github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-03-22 17:19:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

Updates to abstract analyzer and subclasses - removed duplicate code

Browse Source 
Former-commit-id: 618c113750bf2af612d9e476fd6992db5147fcdc
This commit is contained in:
Jeremy Long
2013-04-19 18:46:01 -04:00
parent 811f85c127
commit 616da84891
9 changed files with 60 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
src/main/java/org/owasp/dependencycheck/analyzer/AbstractAnalyzer.java
View File

@@ -43,4 +43,28 @@ public abstract class AbstractAnalyzer implements Analyzer {
Collections.addAll(set, strings); Collections.addAll(set, strings);
return set; return set;
} }
/**
* The initialize method does nothing for this Analyzer.
*/
public void initialize() {
//do nothing
}
/**
* The close method does nothing for this Analyzer.
*/
public void close() {
//do nothing
}
/**
* Used to indicate if any steps should be taken after the analysis. The
* abstract implementation returns NOTHING.
* @return NOTHING
*/
public PostAnalysisAction getPostAnalysisAction() {
return PostAnalysisAction.NOTHING;
}
} }

7
src/main/java/org/owasp/dependencycheck/analyzer/Analyzer.java
View File

@@ -99,4 +99,11 @@ public interface Analyzer {
* @throws Exception is thrown if an exception occurs closing the analyzer. * @throws Exception is thrown if an exception occurs closing the analyzer.
*/ */
void close() throws Exception; void close() throws Exception;
public enum PostAnalysisAction {
NOTHING,
REMOVE_JAR
}
PostAnalysisAction getPostAnalysisAction();
} }

17
src/main/java/org/owasp/dependencycheck/analyzer/FalsePositiveAnalyzer.java
View File

@@ -84,23 +84,6 @@ public class FalsePositiveAnalyzer extends AbstractAnalyzer {
return ANALYSIS_PHASE; return ANALYSIS_PHASE;
} }
/**
* The initialize method does nothing for this Analyzer.
*
* @throws Exception never thrown by this analyzer
*/
public void initialize() throws Exception {
//do nothing
}
/**
* The close method does nothing for this Analyzer.
*
* @throws Exception never thrown by this analyzer
*/
public void close() throws Exception {
//do nothing
}
/** /**
* a list of spring versions. * a list of spring versions.
*/ */

16
src/main/java/org/owasp/dependencycheck/analyzer/FileNameAnalyzer.java
View File

@@ -29,7 +29,7 @@ import org.owasp.dependencycheck.Engine;
* *
* @author Jeremy Long (jeremy.long@gmail.com) * @author Jeremy Long (jeremy.long@gmail.com)
*/ */
public class FileNameAnalyzer implements Analyzer { public class FileNameAnalyzer extends AbstractAnalyzer implements Analyzer {
/** /**
* The name of the analyzer. * The name of the analyzer.
@@ -109,18 +109,4 @@ public class FileNameAnalyzer implements Analyzer {
fileName, Evidence.Confidence.HIGH); fileName, Evidence.Confidence.HIGH);
} }
} }
/**
* The initialize method does nothing for this Analyzer.
*/
public void initialize() {
//do nothing
}
/**
* The close method does nothing for this Analyzer.
*/
public void close() {
//do nothing
}
} }

16
src/main/java/org/owasp/dependencycheck/analyzer/HintAnalyzer.java
View File

@@ -27,7 +27,7 @@ import org.owasp.dependencycheck.dependency.Evidence;
* *
* @author Jeremy Long (jeremy.long@gmail.com) * @author Jeremy Long (jeremy.long@gmail.com)
*/ */
public class HintAnalyzer implements Analyzer { public class HintAnalyzer extends AbstractAnalyzer implements Analyzer {
/** /**
* The name of the analyzer. * The name of the analyzer.
@@ -106,18 +106,4 @@ public class HintAnalyzer implements Analyzer {
} }
} }
/**
* The initialize method does nothing for this Analyzer.
*/
public void initialize() {
//do nothing
}
/**
* The close method does nothing for this Analyzer.
*/
public void close() {
//do nothing
}
} }

20
src/main/java/org/owasp/dependencycheck/analyzer/SpringCleaningAnalyzer.java
View File

@@ -33,7 +33,7 @@ import org.owasp.dependencycheck.dependency.Identifier;
* *
* @author Jeremy Long (jeremy.long@gmail.com) * @author Jeremy Long (jeremy.long@gmail.com)
*/ */
public class SpringCleaningAnalyzer extends AbstractAnalyzer { public class SpringCleaningAnalyzer extends AbstractAnalyzer implements Analyzer {
/** /**
* The set of file extensions supported by this analyzer. * The set of file extensions supported by this analyzer.
@@ -86,23 +86,6 @@ public class SpringCleaningAnalyzer extends AbstractAnalyzer {
return ANALYSIS_PHASE; return ANALYSIS_PHASE;
} }
/**
* The initialize method does nothing for this Analyzer.
*
* @throws Exception never thrown by this analyzer
*/
public void initialize() throws Exception {
//do nothing
}
/**
* The close method does nothing for this Analyzer.
*
* @throws Exception never thrown by this analyzer
*/
public void close() throws Exception {
//do nothing
}
/** /**
* a list of spring versions. * a list of spring versions.
*/ */
@@ -119,7 +102,6 @@ public class SpringCleaningAnalyzer extends AbstractAnalyzer {
* file. * file.
*/ */
public void analyze(Dependency dependency, Engine engine) throws AnalysisException { public void analyze(Dependency dependency, Engine engine) throws AnalysisException {
collectSpringFrameworkIdentifiers(engine); collectSpringFrameworkIdentifiers(engine);
final List<Identifier> identifiersToRemove = new ArrayList<Identifier>(); final List<Identifier> identifiersToRemove = new ArrayList<Identifier>();

12
src/main/java/org/owasp/dependencycheck/data/cpe/CPEAnalyzer.java
View File

@@ -37,7 +37,7 @@ import org.owasp.dependencycheck.dependency.Dependency;
import org.owasp.dependencycheck.dependency.Evidence; import org.owasp.dependencycheck.dependency.Evidence;
import org.owasp.dependencycheck.dependency.Evidence.Confidence; import org.owasp.dependencycheck.dependency.Evidence.Confidence;
import org.owasp.dependencycheck.dependency.EvidenceCollection; import org.owasp.dependencycheck.dependency.EvidenceCollection;
import org.owasp.dependencycheck.analyzer.Analyzer;
/** /**
* CPEAnalyzer is a utility class that takes a project dependency and attempts * CPEAnalyzer is a utility class that takes a project dependency and attempts
* to discern if there is an associated CPE. It uses the evidence contained * to discern if there is an associated CPE. It uses the evidence contained
@@ -45,7 +45,7 @@ import org.owasp.dependencycheck.dependency.EvidenceCollection;
* *
* @author Jeremy Long (jeremy.long@gmail.com) * @author Jeremy Long (jeremy.long@gmail.com)
*/ */
public class CPEAnalyzer implements org.owasp.dependencycheck.analyzer.Analyzer { public class CPEAnalyzer implements Analyzer {
/** /**
* The maximum number of query results to return. * The maximum number of query results to return.
@@ -512,4 +512,12 @@ public class CPEAnalyzer implements org.owasp.dependencycheck.analyzer.Analyzer
public void initialize() throws Exception { public void initialize() throws Exception {
this.open(); this.open();
} }
/**
* Used to indicate if any steps should be taken after the analysis. The
* abstract implementation returns NOTHING.
* @return NOTHING
*/
public PostAnalysisAction getPostAnalysisAction() {
return PostAnalysisAction.NOTHING;
}
} }

13
src/main/java/org/owasp/dependencycheck/data/nvdcve/NvdCveAnalyzer.java
View File

@@ -28,7 +28,7 @@ import org.owasp.dependencycheck.analyzer.AnalysisPhase;
import org.owasp.dependencycheck.dependency.Dependency; import org.owasp.dependencycheck.dependency.Dependency;
import org.owasp.dependencycheck.dependency.Vulnerability; import org.owasp.dependencycheck.dependency.Vulnerability;
import org.owasp.dependencycheck.dependency.Identifier; import org.owasp.dependencycheck.dependency.Identifier;
import org.owasp.dependencycheck.analyzer.Analyzer;
/** /**
* NvdCveAnalyzer is a utility class that takes a project dependency and * NvdCveAnalyzer is a utility class that takes a project dependency and
* attempts to discern if there is an associated CVEs. It uses the the * attempts to discern if there is an associated CVEs. It uses the the
@@ -36,7 +36,7 @@ import org.owasp.dependencycheck.dependency.Identifier;
* *
* @author Jeremy Long (jeremy.long@gmail.com) * @author Jeremy Long (jeremy.long@gmail.com)
*/ */
public class NvdCveAnalyzer implements org.owasp.dependencycheck.analyzer.Analyzer { public class NvdCveAnalyzer implements Analyzer {
/** /**
* The maximum number of query results to return. * The maximum number of query results to return.
@@ -159,4 +159,13 @@ public class NvdCveAnalyzer implements org.owasp.dependencycheck.analyzer.Analyz
public void initialize() throws Exception { public void initialize() throws Exception {
this.open(); this.open();
} }
/**
* Used to indicate if any steps should be taken after the analysis. The
* abstract implementation returns NOTHING.
* @return NOTHING
*/
public PostAnalysisAction getPostAnalysisAction() {
return PostAnalysisAction.NOTHING;
}
} }

6
src/main/java/org/owasp/dependencycheck/dependency/Dependency.java
View File

@@ -39,7 +39,7 @@ import org.owasp.dependencycheck.utils.FileUtils;
* *
* @author Jeremy Long (jeremy.long@gmail.com) * @author Jeremy Long (jeremy.long@gmail.com)
*/ */
public class Dependency { public class Dependency implements Comparable<Dependency> {
/** /**
* The actual file path of the dependency on disk. * The actual file path of the dependency on disk.
@@ -473,4 +473,8 @@ public class Dependency {
public void addRelatedDependency(Dependency dependency) { public void addRelatedDependency(Dependency dependency) {
relatedDependencies.add(dependency); relatedDependencies.add(dependency);
} }
public int compareTo(Dependency o) {
return this.getFileName().compareToIgnoreCase(o.getFileName());
}
} }