github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-14 15:53:36 +01:00
Code Issues Packages Projects Releases Wiki Activity

fixed issue with data directory and made a few other minor changes

Browse Source 
Former-commit-id: 74ba4f4ef797bfa13d6c7c3335951f1f9b11f690
This commit is contained in:
Jeremy Long
2013-08-01 10:57:44 -04:00
parent 32aabe78b1
commit 59fae2b80a
12 changed files with 269 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
dependency-check-cli/src/main/java/org/owasp/dependencycheck/cli/CliParser.java
View File

@@ -29,7 +29,6 @@ import org.apache.commons.cli.OptionGroup;
import org.apache.commons.cli.Options;
import org.apache.commons.cli.ParseException;
import org.apache.commons.cli.PosixParser;
import org.owasp.dependencycheck.reporting.ReportGenerator;
import org.owasp.dependencycheck.reporting.ReportGenerator.Format;
import org.owasp.dependencycheck.utils.Settings;

11
dependency-check-core/src/main/java/org/owasp/dependencycheck/data/cpe/Index.java
View File

@@ -66,12 +66,11 @@ public class Index extends AbstractIndex {
* @throws IOException is thrown if an IOException occurs of course...
*/
public File getDataDirectory() throws IOException {
final String fileName = Settings.getString(Settings.KEYS.CPE_DATA_DIRECTORY);
final String dataDirectory = Settings.getString(Settings.KEYS.DATA_DIRECTORY);
//final File path = FileUtils.getDataDirectory(fileName, Index.class);
final File path = new File(dataDirectory, fileName);
if (!path.exists() && !path.mkdirs()) {
throw new IOException("Unable to create CPE Data directory");
final File path = Settings.getFile(Settings.KEYS.CPE_DATA_DIRECTORY);
if (!path.exists()) {
if (!path.mkdirs()) {
throw new IOException("Unable to create CPE Data directory");
}
}
return path;
}

4
dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/CveDB.java
View File

@@ -523,9 +523,7 @@ public class CveDB {
* @throws IOException is thrown if an IOException occurs of course...
*/
public static File getDataDirectory() throws IOException {
final String fileName = Settings.getString(Settings.KEYS.CVE_DATA_DIRECTORY);
final String dataDirectory = Settings.getString(Settings.KEYS.DATA_DIRECTORY);
final File path = new File(dataDirectory, fileName);
final File path = Settings.getFile(Settings.KEYS.CVE_DATA_DIRECTORY);
if (!path.exists()) {
if (!path.mkdirs()) {
throw new IOException("Unable to create NVD CVE Data directory");

42
dependency-check-core/src/main/java/org/owasp/dependencycheck/utils/Settings.java
View File

@@ -23,6 +23,8 @@ import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.util.Properties;
import java.util.logging.Level;
import java.util.logging.Logger;
@@ -252,16 +254,48 @@ public final class Settings {
* argument - this method will return the value from the system properties
* before the values in the contained configuration file.
*
* This method will also replace a leading "[JAR]\" sequence with the path
* to the folder containing the JAR file containing this class.
*
* @param key the key to lookup within the properties file
* @return the property from the properties file converted to a File object
* @throws IOException thrown if the file path to the JAR cannot be found
*/
public static File getFile(String key) {
public static File getFile(String key) throws IOException {
final String file = getString(key);
final String baseDir = getString(Settings.KEYS.DATA_DIRECTORY);
final String tmp = getString(key);
if (baseDir != null) {
return new File(baseDir, tmp);
if (baseDir.startsWith("[JAR]/")) {
final File jarPath = getJarPath();
final File newBase = new File(jarPath.getCanonicalPath(), baseDir.substring(6));
return new File(newBase, file);
}
return new File(baseDir, file);
}
return new File(file);
}
/**
* Attempts to retrieve the folder containing the Jar file containing the
* Settings class.
*
* @return a File object
*/
private static File getJarPath() {
final String jarPath = Settings.class.getProtectionDomain().getCodeSource().getLocation().getPath();
String decodedPath = ".";
try {
decodedPath = URLDecoder.decode(jarPath, "UTF-8");
} catch (UnsupportedEncodingException ex) {
Logger.getLogger(Settings.class.getName()).log(Level.FINEST, null, ex);
}
final File path = new File(decodedPath);
if (path.getName().toLowerCase().endsWith(".jar")) {
return path.getParentFile();
} else {
return new File(".");
}
return new File(tmp);
}
/**

4
dependency-check-core/src/main/resources/dependencycheck.properties
View File

@@ -5,8 +5,8 @@ autoupdate=true
#temp.directory defaults to System.getProperty("java.io.tmpdir")
#temp.directory=[path to temp directory]
# the path to the data directory
data.directory=data
# the path to the data directory; if tis
data.directory=[JAR]/data
# the path to the lucene index to store the cpe data
data.cpe=cpe
# the path to the h2 database to store the nvd cve data

2
dependency-check-core/src/test/java/org/owasp/dependencycheck/utils/DownloaderIntegrationTest.java
View File

@@ -67,7 +67,7 @@ public class DownloaderIntegrationTest {
String outputPath = "target/downloaded_cpe.xml";
Downloader.fetchFile(url, outputPath, true);
url = new URL("http://static.nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-2010.xml");
url = new URL(Settings.getString(Settings.KEYS.CVE_MODIFIED_20_URL));
outputPath = "target/downloaded_cve.xml";
Downloader.fetchFile(url, outputPath, false);

2
dependency-check-core/src/test/java/org/owasp/dependencycheck/utils/SettingsTest.java
View File

@@ -67,7 +67,7 @@ public class SettingsTest {
* Test of getFile method, of class Settings.
*/
@Test
public void testGetFile() {
public void testGetFile() throws IOException {
String key = Settings.KEYS.CPE_DATA_DIRECTORY;
String expResult = "data" + File.separator + "cpe";
File result = Settings.getFile(key);

5
dependency-check-maven/pom.xml
View File

@@ -279,6 +279,11 @@ Copyright (c) 2013 Jeremy Long. All Rights Reserved.
<artifactId>maven-core</artifactId>
<version>3.0</version>
</dependency>
<dependency>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-site-plugin</artifactId>
<version>3.0</version>
</dependency>
<dependency>
<groupId>org.apache.maven.plugin-tools</groupId>
<artifactId>maven-plugin-annotations</artifactId>

21
dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/DependencyCheckMojo.java
View File

@@ -67,6 +67,10 @@ import org.owasp.dependencycheck.utils.Settings;
requiresOnline = true)
public class DependencyCheckMojo extends AbstractMojo implements MavenMultiPageReport {
/**
* The properties file location.
*/
private static final String PROPERTIES_FILE = "mojo.properties";
/**
* Name of the logging properties file.
*/
@@ -619,6 +623,23 @@ public class DependencyCheckMojo extends AbstractMojo implements MavenMultiPageR
* proxy url, port, and connection timeout.
*/
private void populateSettings() {
InputStream mojoProperties = null;
try {
mojoProperties = this.getClass().getClassLoader().getResourceAsStream(PROPERTIES_FILE);
Settings.mergeProperties(mojoProperties);
} catch (IOException ex) {
Logger.getLogger(DependencyCheckMojo.class.getName()).log(Level.WARNING, "Unable to load the dependency-check ant task.properties file.");
Logger.getLogger(DependencyCheckMojo.class.getName()).log(Level.FINE, null, ex);
} finally {
if (mojoProperties != null) {
try {
mojoProperties.close();
} catch (IOException ex) {
Logger.getLogger(DependencyCheckMojo.class.getName()).log(Level.FINEST, null, ex);
}
}
}
Settings.setBoolean(Settings.KEYS.AUTO_UPDATE, autoUpdate);
if (proxyUrl != null && !proxyUrl.isEmpty()) {

2
dependency-check-maven/src/main/resources/mojo.properties Normal file
View File

@@ -0,0 +1,2 @@
# the path to the data directory
data.directory=[JAR]/../../dependency-check-data

177
dependency-check-maven/src/test/java/org/owasp/dependencycheck/maven/MySink.java
View File

@@ -23,7 +23,9 @@ import java.io.OutputStream;
import java.io.OutputStreamWriter;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.apache.maven.doxia.logging.Log;
import org.apache.maven.doxia.sink.Sink;
import org.apache.maven.doxia.sink.SinkEventAttributes;
/**
*
@@ -419,4 +421,179 @@ public class MySink implements Sink {
Logger.getLogger(MySink.class.getName()).log(Level.FINEST, null, ex);
}
}
@Override
public void head(SinkEventAttributes sea) {
throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}
@Override
public void title(SinkEventAttributes sea) {
throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}
@Override
public void author(SinkEventAttributes sea) {
throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}
@Override
public void date(SinkEventAttributes sea) {
throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}
@Override
public void body(SinkEventAttributes sea) {
throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}
@Override
public void section(int i, SinkEventAttributes sea) {
throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}
@Override
public void section_(int i) {
throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}
@Override
public void sectionTitle(int i, SinkEventAttributes sea) {
throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}
@Override
public void sectionTitle_(int i) {
throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}
@Override
public void list(SinkEventAttributes sea) {
throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}
@Override
public void listItem(SinkEventAttributes sea) {
throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}
@Override
public void numberedList(int i, SinkEventAttributes sea) {
throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}
@Override
public void numberedListItem(SinkEventAttributes sea) {
throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}
@Override
public void definitionList(SinkEventAttributes sea) {
throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}
@Override
public void definitionListItem(SinkEventAttributes sea) {
throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}
@Override
public void definition(SinkEventAttributes sea) {
throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}
@Override
public void definedTerm(SinkEventAttributes sea) {
throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}
@Override
public void figure(SinkEventAttributes sea) {
throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}
@Override
public void figureCaption(SinkEventAttributes sea) {
throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}
@Override
public void figureGraphics(String string, SinkEventAttributes sea) {
throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}
@Override
public void table(SinkEventAttributes sea) {
throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}
@Override
public void tableRow(SinkEventAttributes sea) {
throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}
@Override
public void tableCell(SinkEventAttributes sea) {
throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}
@Override
public void tableHeaderCell(SinkEventAttributes sea) {
throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}
@Override
public void tableCaption(SinkEventAttributes sea) {
throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}
@Override
public void paragraph(SinkEventAttributes sea) {
throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}
@Override
public void verbatim(SinkEventAttributes sea) {
throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}
@Override
public void horizontalRule(SinkEventAttributes sea) {
throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}
@Override
public void anchor(String string, SinkEventAttributes sea) {
throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}
@Override
public void link(String string, SinkEventAttributes sea) {
throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}
@Override
public void lineBreak(SinkEventAttributes sea) {
throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}
@Override
public void text(String string, SinkEventAttributes sea) {
throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}
@Override
public void comment(String string) {
throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}
@Override
public void unknown(String string, Object[] os, SinkEventAttributes sea) {
throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}
@Override
public void enableLogging(Log log) {
throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}
}

18
pom.xml
View File

@@ -79,8 +79,8 @@ along with Dependency-Check. If not, see <http://www.gnu.org/licenses />.
<connection>scm:git:git@github.com:jeremylong/DependencyCheck.git</connection>
<url>https://github.com/jeremylong/DependencyCheck.git</url>
<developerConnection>scm:git:git@github.com:jeremylong/DependencyCheck.git</developerConnection>
<tag>HEAD</tag>
</scm>
<tag>HEAD</tag>
</scm>
<issueManagement>
<system>github</system>
<url>https://github.com/jeremylong/DependencyCheck/issues</url>
@@ -209,6 +209,20 @@ along with Dependency-Check. If not, see <http://www.gnu.org/licenses />.
</executions>
</plugin>
<!-- end copy -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<version>1.4</version>
<executions>
<execution>
<id>sign-artifacts</id>
<phase>verify</phase>
<goals>
<goal>sign</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
<dependencies>