mirror of
https://github.com/ysoftdevs/DependencyCheck.git
synced 2026-03-20 08:14:44 +01:00
merge
This commit is contained in:
Jeremy Long
@@ -52,13 +52,13 @@ import org.xml.sax.SAXException;
|
|||||||
public abstract class AbstractSuppressionAnalyzer extends AbstractAnalyzer {
|
public abstract class AbstractSuppressionAnalyzer extends AbstractAnalyzer {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The Logger for use throughout the class
|
* The Logger for use throughout the class.
|
||||||
*/
|
*/
|
||||||
private static final Logger LOGGER = LoggerFactory.getLogger(AbstractSuppressionAnalyzer.class);
|
private static final Logger LOGGER = LoggerFactory.getLogger(AbstractSuppressionAnalyzer.class);
|
||||||
/**
|
/**
|
||||||
* The list of suppression rules
|
* The list of suppression rules.
|
||||||
*/
|
*/
|
||||||
private SuppressionRule[] rules = null;
|
private List<SuppressionRule> rules = new ArrayList<>();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get the number of suppression rules.
|
* Get the number of suppression rules.
|
||||||
@@ -66,7 +66,7 @@ public abstract class AbstractSuppressionAnalyzer extends AbstractAnalyzer {
|
|||||||
* @return the number of suppression rules
|
* @return the number of suppression rules
|
||||||
*/
|
*/
|
||||||
protected int getRuleCount() {
|
protected int getRuleCount() {
|
||||||
return rules.length;
|
return rules.size();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@@ -86,18 +86,24 @@ public abstract class AbstractSuppressionAnalyzer extends AbstractAnalyzer {
|
|||||||
*/
|
*/
|
||||||
@Override
|
@Override
|
||||||
public synchronized void prepareAnalyzer(Engine engine) throws InitializationException {
|
public synchronized void prepareAnalyzer(Engine engine) throws InitializationException {
|
||||||
if (rules == null) {
|
if (rules == null || rules.isEmpty()) {
|
||||||
|
try {
|
||||||
|
loadSuppressionBaseData();
|
||||||
|
} catch (SuppressionParseException ex) {
|
||||||
|
throw new InitializationException("Error initializing the suppression analyzer: " + ex.getLocalizedMessage(), ex, true);
|
||||||
|
}
|
||||||
|
|
||||||
try {
|
try {
|
||||||
loadSuppressionData();
|
loadSuppressionData();
|
||||||
} catch (SuppressionParseException ex) {
|
} catch (SuppressionParseException ex) {
|
||||||
throw new InitializationException("Error initializing the suppression analyzer: " + ex.getLocalizedMessage(), ex, true);
|
throw new InitializationException("Warn initializing the suppression analyzer: " + ex.getLocalizedMessage(), ex, false);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
protected void analyzeDependency(Dependency dependency, Engine engine) throws AnalysisException {
|
protected void analyzeDependency(Dependency dependency, Engine engine) throws AnalysisException {
|
||||||
if (rules == null || rules.length <= 0) {
|
if (rules == null || rules.isEmpty()) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
for (final SuppressionRule rule : rules) {
|
for (final SuppressionRule rule : rules) {
|
||||||
@@ -111,18 +117,11 @@ public abstract class AbstractSuppressionAnalyzer extends AbstractAnalyzer {
|
|||||||
* @throws SuppressionParseException thrown if the XML cannot be parsed.
|
* @throws SuppressionParseException thrown if the XML cannot be parsed.
|
||||||
*/
|
*/
|
||||||
private void loadSuppressionData() throws SuppressionParseException {
|
private void loadSuppressionData() throws SuppressionParseException {
|
||||||
List<SuppressionRule> ruleList;
|
final List<SuppressionRule> ruleList = new ArrayList<>();
|
||||||
final SuppressionParser parser = new SuppressionParser();
|
final SuppressionParser parser = new SuppressionParser();
|
||||||
try {
|
|
||||||
final InputStream in = FileUtils.getResourceAsStream("dependencycheck-base-suppression.xml");
|
|
||||||
ruleList = parser.parseSuppressionRules(in);
|
|
||||||
} catch (SAXException ex) {
|
|
||||||
throw new SuppressionParseException("Unable to parse the base suppression data file", ex);
|
|
||||||
}
|
|
||||||
final String[] suppressionFilePaths = getSettings().getArray(Settings.KEYS.SUPPRESSION_FILE);
|
final String[] suppressionFilePaths = getSettings().getArray(Settings.KEYS.SUPPRESSION_FILE);
|
||||||
final List<String> failedLoadingFiles = new ArrayList<>();
|
final List<String> failedLoadingFiles = new ArrayList<>();
|
||||||
if (suppressionFilePaths != null && suppressionFilePaths.length > 0) {
|
if (suppressionFilePaths != null && suppressionFilePaths.length > 0) {
|
||||||
|
|
||||||
// Load all the suppression file paths
|
// Load all the suppression file paths
|
||||||
for (final String suppressionFilePath : suppressionFilePaths) {
|
for (final String suppressionFilePath : suppressionFilePaths) {
|
||||||
try {
|
try {
|
||||||
@@ -133,8 +132,8 @@ public abstract class AbstractSuppressionAnalyzer extends AbstractAnalyzer {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
rules = ruleList.toArray(new SuppressionRule[ruleList.size()]);
|
|
||||||
LOGGER.debug("{} suppression rules were loaded.", ruleList.size());
|
LOGGER.debug("{} suppression rules were loaded.", ruleList.size());
|
||||||
|
rules.addAll(ruleList);
|
||||||
if (!failedLoadingFiles.isEmpty()) {
|
if (!failedLoadingFiles.isEmpty()) {
|
||||||
LOGGER.debug("{} suppression files failed to load.", failedLoadingFiles.size());
|
LOGGER.debug("{} suppression files failed to load.", failedLoadingFiles.size());
|
||||||
final StringBuilder sb = new StringBuilder();
|
final StringBuilder sb = new StringBuilder();
|
||||||
@@ -145,6 +144,23 @@ public abstract class AbstractSuppressionAnalyzer extends AbstractAnalyzer {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Loads all the base suppression rules files.
|
||||||
|
*
|
||||||
|
* @throws SuppressionParseException thrown if the XML cannot be parsed.
|
||||||
|
*/
|
||||||
|
private void loadSuppressionBaseData() throws SuppressionParseException {
|
||||||
|
final SuppressionParser parser = new SuppressionParser();
|
||||||
|
List<SuppressionRule> ruleList;
|
||||||
|
try {
|
||||||
|
final InputStream in = FileUtils.getResourceAsStream("dependencycheck-base-suppression.xml");
|
||||||
|
ruleList = parser.parseSuppressionRules(in);
|
||||||
|
} catch (SAXException ex) {
|
||||||
|
throw new SuppressionParseException("Unable to parse the base suppression data file", ex);
|
||||||
|
}
|
||||||
|
rules.addAll(ruleList);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Load a single suppression rules file from the path provided using the
|
* Load a single suppression rules file from the path provided using the
|
||||||
* parser provided.
|
* parser provided.
|
||||||
@@ -185,7 +201,7 @@ public abstract class AbstractSuppressionAnalyzer extends AbstractAnalyzer {
|
|||||||
try {
|
try {
|
||||||
org.apache.commons.io.FileUtils.copyInputStreamToFile(suppressionsFromClasspath, file);
|
org.apache.commons.io.FileUtils.copyInputStreamToFile(suppressionsFromClasspath, file);
|
||||||
} catch (IOException ex) {
|
} catch (IOException ex) {
|
||||||
throwSuppressionParseException("Unable to locate suppressions file in classpath", ex);
|
throwSuppressionParseException("Unable to locate suppressions file in classpath", ex, suppressionFilePath);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -206,13 +222,13 @@ public abstract class AbstractSuppressionAnalyzer extends AbstractAnalyzer {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
} catch (DownloadFailedException ex) {
|
} catch (DownloadFailedException ex) {
|
||||||
throwSuppressionParseException("Unable to fetch the configured suppression file", ex);
|
throwSuppressionParseException("Unable to fetch the configured suppression file", ex, suppressionFilePath);
|
||||||
} catch (MalformedURLException ex) {
|
} catch (MalformedURLException ex) {
|
||||||
throwSuppressionParseException("Configured suppression file has an invalid URL", ex);
|
throwSuppressionParseException("Configured suppression file has an invalid URL", ex, suppressionFilePath);
|
||||||
} catch (SuppressionParseException ex) {
|
} catch (SuppressionParseException ex) {
|
||||||
throw ex;
|
throw ex;
|
||||||
} catch (IOException ex) {
|
} catch (IOException ex) {
|
||||||
throwSuppressionParseException("Unable to create temp file for suppressions", ex);
|
throwSuppressionParseException("Unable to create temp file for suppressions", ex, suppressionFilePath);
|
||||||
} finally {
|
} finally {
|
||||||
if (deleteTempFile && file != null) {
|
if (deleteTempFile && file != null) {
|
||||||
FileUtils.delete(file);
|
FileUtils.delete(file);
|
||||||
@@ -226,11 +242,12 @@ public abstract class AbstractSuppressionAnalyzer extends AbstractAnalyzer {
|
|||||||
*
|
*
|
||||||
* @param message the exception message
|
* @param message the exception message
|
||||||
* @param exception the cause of the exception
|
* @param exception the cause of the exception
|
||||||
|
* @param suppressionFilePath the path file
|
||||||
* @throws SuppressionParseException throws the generated
|
* @throws SuppressionParseException throws the generated
|
||||||
* SuppressionParseException
|
* SuppressionParseException
|
||||||
*/
|
*/
|
||||||
private void throwSuppressionParseException(String message, Exception exception) throws SuppressionParseException {
|
private void throwSuppressionParseException(String message, Exception exception, String suppressionFilePath) throws SuppressionParseException {
|
||||||
LOGGER.warn(message);
|
LOGGER.warn(String.format(message + "'%s'", suppressionFilePath));
|
||||||
LOGGER.debug("", exception);
|
LOGGER.debug("", exception);
|
||||||
throw new SuppressionParseException(message, exception);
|
throw new SuppressionParseException(message, exception);
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user