = dependency.getProductEvidence();
|
||||||
final EvidenceCollection vendorEvidence = dependency.getVendorEvidence();
|
final EvidenceCollection vendorEvidence = dependency.getVendorEvidence();
|
||||||
if (json.containsKey("name")) {
|
if (json.containsKey("name")) {
|
||||||
Object value = json.get("name");
|
final Object value = json.get("name");
|
||||||
if (value instanceof JsonString) {
|
if (value instanceof JsonString) {
|
||||||
String valueString = ((JsonString) value).getString();
|
final String valueString = ((JsonString) value).getString();
|
||||||
productEvidence.addEvidence(PACKAGE_JSON, "name", valueString, Confidence.HIGHEST);
|
productEvidence.addEvidence(PACKAGE_JSON, "name", valueString, Confidence.HIGHEST);
|
||||||
vendorEvidence.addEvidence(PACKAGE_JSON, "name_project", String.format("%s_project", valueString), Confidence.LOW);
|
vendorEvidence.addEvidence(PACKAGE_JSON, "name_project", String.format("%s_project", valueString), Confidence.LOW);
|
||||||
} else {
|
} else {
|
||||||
@@ -146,20 +152,21 @@ public class NodePackageAnalyzer extends AbstractFileTypeAnalyzer {
|
|||||||
|
|
||||||
private void addToEvidence(JsonObject json, EvidenceCollection collection, String key) {
|
private void addToEvidence(JsonObject json, EvidenceCollection collection, String key) {
|
||||||
if (json.containsKey(key)) {
|
if (json.containsKey(key)) {
|
||||||
Object value = json.get(key);
|
final JsonValue value = json.get(key);
|
||||||
if (value instanceof JsonString) {
|
if (value instanceof JsonString) {
|
||||||
collection.addEvidence(PACKAGE_JSON, key, ((JsonString) value).getString(), Confidence.HIGHEST);
|
collection.addEvidence(PACKAGE_JSON, key, ((JsonString) value).getString(), Confidence.HIGHEST);
|
||||||
} else if (value instanceof JsonObject) {
|
} else if (value instanceof JsonObject) {
|
||||||
final JsonObject jsonObject = (JsonObject) value;
|
final JsonObject jsonObject = (JsonObject) value;
|
||||||
for (String property : jsonObject.keySet()) {
|
for (final Map.Entry<String, JsonValue> entry : jsonObject.entrySet()) {
|
||||||
final Object subValue = jsonObject.get(property);
|
final String property = entry.getKey();
|
||||||
|
final JsonValue subValue = entry.getValue();
|
||||||
if (subValue instanceof JsonString) {
|
if (subValue instanceof JsonString) {
|
||||||
collection.addEvidence(PACKAGE_JSON,
|
collection.addEvidence(PACKAGE_JSON,
|
||||||
String.format("%s.%s", key, property),
|
String.format("%s.%s", key, property),
|
||||||
((JsonString) subValue).getString(),
|
((JsonString) subValue).getString(),
|
||||||
Confidence.HIGHEST);
|
Confidence.HIGHEST);
|
||||||
} else {
|
} else {
|
||||||
LOGGER.warn("JSON sub-value not string as expected: %s");
|
LOGGER.warn("JSON sub-value not string as expected: %s", subValue);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
|
|||||||
@@ -490,7 +490,7 @@ public class CveDB {
|
|||||||
deleteReferences = getConnection().prepareStatement(statementBundle.getString("DELETE_REFERENCE"));
|
deleteReferences = getConnection().prepareStatement(statementBundle.getString("DELETE_REFERENCE"));
|
||||||
deleteSoftware = getConnection().prepareStatement(statementBundle.getString("DELETE_SOFTWARE"));
|
deleteSoftware = getConnection().prepareStatement(statementBundle.getString("DELETE_SOFTWARE"));
|
||||||
updateVulnerability = getConnection().prepareStatement(statementBundle.getString("UPDATE_VULNERABILITY"));
|
updateVulnerability = getConnection().prepareStatement(statementBundle.getString("UPDATE_VULNERABILITY"));
|
||||||
String ids[] = {"id"};
|
final String ids[] = {"id"};
|
||||||
insertVulnerability = getConnection().prepareStatement(statementBundle.getString("INSERT_VULNERABILITY"),
|
insertVulnerability = getConnection().prepareStatement(statementBundle.getString("INSERT_VULNERABILITY"),
|
||||||
//Statement.RETURN_GENERATED_KEYS);
|
//Statement.RETURN_GENERATED_KEYS);
|
||||||
ids);
|
ids);
|
||||||
|
|||||||
@@ -24,7 +24,6 @@ import java.io.FileOutputStream;
|
|||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.net.MalformedURLException;
|
import java.net.MalformedURLException;
|
||||||
import java.net.URL;
|
import java.net.URL;
|
||||||
import java.util.Date;
|
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.zip.GZIPInputStream;
|
import java.util.zip.GZIPInputStream;
|
||||||
import javax.xml.parsers.ParserConfigurationException;
|
import javax.xml.parsers.ParserConfigurationException;
|
||||||
@@ -69,8 +68,8 @@ public class CpeUpdater extends BaseUpdater implements CachedWebDataSource {
|
|||||||
for (Cpe cpe : cpes) {
|
for (Cpe cpe : cpes) {
|
||||||
getCveDB().addCpe(cpe.getValue(), cpe.getVendor(), cpe.getProduct());
|
getCveDB().addCpe(cpe.getValue(), cpe.getVendor(), cpe.getProduct());
|
||||||
}
|
}
|
||||||
final Date now = new Date();
|
final long now = System.currentTimeMillis();
|
||||||
getProperties().save(LAST_CPE_UPDATE, Long.toString(now.getTime()));
|
getProperties().save(LAST_CPE_UPDATE, Long.toString(now));
|
||||||
LOGGER.info("CPE update complete");
|
LOGGER.info("CPE update complete");
|
||||||
}
|
}
|
||||||
} finally {
|
} finally {
|
||||||
@@ -134,14 +133,14 @@ public class CpeUpdater extends BaseUpdater implements CachedWebDataSource {
|
|||||||
* @return true if the CPE data should be refreshed
|
* @return true if the CPE data should be refreshed
|
||||||
*/
|
*/
|
||||||
private boolean updateNeeded() {
|
private boolean updateNeeded() {
|
||||||
final Date now = new Date();
|
final long now = System.currentTimeMillis();
|
||||||
final int days = Settings.getInt(Settings.KEYS.CVE_MODIFIED_VALID_FOR_DAYS, 30);
|
final int days = Settings.getInt(Settings.KEYS.CVE_MODIFIED_VALID_FOR_DAYS, 30);
|
||||||
long timestamp = 0;
|
long timestamp = 0;
|
||||||
final String ts = getProperties().getProperty(LAST_CPE_UPDATE);
|
final String ts = getProperties().getProperty(LAST_CPE_UPDATE);
|
||||||
if (ts != null && ts.matches("^[0-9]+$")) {
|
if (ts != null && ts.matches("^[0-9]+$")) {
|
||||||
timestamp = Long.parseLong(ts);
|
timestamp = Long.parseLong(ts);
|
||||||
}
|
}
|
||||||
return !DateUtil.withinDateRange(timestamp, now.getTime(), days);
|
return !DateUtil.withinDateRange(timestamp, now, days);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
@@ -21,7 +21,6 @@ import java.io.IOException;
|
|||||||
import java.net.HttpURLConnection;
|
import java.net.HttpURLConnection;
|
||||||
import java.net.MalformedURLException;
|
import java.net.MalformedURLException;
|
||||||
import java.net.URL;
|
import java.net.URL;
|
||||||
import java.util.Date;
|
|
||||||
import org.apache.commons.io.IOUtils;
|
import org.apache.commons.io.IOUtils;
|
||||||
import org.owasp.dependencycheck.data.nvdcve.CveDB;
|
import org.owasp.dependencycheck.data.nvdcve.CveDB;
|
||||||
import org.owasp.dependencycheck.data.nvdcve.DatabaseException;
|
import org.owasp.dependencycheck.data.nvdcve.DatabaseException;
|
||||||
@@ -88,7 +87,7 @@ public class EngineVersionCheck implements CachedWebDataSource {
|
|||||||
LOGGER.debug("Begin Engine Version Check");
|
LOGGER.debug("Begin Engine Version Check");
|
||||||
final DatabaseProperties properties = cveDB.getDatabaseProperties();
|
final DatabaseProperties properties = cveDB.getDatabaseProperties();
|
||||||
final long lastChecked = Long.parseLong(properties.getProperty(ENGINE_VERSION_CHECKED_ON, "0"));
|
final long lastChecked = Long.parseLong(properties.getProperty(ENGINE_VERSION_CHECKED_ON, "0"));
|
||||||
final long now = (new Date()).getTime();
|
final long now = System.currentTimeMillis();
|
||||||
updateToVersion = properties.getProperty(CURRENT_ENGINE_RELEASE, "");
|
updateToVersion = properties.getProperty(CURRENT_ENGINE_RELEASE, "");
|
||||||
final String currentVersion = Settings.getString(Settings.KEYS.APPLICATION_VERSION, "0.0.0");
|
final String currentVersion = Settings.getString(Settings.KEYS.APPLICATION_VERSION, "0.0.0");
|
||||||
LOGGER.debug("Last checked: {}", lastChecked);
|
LOGGER.debug("Last checked: {}", lastChecked);
|
||||||
|
|||||||
@@ -19,7 +19,6 @@ package org.owasp.dependencycheck.data.update;
|
|||||||
|
|
||||||
import java.net.MalformedURLException;
|
import java.net.MalformedURLException;
|
||||||
import java.util.Calendar;
|
import java.util.Calendar;
|
||||||
import java.util.Date;
|
|
||||||
import java.util.HashSet;
|
import java.util.HashSet;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
import java.util.concurrent.ExecutionException;
|
import java.util.concurrent.ExecutionException;
|
||||||
@@ -214,11 +213,11 @@ public class NvdCveUpdater extends BaseUpdater implements CachedWebDataSource {
|
|||||||
if (!getProperties().isEmpty()) {
|
if (!getProperties().isEmpty()) {
|
||||||
try {
|
try {
|
||||||
final long lastUpdated = Long.parseLong(getProperties().getProperty(DatabaseProperties.LAST_UPDATED, "0"));
|
final long lastUpdated = Long.parseLong(getProperties().getProperty(DatabaseProperties.LAST_UPDATED, "0"));
|
||||||
final Date now = new Date();
|
final long now = System.currentTimeMillis();
|
||||||
final int days = Settings.getInt(Settings.KEYS.CVE_MODIFIED_VALID_FOR_DAYS, 7);
|
final int days = Settings.getInt(Settings.KEYS.CVE_MODIFIED_VALID_FOR_DAYS, 7);
|
||||||
if (lastUpdated == updates.getTimeStamp(MODIFIED)) {
|
if (lastUpdated == updates.getTimeStamp(MODIFIED)) {
|
||||||
updates.clear(); //we don't need to update anything.
|
updates.clear(); //we don't need to update anything.
|
||||||
} else if (DateUtil.withinDateRange(lastUpdated, now.getTime(), days)) {
|
} else if (DateUtil.withinDateRange(lastUpdated, now, days)) {
|
||||||
for (NvdCveInfo entry : updates) {
|
for (NvdCveInfo entry : updates) {
|
||||||
if (MODIFIED.equals(entry.getId())) {
|
if (MODIFIED.equals(entry.getId())) {
|
||||||
entry.setNeedsUpdate(true);
|
entry.setNeedsUpdate(true);
|
||||||
|
|||||||
@@ -179,7 +179,7 @@ public class CPEHandler extends DefaultHandler {
|
|||||||
/**
|
/**
|
||||||
* A simple class to maintain information about the current element while parsing the CPE XML.
|
* A simple class to maintain information about the current element while parsing the CPE XML.
|
||||||
*/
|
*/
|
||||||
protected class Element {
|
protected static final class Element {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* A node type in the CPE Schema 2.2
|
* A node type in the CPE Schema 2.2
|
||||||
|
|||||||
@@ -31,7 +31,6 @@ import java.io.UnsupportedEncodingException;
|
|||||||
import java.net.URLDecoder;
|
import java.net.URLDecoder;
|
||||||
import java.util.Enumeration;
|
import java.util.Enumeration;
|
||||||
import java.util.Properties;
|
import java.util.Properties;
|
||||||
import java.util.logging.Level;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* A simple settings container that wraps the dependencycheck.properties file.
|
* A simple settings container that wraps the dependencycheck.properties file.
|
||||||
@@ -626,11 +625,9 @@ public final class Settings {
|
|||||||
*/
|
*/
|
||||||
public static File getTempDirectory() throws IOException {
|
public static File getTempDirectory() throws IOException {
|
||||||
final File tmpDir = new File(Settings.getString(Settings.KEYS.TEMP_DIRECTORY, System.getProperty("java.io.tmpdir")), "dctemp");
|
final File tmpDir = new File(Settings.getString(Settings.KEYS.TEMP_DIRECTORY, System.getProperty("java.io.tmpdir")), "dctemp");
|
||||||
if (!tmpDir.exists()) {
|
if (!tmpDir.exists() && !tmpDir.mkdirs()) {
|
||||||
if (!tmpDir.mkdirs()) {
|
final String msg = String.format("Unable to make a temporary folder '%s'", tmpDir.getPath());
|
||||||
final String msg = String.format("Unable to make a temporary folder '%s'", tmpDir.getPath());
|
throw new IOException(msg);
|
||||||
throw new IOException(msg);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
tempDirectory = tmpDir;
|
tempDirectory = tmpDir;
|
||||||
return tmpDir;
|
return tmpDir;
|
||||||
|
|||||||
10
pom.xml
10
pom.xml
@@ -620,16 +620,6 @@ Copyright (c) 2012 - Jeremy Long
|
|||||||
<artifactId>slf4j-api</artifactId>
|
<artifactId>slf4j-api</artifactId>
|
||||||
<version>${slf4j.version}</version>
|
<version>${slf4j.version}</version>
|
||||||
</dependency>
|
</dependency>
|
||||||
<dependency>
|
|
||||||
<groupId>org.slf4j</groupId>
|
|
||||||
<artifactId>slf4j-ext</artifactId>
|
|
||||||
<version>${slf4j.version}</version>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.slf4j</groupId>
|
|
||||||
<artifactId>slf4j-jdk14</artifactId>
|
|
||||||
<version>${slf4j.version}</version>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.slf4j</groupId>
|
<groupId>org.slf4j</groupId>
|
||||||
<artifactId>slf4j-simple</artifactId>
|
<artifactId>slf4j-simple</artifactId>
|
||||||
|
|||||||
Reference in New Issue
Block a user