github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-14 15:53:36 +01:00
Code Issues Packages Projects Releases Wiki Activity

Updates to abstract analyzer and subclasses - removed duplicate code

Browse Source 
Former-commit-id: 618c113750bf2af612d9e476fd6992db5147fcdc
This commit is contained in:
Jeremy Long
2013-04-19 18:46:01 -04:00
parent 811f85c127
commit 616da84891
9 changed files with 60 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
src/main/java/org/owasp/dependencycheck/analyzer/AbstractAnalyzer.java
View File

@@ -43,4 +43,28 @@ public abstract class AbstractAnalyzer implements Analyzer {
Collections.addAll(set, strings);
return set;
}
/**
* The initialize method does nothing for this Analyzer.
*/
public void initialize() {
//do nothing
}
/**
* The close method does nothing for this Analyzer.
*/
public void close() {
//do nothing
}
/**
* Used to indicate if any steps should be taken after the analysis. The
* abstract implementation returns NOTHING.
* @return NOTHING
*/
public PostAnalysisAction getPostAnalysisAction() {
return PostAnalysisAction.NOTHING;
}
}

7
src/main/java/org/owasp/dependencycheck/analyzer/Analyzer.java
View File

@@ -99,4 +99,11 @@ public interface Analyzer {
* @throws Exception is thrown if an exception occurs closing the analyzer.
*/
void close() throws Exception;
public enum PostAnalysisAction {
NOTHING,
REMOVE_JAR
}
PostAnalysisAction getPostAnalysisAction();
}

17
src/main/java/org/owasp/dependencycheck/analyzer/FalsePositiveAnalyzer.java
View File

@@ -84,23 +84,6 @@ public class FalsePositiveAnalyzer extends AbstractAnalyzer {
return ANALYSIS_PHASE;
}
/**
* The initialize method does nothing for this Analyzer.
*
* @throws Exception never thrown by this analyzer
*/
public void initialize() throws Exception {
//do nothing
}
/**
* The close method does nothing for this Analyzer.
*
* @throws Exception never thrown by this analyzer
*/
public void close() throws Exception {
//do nothing
}
/**
* a list of spring versions.
*/

16
src/main/java/org/owasp/dependencycheck/analyzer/FileNameAnalyzer.java
View File

@@ -29,7 +29,7 @@ import org.owasp.dependencycheck.Engine;
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class FileNameAnalyzer implements Analyzer {
public class FileNameAnalyzer extends AbstractAnalyzer implements Analyzer {
/**
* The name of the analyzer.
@@ -109,18 +109,4 @@ public class FileNameAnalyzer implements Analyzer {
fileName, Evidence.Confidence.HIGH);
}
}
/**
* The initialize method does nothing for this Analyzer.
*/
public void initialize() {
//do nothing
}
/**
* The close method does nothing for this Analyzer.
*/
public void close() {
//do nothing
}
}

16
src/main/java/org/owasp/dependencycheck/analyzer/HintAnalyzer.java
View File

@@ -27,7 +27,7 @@ import org.owasp.dependencycheck.dependency.Evidence;
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class HintAnalyzer implements Analyzer {
public class HintAnalyzer extends AbstractAnalyzer implements Analyzer {
/**
* The name of the analyzer.
@@ -106,18 +106,4 @@ public class HintAnalyzer implements Analyzer {
}
}
/**
* The initialize method does nothing for this Analyzer.
*/
public void initialize() {
//do nothing
}
/**
* The close method does nothing for this Analyzer.
*/
public void close() {
//do nothing
}
}

20
src/main/java/org/owasp/dependencycheck/analyzer/SpringCleaningAnalyzer.java
View File

@@ -33,7 +33,7 @@ import org.owasp.dependencycheck.dependency.Identifier;
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class SpringCleaningAnalyzer extends AbstractAnalyzer {
public class SpringCleaningAnalyzer extends AbstractAnalyzer implements Analyzer {
/**
* The set of file extensions supported by this analyzer.
@@ -86,23 +86,6 @@ public class SpringCleaningAnalyzer extends AbstractAnalyzer {
return ANALYSIS_PHASE;
}
/**
* The initialize method does nothing for this Analyzer.
*
* @throws Exception never thrown by this analyzer
*/
public void initialize() throws Exception {
//do nothing
}
/**
* The close method does nothing for this Analyzer.
*
* @throws Exception never thrown by this analyzer
*/
public void close() throws Exception {
//do nothing
}
/**
* a list of spring versions.
*/
@@ -119,7 +102,6 @@ public class SpringCleaningAnalyzer extends AbstractAnalyzer {
* file.
*/
public void analyze(Dependency dependency, Engine engine) throws AnalysisException {
collectSpringFrameworkIdentifiers(engine);
final List<Identifier> identifiersToRemove = new ArrayList<Identifier>();

12
src/main/java/org/owasp/dependencycheck/data/cpe/CPEAnalyzer.java
View File

@@ -37,7 +37,7 @@ import org.owasp.dependencycheck.dependency.Dependency;
import org.owasp.dependencycheck.dependency.Evidence;
import org.owasp.dependencycheck.dependency.Evidence.Confidence;
import org.owasp.dependencycheck.dependency.EvidenceCollection;
import org.owasp.dependencycheck.analyzer.Analyzer;
/**
* CPEAnalyzer is a utility class that takes a project dependency and attempts
* to discern if there is an associated CPE. It uses the evidence contained
@@ -45,7 +45,7 @@ import org.owasp.dependencycheck.dependency.EvidenceCollection;
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class CPEAnalyzer implements org.owasp.dependencycheck.analyzer.Analyzer {
public class CPEAnalyzer implements Analyzer {
/**
* The maximum number of query results to return.
@@ -512,4 +512,12 @@ public class CPEAnalyzer implements org.owasp.dependencycheck.analyzer.Analyzer
public void initialize() throws Exception {
this.open();
}
/**
* Used to indicate if any steps should be taken after the analysis. The
* abstract implementation returns NOTHING.
* @return NOTHING
*/
public PostAnalysisAction getPostAnalysisAction() {
return PostAnalysisAction.NOTHING;
}
}

13
src/main/java/org/owasp/dependencycheck/data/nvdcve/NvdCveAnalyzer.java
View File

@@ -28,7 +28,7 @@ import org.owasp.dependencycheck.analyzer.AnalysisPhase;
import org.owasp.dependencycheck.dependency.Dependency;
import org.owasp.dependencycheck.dependency.Vulnerability;
import org.owasp.dependencycheck.dependency.Identifier;
import org.owasp.dependencycheck.analyzer.Analyzer;
/**
* NvdCveAnalyzer is a utility class that takes a project dependency and
* attempts to discern if there is an associated CVEs. It uses the the
@@ -36,7 +36,7 @@ import org.owasp.dependencycheck.dependency.Identifier;
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class NvdCveAnalyzer implements org.owasp.dependencycheck.analyzer.Analyzer {
public class NvdCveAnalyzer implements Analyzer {
/**
* The maximum number of query results to return.
@@ -159,4 +159,13 @@ public class NvdCveAnalyzer implements org.owasp.dependencycheck.analyzer.Analyz
public void initialize() throws Exception {
this.open();
}
/**
* Used to indicate if any steps should be taken after the analysis. The
* abstract implementation returns NOTHING.
* @return NOTHING
*/
public PostAnalysisAction getPostAnalysisAction() {
return PostAnalysisAction.NOTHING;
}
}

6
src/main/java/org/owasp/dependencycheck/dependency/Dependency.java
View File

@@ -39,7 +39,7 @@ import org.owasp.dependencycheck.utils.FileUtils;
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class Dependency {
public class Dependency implements Comparable<Dependency> {
/**
* The actual file path of the dependency on disk.
@@ -473,4 +473,8 @@ public class Dependency {
public void addRelatedDependency(Dependency dependency) {
relatedDependencies.add(dependency);
}
public int compareTo(Dependency o) {
return this.getFileName().compareToIgnoreCase(o.getFileName());
}
}