github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-03-20 16:24:11 +01:00
Code Issues Packages Projects Releases Wiki Activity

added excludeInternalGroupIds configuration parameter that allows the exclusion of groupIds of internal projects. This is to speed up analysis as internal projects have no public vulnerabilites nor a sonatype listing but do frequently have names that collide with other libraries. The parameter can have multiple values, e.g. <excludeInternalGroupIds><groupId>nl.someinteral.project</groupId><groupId>org.another.one</groupId></excludeInternalGroupIds>

Browse Source 
Former-commit-id: ffa0716366c6c7b65d1181f2bd945472b75b5483
This commit is contained in:
Erik Hooijmeijer
2014-10-22 19:08:33 +02:00
parent 35c2f4873c
commit 5caf023677
1 changed files with 14 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/DependencyCheckMojo.java
View File

@@ -33,6 +33,7 @@ import java.util.Set;
import java.util.logging.Level; import java.util.logging.Level;
import java.util.logging.Logger; import java.util.logging.Logger;
import org.apache.commons.lang.StringUtils;
import org.apache.maven.artifact.Artifact; import org.apache.maven.artifact.Artifact;
import org.apache.maven.plugin.MojoExecutionException; import org.apache.maven.plugin.MojoExecutionException;
import org.apache.maven.plugin.MojoFailureException; import org.apache.maven.plugin.MojoFailureException;
@@ -242,6 +243,13 @@ public class DependencyCheckMojo extends ReportAggregationMojo {
@SuppressWarnings("CanBeFinal") @SuppressWarnings("CanBeFinal")
@Parameter(property = "skipProvidedScope", defaultValue = "false", required = false) @Parameter(property = "skipProvidedScope", defaultValue = "false", required = false)
private boolean skipProvidedScope = false; private boolean skipProvidedScope = false;
/**
* Skip Analysis of Dependencies that have a groupId that starts with this string.
* Multiple excludes are allowed by repeating the element.
*/
@SuppressWarnings("CanBeFinal")
@Parameter(property = "excludeInternalGroupIds", required = false)
private String[] excludeInternalGroupIds = new String[0];
/** /**
* The data directory, hold DC SQL DB. * The data directory, hold DC SQL DB.
*/ */
@@ -362,6 +370,12 @@ public class DependencyCheckMojo extends ReportAggregationMojo {
if (skipRuntimeScope && !Artifact.SCOPE_RUNTIME.equals(a.getScope())) { if (skipRuntimeScope && !Artifact.SCOPE_RUNTIME.equals(a.getScope())) {
return true; return true;
} }
for (String groupId : excludeInternalGroupIds) {
if (!StringUtils.isEmpty(groupId) && (a.getGroupId().startsWith(groupId))) {
LOGGER.log(Level.INFO, "Excluding " + a.getGroupId() + ":" + a.getArtifactId());
return true;
}
}
return false; return false;
} }