add configuration, let user has ability to control HTTP method used during the update process to avoid proxy problem

2026-01-14 15:53:36 +01:00 · 2015-08-07 10:09:40 +08:00
parent 810530fabd
commit 62a0b8da90
4 changed files with 14 additions and 0 deletions
--- a/dependency-check-gradle/src/main/groovy/com/tools/security/extension/DependencyCheckConfigurationExtension.groovy
+++ b/dependency-check-gradle/src/main/groovy/com/tools/security/extension/DependencyCheckConfigurationExtension.groovy
@@ -31,4 +31,6 @@ class DependencyCheckConfigurationExtension {
    String cveUrl20Base = "https://nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-%d.xml.gz"

    String outputDirectory = "./reports"
+
+    Boolean quickQueryTimestamp = true;
 }
--- a/dependency-check-gradle/src/main/groovy/com/tools/security/plugin/DependencyCheckGradlePlugin.groovy
+++ b/dependency-check-gradle/src/main/groovy/com/tools/security/plugin/DependencyCheckGradlePlugin.groovy
@@ -49,6 +49,7 @@ class DependencyCheckGradlePlugin implements Plugin<Project> {
            conventionMapping.cveUrl12Base = { extension.cveUrl12Base }
            conventionMapping.cveUrl20Base = { extension.cveUrl20Base }
            conventionMapping.outputDirectory = { extension.outputDirectory }
+            conventionMapping.quickQueryTimestamp = { extension.quickQueryTimestamp }
        }
    }
 }
--- a/dependency-check-gradle/src/main/groovy/com/tools/security/tasks/DependencyCheckTask.groovy
+++ b/dependency-check-gradle/src/main/groovy/com/tools/security/tasks/DependencyCheckTask.groovy
@@ -28,6 +28,7 @@ import org.owasp.dependencycheck.dependency.Dependency
 import org.owasp.dependencycheck.reporting.ReportGenerator
 import org.owasp.dependencycheck.utils.Settings

+import static org.owasp.dependencycheck.utils.Settings.setBoolean
 import static org.owasp.dependencycheck.utils.Settings.setString

 class DependencyCheckTask extends DefaultTask {
@@ -47,6 +48,8 @@ class DependencyCheckTask extends DefaultTask {

    String outputDirectory = "./reports"

+    Boolean quickQueryTimestamp = true;
+
    DependencyCheckTask() {
        group = 'Dependency Check'
        description = 'Produce dependency security report.'
@@ -73,6 +76,7 @@ class DependencyCheckTask extends DefaultTask {
        Settings.initialize()
        overrideProxySetting()
        overrideCveUrlSetting()
+        overrideDownloaderSetting()
    }

    def cleanup(engine) {
@@ -140,4 +144,8 @@ class DependencyCheckTask extends DefaultTask {
        setString(Settings.KEYS.CVE_SCHEMA_2_0, getCveUrl20Base())
        setString(Settings.KEYS.CVE_SCHEMA_1_2, getCveUrl12Base())
    }
+
+    def overrideDownloaderSetting() {
+        setBoolean(Settings.KEYS.DOWNLOADER_QUICK_QUERY_TIMESTAMP, getQuickQueryTimestamp())
+    }
 }
--- a/dependency-check-gradle/src/test/groovy/com/tools/security/plugin/DependencyCheckGradlePluginSpec.groovy
+++ b/dependency-check-gradle/src/test/groovy/com/tools/security/plugin/DependencyCheckGradlePluginSpec.groovy
@@ -58,6 +58,7 @@ class DependencyCheckGradlePluginSpec extends PluginProjectSpec {
        task.cveUrl12Base == 'https://nvd.nist.gov/download/nvdcve-%d.xml.gz'
        task.cveUrl20Base == 'https://nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-%d.xml.gz'
        task.outputDirectory == './reports'
+        task.quickQueryTimestamp == true
    }

    def 'tasks use correct values when extension is used'() {
@@ -73,6 +74,7 @@ class DependencyCheckGradlePluginSpec extends PluginProjectSpec {
            cveUrl12Base = 'cveUrl12Base'
            cveUrl20Base = 'cveUrl20Base'
            outputDirectory = 'outputDirectory'
+            quickQueryTimestamp = false
        }

        then:
@@ -87,5 +89,6 @@ class DependencyCheckGradlePluginSpec extends PluginProjectSpec {
        task.cveUrl12Base == 'cveUrl12Base'
        task.cveUrl20Base == 'cveUrl20Base'
        task.outputDirectory == 'outputDirectory'
+        task.quickQueryTimestamp == false
    }
 }