mirror of
https://github.com/ysoftdevs/DependencyCheck.git
synced 2026-01-14 15:53:36 +01:00
cleanup from reviews. Mostly formatting
This commit is contained in:
brianf
@@ -154,7 +154,7 @@ public class CMakeAnalyzer extends AbstractFileTypeAnalyzer {
|
||||
@Override
|
||||
protected void analyzeDependency(Dependency dependency, Engine engine)
|
||||
throws AnalysisException {
|
||||
dependency.setEcosystem(DEPENDENCY_ECOSYSTEM);
|
||||
dependency.setEcosystem(DEPENDENCY_ECOSYSTEM);
|
||||
final File file = dependency.getActualFile();
|
||||
final String name = file.getName();
|
||||
String contents;
|
||||
|
||||
@@ -43,11 +43,11 @@ import org.owasp.dependencycheck.utils.Settings;
|
||||
@Experimental
|
||||
public class CocoaPodsAnalyzer extends AbstractFileTypeAnalyzer {
|
||||
|
||||
/**
|
||||
* A descriptor for the type of dependencies processed or added by this analyzer
|
||||
*/
|
||||
public static final String DEPENDENCY_ECOSYSTEM = "CocoaPod";
|
||||
|
||||
/**
|
||||
* A descriptor for the type of dependencies processed or added by this analyzer
|
||||
*/
|
||||
public static final String DEPENDENCY_ECOSYSTEM = "CocoaPod";
|
||||
|
||||
/**
|
||||
* The logger.
|
||||
*/
|
||||
@@ -127,7 +127,7 @@ public class CocoaPodsAnalyzer extends AbstractFileTypeAnalyzer {
|
||||
protected void analyzeDependency(Dependency dependency, Engine engine)
|
||||
throws AnalysisException {
|
||||
|
||||
dependency.setEcosystem(DEPENDENCY_ECOSYSTEM);
|
||||
dependency.setEcosystem(DEPENDENCY_ECOSYSTEM);
|
||||
String contents;
|
||||
try {
|
||||
contents = FileUtils.readFileToString(dependency.getActualFile(), Charset.defaultCharset());
|
||||
|
||||
@@ -46,11 +46,11 @@ import java.security.NoSuchAlgorithmException;
|
||||
@Experimental
|
||||
public class ComposerLockAnalyzer extends AbstractFileTypeAnalyzer {
|
||||
|
||||
/**
|
||||
* A descriptor for the type of dependencies processed or added by this analyzer
|
||||
*/
|
||||
public static final String DEPENDENCY_ECOSYSTEM = "Composer";
|
||||
|
||||
/**
|
||||
* A descriptor for the type of dependencies processed or added by this analyzer
|
||||
*/
|
||||
public static final String DEPENDENCY_ECOSYSTEM = "Composer";
|
||||
|
||||
/**
|
||||
* The logger.
|
||||
*/
|
||||
@@ -117,10 +117,8 @@ public class ComposerLockAnalyzer extends AbstractFileTypeAnalyzer {
|
||||
final Dependency d = new Dependency(dependency.getActualFile());
|
||||
final String filePath = String.format("%s:%s/%s/%s", dependency.getFilePath(), dep.getGroup(), dep.getProject(), dep.getVersion());
|
||||
d.setName(dep.getProject());
|
||||
d.setVersion(dep.getVersion());
|
||||
|
||||
d.setEcosystem(DEPENDENCY_ECOSYSTEM);
|
||||
|
||||
d.setVersion(dep.getVersion());
|
||||
d.setEcosystem(DEPENDENCY_ECOSYSTEM);
|
||||
final MessageDigest sha1 = getSha1MessageDigest();
|
||||
d.setFilePath(filePath);
|
||||
d.setSha1sum(Checksum.getHex(sha1.digest(filePath.getBytes(Charset.defaultCharset()))));
|
||||
@@ -133,13 +131,12 @@ public class ComposerLockAnalyzer extends AbstractFileTypeAnalyzer {
|
||||
//make sure we only remove the main dependency if we went through this loop at least once.
|
||||
processedAtLeastOneDep = true;
|
||||
}
|
||||
//remove the dependency at the end because it's referenced in the loop itself.
|
||||
//double check the name to be sure we only remove the generic entry.
|
||||
if (processedAtLeastOneDep && dependency.getDisplayFileName().equalsIgnoreCase("composer.lock")) {
|
||||
LOGGER.debug("Removing main redundant dependency {}",dependency.getDisplayFileName());
|
||||
engine.getDependencies().remove(dependency);
|
||||
|
||||
}
|
||||
// remove the dependency at the end because it's referenced in the loop itself.
|
||||
// double check the name to be sure we only remove the generic entry.
|
||||
if (processedAtLeastOneDep && dependency.getDisplayFileName().equalsIgnoreCase("composer.lock")) {
|
||||
LOGGER.debug("Removing main redundant dependency {}", dependency.getDisplayFileName());
|
||||
engine.getDependencies().remove(dependency);
|
||||
}
|
||||
} catch (IOException ex) {
|
||||
LOGGER.warn("Error opening dependency {}", dependency.getActualFilePath());
|
||||
} catch (ComposerException ce) {
|
||||
|
||||
@@ -49,11 +49,11 @@ import org.owasp.dependencycheck.exception.InitializationException;
|
||||
@Experimental
|
||||
public class NodePackageAnalyzer extends AbstractFileTypeAnalyzer {
|
||||
|
||||
/**
|
||||
* A descriptor for the type of dependencies processed or added by this analyzer
|
||||
*/
|
||||
public static final String DEPENDENCY_ECOSYSTEM = "npm";
|
||||
|
||||
/**
|
||||
* A descriptor for the type of dependencies processed or added by this analyzer
|
||||
*/
|
||||
public static final String DEPENDENCY_ECOSYSTEM = "npm";
|
||||
|
||||
/**
|
||||
* The logger.
|
||||
*/
|
||||
@@ -125,39 +125,40 @@ public class NodePackageAnalyzer extends AbstractFileTypeAnalyzer {
|
||||
return Settings.KEYS.ANALYZER_NODE_PACKAGE_ENABLED;
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void analyzeDependency(Dependency dependency, Engine engine) throws AnalysisException {
|
||||
dependency.setEcosystem(DEPENDENCY_ECOSYSTEM);
|
||||
final File file = dependency.getActualFile();
|
||||
if (!file.isFile() || file.length()==0) {
|
||||
return;
|
||||
}
|
||||
try (JsonReader jsonReader = Json.createReader(FileUtils.openInputStream(file))) {
|
||||
final JsonObject json = jsonReader.readObject();
|
||||
final EvidenceCollection productEvidence = dependency.getProductEvidence();
|
||||
final EvidenceCollection vendorEvidence = dependency.getVendorEvidence();
|
||||
if (json.containsKey("name")) {
|
||||
final Object value = json.get("name");
|
||||
if (value instanceof JsonString) {
|
||||
final String valueString = ((JsonString) value).getString();
|
||||
productEvidence.addEvidence(PACKAGE_JSON, "name", valueString, Confidence.HIGHEST);
|
||||
dependency.setName(valueString);
|
||||
vendorEvidence.addEvidence(PACKAGE_JSON, "name_project", String.format("%s_project", valueString), Confidence.LOW);
|
||||
} else {
|
||||
LOGGER.warn("JSON value not string as expected: {}", value);
|
||||
}
|
||||
}
|
||||
addToEvidence(json, productEvidence, "description");
|
||||
addToEvidence(json, vendorEvidence, "author");
|
||||
final String version = addToEvidence(json, dependency.getVersionEvidence(), "version");
|
||||
dependency.setVersion(version);
|
||||
|
||||
} catch (JsonException e) {
|
||||
LOGGER.warn("Failed to parse package.json file.", e);
|
||||
} catch (IOException e) {
|
||||
throw new AnalysisException("Problem occurred while reading dependency file.", e);
|
||||
}
|
||||
}
|
||||
@Override
|
||||
protected void analyzeDependency(Dependency dependency, Engine engine) throws AnalysisException {
|
||||
dependency.setEcosystem(DEPENDENCY_ECOSYSTEM);
|
||||
final File file = dependency.getActualFile();
|
||||
if (!file.isFile() || file.length() == 0) {
|
||||
return;
|
||||
}
|
||||
try (JsonReader jsonReader = Json.createReader(FileUtils.openInputStream(file))) {
|
||||
final JsonObject json = jsonReader.readObject();
|
||||
final EvidenceCollection productEvidence = dependency.getProductEvidence();
|
||||
final EvidenceCollection vendorEvidence = dependency.getVendorEvidence();
|
||||
if (json.containsKey("name")) {
|
||||
final Object value = json.get("name");
|
||||
if (value instanceof JsonString) {
|
||||
final String valueString = ((JsonString) value).getString();
|
||||
productEvidence.addEvidence(PACKAGE_JSON, "name", valueString, Confidence.HIGHEST);
|
||||
dependency.setName(valueString);
|
||||
vendorEvidence.addEvidence(PACKAGE_JSON, "name_project", String.format("%s_project", valueString),
|
||||
Confidence.LOW);
|
||||
} else {
|
||||
LOGGER.warn("JSON value not string as expected: {}", value);
|
||||
}
|
||||
}
|
||||
addToEvidence(json, productEvidence, "description");
|
||||
addToEvidence(json, vendorEvidence, "author");
|
||||
final String version = addToEvidence(json, dependency.getVersionEvidence(), "version");
|
||||
dependency.setVersion(version);
|
||||
|
||||
} catch (JsonException e) {
|
||||
LOGGER.warn("Failed to parse package.json file.", e);
|
||||
} catch (IOException e) {
|
||||
throw new AnalysisException("Problem occurred while reading dependency file.", e);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Adds information to an evidence collection from the node json
|
||||
|
||||
@@ -57,10 +57,10 @@ import java.util.concurrent.atomic.AtomicInteger;
|
||||
@Experimental
|
||||
public class PythonDistributionAnalyzer extends AbstractFileTypeAnalyzer {
|
||||
|
||||
/**
|
||||
* A descriptor for the type of dependencies processed or added by this analyzer
|
||||
*/
|
||||
public static final String DEPENDENCY_ECOSYSTEM = "Python.Dist";
|
||||
/**
|
||||
* A descriptor for the type of dependencies processed or added by this analyzer
|
||||
*/
|
||||
public static final String DEPENDENCY_ECOSYSTEM = "Python.Dist";
|
||||
|
||||
/**
|
||||
* Name of egg metadata files to analyze.
|
||||
@@ -189,7 +189,7 @@ public class PythonDistributionAnalyzer extends AbstractFileTypeAnalyzer {
|
||||
protected void analyzeDependency(Dependency dependency, Engine engine)
|
||||
throws AnalysisException {
|
||||
|
||||
dependency.setEcosystem(DEPENDENCY_ECOSYSTEM);
|
||||
dependency.setEcosystem(DEPENDENCY_ECOSYSTEM);
|
||||
final File actualFile = dependency.getActualFile();
|
||||
if (WHL_FILTER.accept(actualFile)) {
|
||||
collectMetadataFromArchiveFormat(dependency, DIST_INFO_FILTER,
|
||||
@@ -304,11 +304,9 @@ public class PythonDistributionAnalyzer extends AbstractFileTypeAnalyzer {
|
||||
"Version", Confidence.HIGHEST);
|
||||
addPropertyToEvidence(headers, dependency.getProductEvidence(), "Name",
|
||||
Confidence.HIGHEST);
|
||||
|
||||
dependency.setName(headers.getHeader("Name", null));
|
||||
dependency.setVersion(headers.getHeader("Version", null));
|
||||
|
||||
final String url = headers.getHeader("Home-page", null);
|
||||
dependency.setName(headers.getHeader("Name", null));
|
||||
dependency.setVersion(headers.getHeader("Version", null));
|
||||
final String url = headers.getHeader("Home-page", null);
|
||||
final EvidenceCollection vendorEvidence = dependency
|
||||
.getVendorEvidence();
|
||||
if (StringUtils.isNotBlank(url)) {
|
||||
|
||||
@@ -47,10 +47,10 @@ import org.owasp.dependencycheck.exception.InitializationException;
|
||||
public class PythonPackageAnalyzer extends AbstractFileTypeAnalyzer {
|
||||
|
||||
/**
|
||||
* A descriptor for the type of dependencies processed or added by this analyzer
|
||||
*/
|
||||
public static final String DEPENDENCY_ECOSYSTEM = "Python.Pkg";
|
||||
|
||||
* A descriptor for the type of dependencies processed or added by this analyzer
|
||||
*/
|
||||
public static final String DEPENDENCY_ECOSYSTEM = "Python.Pkg";
|
||||
|
||||
/**
|
||||
* Used when compiling file scanning regex patterns.
|
||||
*/
|
||||
@@ -178,7 +178,7 @@ public class PythonPackageAnalyzer extends AbstractFileTypeAnalyzer {
|
||||
@Override
|
||||
protected void analyzeDependency(Dependency dependency, Engine engine)
|
||||
throws AnalysisException {
|
||||
dependency.setEcosystem(DEPENDENCY_ECOSYSTEM);
|
||||
dependency.setEcosystem(DEPENDENCY_ECOSYSTEM);
|
||||
final File file = dependency.getActualFile();
|
||||
final File parent = file.getParentFile();
|
||||
final String parentName = parent.getName();
|
||||
@@ -186,7 +186,7 @@ public class PythonPackageAnalyzer extends AbstractFileTypeAnalyzer {
|
||||
//by definition, the containing folder of __init__.py is considered the package, even the file is empty:
|
||||
//"The __init__.py files are required to make Python treat the directories as containing packages"
|
||||
//see section "6.4 Packages" from https://docs.python.org/2/tutorial/modules.html;
|
||||
dependency.setName(parentName);
|
||||
dependency.setName(parentName);
|
||||
dependency.getProductEvidence().addEvidence(file.getName(),
|
||||
"PackageName", parentName, Confidence.HIGHEST);
|
||||
|
||||
@@ -329,17 +329,16 @@ public class PythonPackageAnalyzer extends AbstractFileTypeAnalyzer {
|
||||
* @param confidence in evidence
|
||||
* @return whether evidence was found
|
||||
*/
|
||||
private boolean gatherVersionEvidence(Pattern pattern, String contents,
|
||||
String source, EvidenceCollection evidence, String name,
|
||||
Confidence confidence,Dependency d) {
|
||||
final Matcher matcher = pattern.matcher(contents);
|
||||
final boolean found = matcher.find();
|
||||
if (found) {
|
||||
evidence.addEvidence(source, name, matcher.group(4), confidence);
|
||||
d.setVersion(matcher.group(4));
|
||||
}
|
||||
return found;
|
||||
}
|
||||
private boolean gatherVersionEvidence(Pattern pattern, String contents, String source, EvidenceCollection evidence,
|
||||
String name, Confidence confidence, Dependency d) {
|
||||
final Matcher matcher = pattern.matcher(contents);
|
||||
final boolean found = matcher.find();
|
||||
if (found) {
|
||||
evidence.addEvidence(source, name, matcher.group(4), confidence);
|
||||
d.setVersion(matcher.group(4));
|
||||
}
|
||||
return found;
|
||||
}
|
||||
|
||||
@Override
|
||||
protected String getAnalyzerEnabledSettingKey() {
|
||||
|
||||
@@ -49,10 +49,10 @@ import org.slf4j.LoggerFactory;
|
||||
public class RubyGemspecAnalyzer extends AbstractFileTypeAnalyzer {
|
||||
|
||||
/**
|
||||
* A descriptor for the type of dependencies processed or added by this analyzer
|
||||
*/
|
||||
public static final String DEPENDENCY_ECOSYSTEM = "Ruby.Bundle";
|
||||
|
||||
* A descriptor for the type of dependencies processed or added by this analyzer
|
||||
*/
|
||||
public static final String DEPENDENCY_ECOSYSTEM = "Ruby.Bundle";
|
||||
|
||||
/**
|
||||
* The logger.
|
||||
*/
|
||||
@@ -137,7 +137,7 @@ public class RubyGemspecAnalyzer extends AbstractFileTypeAnalyzer {
|
||||
@Override
|
||||
protected void analyzeDependency(Dependency dependency, Engine engine)
|
||||
throws AnalysisException {
|
||||
dependency.setEcosystem(DEPENDENCY_ECOSYSTEM);
|
||||
dependency.setEcosystem(DEPENDENCY_ECOSYSTEM);
|
||||
String contents;
|
||||
try {
|
||||
contents = FileUtils.readFileToString(dependency.getActualFile(), Charset.defaultCharset());
|
||||
@@ -153,10 +153,10 @@ public class RubyGemspecAnalyzer extends AbstractFileTypeAnalyzer {
|
||||
final EvidenceCollection vendor = dependency.getVendorEvidence();
|
||||
final EvidenceCollection product = dependency.getProductEvidence();
|
||||
final String name = addStringEvidence(product, contents, blockVariable, "name", "name", Confidence.HIGHEST);
|
||||
if (!name.isEmpty()) {
|
||||
dependency.setName(name);
|
||||
vendor.addEvidence(GEMSPEC, "name_project", name + "_project", Confidence.LOW);
|
||||
}
|
||||
if (!name.isEmpty()) {
|
||||
dependency.setName(name);
|
||||
vendor.addEvidence(GEMSPEC, "name_project", name + "_project", Confidence.LOW);
|
||||
}
|
||||
addStringEvidence(product, contents, blockVariable, "summary", "summary", Confidence.LOW);
|
||||
|
||||
addStringEvidence(vendor, contents, blockVariable, "author", "authors?", Confidence.HIGHEST);
|
||||
@@ -164,17 +164,15 @@ public class RubyGemspecAnalyzer extends AbstractFileTypeAnalyzer {
|
||||
addStringEvidence(vendor, contents, blockVariable, "homepage", "homepage", Confidence.HIGHEST);
|
||||
addStringEvidence(vendor, contents, blockVariable, "license", "licen[cs]es?", Confidence.HIGHEST);
|
||||
|
||||
final String value = addStringEvidence(dependency.getVersionEvidence(), contents,
|
||||
blockVariable, "version", "version", Confidence.HIGHEST);
|
||||
final String value = addStringEvidence(dependency.getVersionEvidence(), contents, blockVariable, "version",
|
||||
"version", Confidence.HIGHEST);
|
||||
if (value.length() < 1) {
|
||||
addEvidenceFromVersionFile(dependency.getActualFile(), dependency.getVersionEvidence());
|
||||
}
|
||||
else
|
||||
{
|
||||
dependency.setVersion(value);
|
||||
}
|
||||
else {
|
||||
dependency.setVersion(value);
|
||||
}
|
||||
}
|
||||
|
||||
setPackagePath(dependency);
|
||||
}
|
||||
|
||||
|
||||
@@ -43,11 +43,11 @@ import org.owasp.dependencycheck.utils.Settings;
|
||||
@Experimental
|
||||
public class SwiftPackageManagerAnalyzer extends AbstractFileTypeAnalyzer {
|
||||
|
||||
/**
|
||||
* A descriptor for the type of dependencies processed or added by this analyzer
|
||||
*/
|
||||
public static final String DEPENDENCY_ECOSYSTEM = "Swift.PM";
|
||||
|
||||
/**
|
||||
* A descriptor for the type of dependencies processed or added by this analyzer
|
||||
*/
|
||||
public static final String DEPENDENCY_ECOSYSTEM = "Swift.PM";
|
||||
|
||||
/**
|
||||
* The name of the analyzer.
|
||||
*/
|
||||
@@ -124,8 +124,8 @@ public class SwiftPackageManagerAnalyzer extends AbstractFileTypeAnalyzer {
|
||||
protected void analyzeDependency(Dependency dependency, Engine engine)
|
||||
throws AnalysisException {
|
||||
|
||||
dependency.setEcosystem(DEPENDENCY_ECOSYSTEM);
|
||||
|
||||
dependency.setEcosystem(DEPENDENCY_ECOSYSTEM);
|
||||
|
||||
String contents;
|
||||
try {
|
||||
contents = FileUtils.readFileToString(dependency.getActualFile(), Charset.defaultCharset());
|
||||
@@ -143,18 +143,19 @@ public class SwiftPackageManagerAnalyzer extends AbstractFileTypeAnalyzer {
|
||||
final EvidenceCollection product = dependency.getProductEvidence();
|
||||
final EvidenceCollection vendor = dependency.getVendorEvidence();
|
||||
|
||||
//SPM is currently under development for SWIFT 3. Its current metadata includes package name and dependencies.
|
||||
//Future interesting metadata: version, license, homepage, author, summary, etc.
|
||||
final String name = addStringEvidence(product, packageDescription, "name", "name", Confidence.HIGHEST);
|
||||
if (name != null && !name.isEmpty()) {
|
||||
vendor.addEvidence(SPM_FILE_NAME, "name_project", name, Confidence.HIGHEST);
|
||||
dependency.setName(name);
|
||||
}
|
||||
else
|
||||
{
|
||||
//if we can't get the name from the meta, then assume the name is the name of the parent folder containing the package.swift file.
|
||||
dependency.setName(dependency.getActualFile().getParentFile().getName());
|
||||
}
|
||||
// SPM is currently under development for SWIFT 3. Its current metadata includes
|
||||
// package name and dependencies.
|
||||
// Future interesting metadata: version, license, homepage, author, summary,
|
||||
// etc.
|
||||
final String name = addStringEvidence(product, packageDescription, "name", "name", Confidence.HIGHEST);
|
||||
if (name != null && !name.isEmpty()) {
|
||||
vendor.addEvidence(SPM_FILE_NAME, "name_project", name, Confidence.HIGHEST);
|
||||
dependency.setName(name);
|
||||
} else {
|
||||
// if we can't get the name from the meta, then assume the name is the name of
|
||||
// the parent folder containing the package.swift file.
|
||||
dependency.setName(dependency.getActualFile().getParentFile().getName());
|
||||
}
|
||||
}
|
||||
setPackagePath(dependency);
|
||||
}
|
||||
|
||||
@@ -304,22 +304,18 @@ public class Dependency implements Serializable, Comparable<Dependency> {
|
||||
*
|
||||
* @return the file name to display
|
||||
*/
|
||||
public String getDisplayFileName() {
|
||||
if (displayName == null) {
|
||||
if(name != null) {
|
||||
if (version != null) {
|
||||
return name + ":" + version;
|
||||
}
|
||||
else {
|
||||
return name;
|
||||
}
|
||||
}
|
||||
else {
|
||||
return this.fileName;
|
||||
}
|
||||
}
|
||||
return this.displayName;
|
||||
}
|
||||
public String getDisplayFileName() {
|
||||
if (displayName != null) {
|
||||
return displayName;
|
||||
}
|
||||
if (name == null) {
|
||||
return fileName;
|
||||
}
|
||||
if (version == null) {
|
||||
return name;
|
||||
}
|
||||
return name + ":" + version;
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>
|
||||
@@ -880,7 +876,8 @@ public class Dependency implements Serializable, Comparable<Dependency> {
|
||||
}
|
||||
|
||||
/**
|
||||
* @param version the version to set
|
||||
* @param version
|
||||
* the version to set
|
||||
*/
|
||||
public void setVersion(String version) {
|
||||
this.version = version;
|
||||
@@ -894,7 +891,8 @@ public class Dependency implements Serializable, Comparable<Dependency> {
|
||||
}
|
||||
|
||||
/**
|
||||
* @param ecosystem the ecosystem to set
|
||||
* @param ecosystem
|
||||
* the ecosystem to set
|
||||
*/
|
||||
public void setEcosystem(String ecosystem) {
|
||||
this.ecosystem = ecosystem;
|
||||
|
||||
@@ -139,17 +139,15 @@ public class CMakeAnalyzerTest extends BaseDBTestCase {
|
||||
analyzer.analyze(result, null);
|
||||
|
||||
//this one finds nothing so it falls through to the filename. Can we do better?
|
||||
assertEquals("OpenCVDetectPython.cmake",result.getDisplayFileName());
|
||||
|
||||
|
||||
assertEquals("OpenCVDetectPython.cmake",result.getDisplayFileName());
|
||||
}
|
||||
|
||||
private void assertProductEvidence(Dependency result, String product) {
|
||||
assertEquals(product,result.getName());
|
||||
assertTrue("Expected product evidence to contain \"" + product + "\".",
|
||||
result.getProductEvidence().toString().contains(product));
|
||||
assertEquals(CMakeAnalyzer.DEPENDENCY_ECOSYSTEM,result.getEcosystem());
|
||||
}
|
||||
private void assertProductEvidence(Dependency result, String product) {
|
||||
assertEquals(product, result.getName());
|
||||
assertTrue("Expected product evidence to contain \"" + product + "\".",
|
||||
result.getProductEvidence().toString().contains(product));
|
||||
assertEquals(CMakeAnalyzer.DEPENDENCY_ECOSYSTEM, result.getEcosystem());
|
||||
}
|
||||
|
||||
/**
|
||||
* Test whether expected version evidence is gathered from OpenCV's third party cmake files.
|
||||
@@ -170,8 +168,7 @@ public class CMakeAnalyzerTest extends BaseDBTestCase {
|
||||
assertEquals("Number of additional dependencies should be 4.", 4, dependencies.size());
|
||||
final Dependency last = dependencies.get(3);
|
||||
assertProductEvidence(last, "libavresample");
|
||||
assertVersionEvidence(last, "1.0.1");
|
||||
|
||||
assertVersionEvidence(last, "1.0.1");
|
||||
}
|
||||
|
||||
private void assertVersionEvidence(Dependency result, String version) {
|
||||
|
||||
@@ -101,7 +101,7 @@ public class ComposerLockAnalyzerTest extends BaseDBTestCase {
|
||||
|
||||
final Dependency result = new Dependency(BaseTest.getResourceAsFile(this,
|
||||
"composer.lock"));
|
||||
///test that we don't remove the parent if it's not redundant by name
|
||||
//test that we don't remove the parent if it's not redundant by name
|
||||
result.setDisplayFileName("NotComposer.Lock");
|
||||
engine.getDependencies().add(result);
|
||||
analyzer.analyze(result, engine);
|
||||
|
||||
Reference in New Issue
Block a user