fix for issue #937

2026-01-17 00:56:54 +01:00 · 2017-10-22 14:41:06 -04:00
parent 714b3d29b9
commit 5b7314e6d3
10 changed files with 72 additions and 12 deletions
--- a/dependency-check-cli/src/main/java/org/owasp/dependencycheck/App.java
+++ b/dependency-check-cli/src/main/java/org/owasp/dependencycheck/App.java
@@ -421,6 +421,7 @@ public class App {
        final Integer cveValidForHours = cli.getCveValidForHours();
        final Boolean autoUpdate = cli.isAutoUpdate();
        final Boolean experimentalEnabled = cli.isExperimentalEnabled();
+        final Boolean retiredEnabled = cli.isRetiredEnabled();

        if (propertiesFile != null) {
            try {
@@ -460,6 +461,7 @@ public class App {

        //File Type Analyzer Settings
        settings.setBooleanIfNotNull(Settings.KEYS.ANALYZER_EXPERIMENTAL_ENABLED, experimentalEnabled);
+        settings.setBooleanIfNotNull(Settings.KEYS.ANALYZER_RETIRED_ENABLED, retiredEnabled);

        settings.setBoolean(Settings.KEYS.ANALYZER_JAR_ENABLED, !cli.isJarDisabled());
        settings.setBoolean(Settings.KEYS.ANALYZER_ARCHIVE_ENABLED, !cli.isArchiveDisabled());
--- a/dependency-check-cli/src/main/java/org/owasp/dependencycheck/CliParser.java
+++ b/dependency-check-cli/src/main/java/org/owasp/dependencycheck/CliParser.java
@@ -301,6 +301,10 @@ public final class CliParser {
                .desc("Enables the experimental analyzers.")
                .build();

+        final Option retiredEnabled = Option.builder().longOpt(ARGUMENT.RETIRED)
+                .desc("Enables the experimental analyzers.")
+                .build();
+
        final Option failOnCVSS = Option.builder().argName("score").hasArg().longOpt(ARGUMENT.FAIL_ON_CVSS)
                .desc("Specifies if the build should be failed if a CVSS score above a specified level is identified. "
                        + "The default is 11; since the CVSS scores are 0-10, by default the build will never fail.")
@@ -329,6 +333,7 @@ public final class CliParser {
                .addOption(hintsFile)
                .addOption(cveValidForHours)
                .addOption(experimentalEnabled)
+                .addOption(retiredEnabled)
                .addOption(failOnCVSS);
    }

@@ -1188,6 +1193,15 @@ public final class CliParser {
        return (line != null && line.hasOption(ARGUMENT.EXPERIMENTAL)) ? true : null;
    }

+    /**
+     * Returns true if the retired analyzers are enabled.
+     *
+     * @return true if the retired analyzers are enabled; otherwise null
+     */
+    public Boolean isRetiredEnabled() {
+        return (line != null && line.hasOption(ARGUMENT.RETIRED)) ? true : null;
+    }
+
    /**
     * Returns the CVSS value to fail on.
     *
@@ -1521,6 +1535,10 @@ public final class CliParser {
         * The CLI argument to enable the experimental analyzers.
         */
        private static final String EXPERIMENTAL = "enableExperimental";
+        /**
+         * The CLI argument to enable the retired analyzers.
+         */
+        private static final String RETIRED = "enableRetired";
        /**
         * The CLI argument to enable the experimental analyzers.
         */