From 50282160583a8cfb62d23a4bce06eeba3c08b63f Mon Sep 17 00:00:00 2001 From: Jeremy Long Date: Sun, 23 Mar 2014 23:05:41 -0400 Subject: [PATCH] added enabled properties in support of issue #86 Former-commit-id: e6df3962e1e96b28fad499694b580423cd1cb7b5 --- .../owasp/dependencycheck/utils/Settings.java | 36 +++++++++++-------- .../main/resources/dependencycheck.properties | 6 ++++ 2 files changed, 27 insertions(+), 15 deletions(-) diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/utils/Settings.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/utils/Settings.java index 563202f8f..69cad756b 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/utils/Settings.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/utils/Settings.java @@ -145,25 +145,30 @@ public final class Settings { * The key for a list of suppression files. */ public static final String SUPPRESSION_FILE = "suppression.file"; + /** + * The properties key for whether the Jar Analyzer is enabled. + */ + public static final String ANALYZER_JAR_ENABLED = "analyzer.jar.enabled"; + /** + * The properties key for whether the Archive analyzer is enabled. + */ + public static final String ANALYZER_ARCHIVE_ENABLED = "analyzer.archive.enabled"; + /** + * The properties key for whether the .NET Assembly analyzer is enabled. + */ + public static final String ANALYZER_ASSEMBLY_ENABLED = "analyzer.assembly.enabled"; + /** + * The properties key for whether the .NET Nuspec analyzer is enabled. + */ + public static final String ANALYZER_NUSPEC_ENABLED = "analyzer.nuspec.enabled"; + /** + * The properties key for whether the JavaScript analyzer is enabled. + */ + public static final String ANALYZER_JAVASCRIPT_ENABLED = "analyzer.javascript.enabled"; /** * The properties key for whether the Nexus analyzer is enabled. */ - @Deprecated public static final String ANALYZER_NEXUS_ENABLED = "analyzer.nexus.enabled"; - /** - * The properties key used to determine if a given file type analyzer is enabled; - */ - private static final String FILE_ANALYZER_ENABLED = "analyzer.%s.enabled"; - - /** - * Returns the properties file key to determine if a given File Type Analyzer is enabled. - * - * @param key the properties file ID for a given FileTypeAnalyzer (jar, nexus, etc.) - * @return the properties file key for enabling/disabling a given File Type Analyzer - */ - public static final String getFileAnalyzerEnabledKey(String key) { - return String.format(FILE_ANALYZER_ENABLED, key); - } /** * The properties key for the Nexus search URL. */ @@ -533,6 +538,7 @@ public final class Settings { * the values in the contained configuration file. * * @param key the key to lookup within the properties file + * @param defaultValue the default value to return if the setting does not exist * @return the property from the properties file * @throws InvalidSettingException is thrown if there is an error retrieving the setting */ diff --git a/dependency-check-core/src/main/resources/dependencycheck.properties b/dependency-check-core/src/main/resources/dependencycheck.properties index 837c7c91f..48686bcd5 100644 --- a/dependency-check-core/src/main/resources/dependencycheck.properties +++ b/dependency-check-core/src/main/resources/dependencycheck.properties @@ -42,6 +42,12 @@ cve.startyear=2002 cve.url-2.0.base=http://static.nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-%d.xml cve.url-1.2.base=http://nvd.nist.gov/download/nvdcve-%d.xml +# file type analyzer settings: +analyzer.archive.enabled=true +analyzer.jar.enabled=true +analyzer.nuspec.enabled=true +analyzer.assembly.enabled=true + # the URL for searching Nexus for SHA-1 hashes and whether it's enabled analyzer.nexus.enabled=true analyzer.nexus.url=http://repository.sonatype.org/service/local/