github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-03-22 00:59:34 +01:00
Code Issues Packages Projects Releases Wiki Activity

Updated PMD configuration to work with all the projects.

Browse Source 
Former-commit-id: 80b9aac40019ef95d95ac5dcd3cb417290c37d7e
This commit is contained in:
Will Stranathan
2014-04-22 20:50:06 -04:00
parent f2b908c859
commit 6642c23761
7 changed files with 54 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
dependency-check-core/dc-rules/dcrules.xml → dc-rules/dcrules.xml
View File

9
dependency-check-ant/pom.xml
View File

@@ -412,6 +412,15 @@ Copyright (c) 2013 - Jeremy Long. All Rights Reserved.
<targetJdk>1.6</targetJdk> <targetJdk>1.6</targetJdk>
<linkXref>true</linkXref> <linkXref>true</linkXref>
<sourceEncoding>utf-8</sourceEncoding> <sourceEncoding>utf-8</sourceEncoding>
<excludes>
<exclude>**/generated/*.java</exclude>
</excludes>
<rulesets>
<ruleset>../dc-rules/dcrules.xml</ruleset>
<ruleset>/rulesets/java/basic.xml</ruleset>
<ruleset>/rulesets/java/imports.xml</ruleset>
<ruleset>/rulesets/java/unusedcode.xml</ruleset>
</rulesets>
</configuration> </configuration>
</plugin> </plugin>
<plugin> <plugin>

25
dependency-check-ant/src/main/java/org/owasp/dependencycheck/taskdefs/DependencyCheckTask.java
View File

@@ -62,6 +62,10 @@ public class DependencyCheckTask extends Task {
* System specific new line character. * System specific new line character.
*/ */
private static final String NEW_LINE = System.getProperty("line.separator", "\n").intern(); private static final String NEW_LINE = System.getProperty("line.separator", "\n").intern();
/**
* The logger.
*/
private static final Logger LOGGER = Logger.getLogger(DependencyCheckTask.class.getName());
/** /**
* Construct a new DependencyCheckTask. * Construct a new DependencyCheckTask.
@@ -882,7 +886,7 @@ public class DependencyCheckTask extends Task {
cve.open(); cve.open();
prop = cve.getDatabaseProperties(); prop = cve.getDatabaseProperties();
} catch (DatabaseException ex) { } catch (DatabaseException ex) {
Logger.getLogger(DependencyCheckTask.class.getName()).log(Level.FINE, "Unable to retrieve DB Properties", ex); LOGGER.log(Level.FINE, "Unable to retrieve DB Properties", ex);
} finally { } finally {
if (cve != null) { if (cve != null) {
cve.close(); cve.close();
@@ -898,18 +902,15 @@ public class DependencyCheckTask extends Task {
showSummary(engine.getDependencies()); showSummary(engine.getDependencies());
} }
} catch (IOException ex) { } catch (IOException ex) {
Logger.getLogger(DependencyCheckTask.class.getName()).log(Level.FINE, LOGGER.log(Level.FINE, "Unable to generate dependency-check report", ex);
"Unable to generate dependency-check report", ex);
throw new BuildException("Unable to generate dependency-check report", ex); throw new BuildException("Unable to generate dependency-check report", ex);
} catch (Exception ex) { } catch (Exception ex) {
Logger.getLogger(DependencyCheckTask.class.getName()).log(Level.FINE, LOGGER.log(Level.FINE, "An exception occurred; unable to continue task", ex);
"An exception occurred; unable to continue task", ex);
throw new BuildException("An exception occurred; unable to continue task", ex); throw new BuildException("An exception occurred; unable to continue task", ex);
} }
} catch (DatabaseException ex) { } catch (DatabaseException ex) {
Logger.getLogger(DependencyCheckTask.class.getName()).log(Level.SEVERE, LOGGER.log(Level.SEVERE, "Unable to connect to the dependency-check database; analysis has stopped");
"Unable to connect to the dependency-check database; analysis has stopped"); LOGGER.log(Level.FINE, "", ex);
Logger.getLogger(DependencyCheckTask.class.getName()).log(Level.FINE, "", ex);
} finally { } finally {
Settings.cleanup(); Settings.cleanup();
if (engine != null) { if (engine != null) {
@@ -943,14 +944,14 @@ public class DependencyCheckTask extends Task {
taskProperties = this.getClass().getClassLoader().getResourceAsStream(PROPERTIES_FILE); taskProperties = this.getClass().getClassLoader().getResourceAsStream(PROPERTIES_FILE);
Settings.mergeProperties(taskProperties); Settings.mergeProperties(taskProperties);
} catch (IOException ex) { } catch (IOException ex) {
Logger.getLogger(DependencyCheckTask.class.getName()).log(Level.WARNING, "Unable to load the dependency-check ant task.properties file."); LOGGER.log(Level.WARNING, "Unable to load the dependency-check ant task.properties file.");
Logger.getLogger(DependencyCheckTask.class.getName()).log(Level.FINE, null, ex); LOGGER.log(Level.FINE, null, ex);
} finally { } finally {
if (taskProperties != null) { if (taskProperties != null) {
try { try {
taskProperties.close(); taskProperties.close();
} catch (IOException ex) { } catch (IOException ex) {
Logger.getLogger(DependencyCheckTask.class.getName()).log(Level.FINEST, null, ex); LOGGER.log(Level.FINEST, null, ex);
} }
} }
} }
@@ -1100,7 +1101,7 @@ public class DependencyCheckTask extends Task {
final String msg = String.format("%n%n" final String msg = String.format("%n%n"
+ "One or more dependencies were identified with known vulnerabilities:%n%n%s" + "One or more dependencies were identified with known vulnerabilities:%n%n%s"
+ "%n%nSee the dependency-check report for more details.%n%n", summary.toString()); + "%n%nSee the dependency-check report for more details.%n%n", summary.toString());
Logger.getLogger(DependencyCheckTask.class.getName()).log(Level.WARNING, msg); LOGGER.log(Level.WARNING, msg);
} }
} }

8
dependency-check-cli/pom.xml
View File

@@ -257,7 +257,7 @@ Copyright (c) 2012 - Jeremy Long. All Rights Reserved.
<plugin> <plugin>
<groupId>org.apache.maven.plugins</groupId> <groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-pmd-plugin</artifactId> <artifactId>maven-pmd-plugin</artifactId>
<version>3.0.1</version> <version>3.1</version>
<configuration> <configuration>
<targetJdk>1.6</targetJdk> <targetJdk>1.6</targetJdk>
<linkXref>true</linkXref> <linkXref>true</linkXref>
@@ -265,6 +265,12 @@ Copyright (c) 2012 - Jeremy Long. All Rights Reserved.
<excludes> <excludes>
<exclude>**/generated/*.java</exclude> <exclude>**/generated/*.java</exclude>
</excludes> </excludes>
<rulesets>
<ruleset>../dc-rules/dcrules.xml</ruleset>
<ruleset>/rulesets/java/basic.xml</ruleset>
<ruleset>/rulesets/java/imports.xml</ruleset>
<ruleset>/rulesets/java/unusedcode.xml</ruleset>
</rulesets>
</configuration> </configuration>
</plugin> </plugin>
<plugin> <plugin>

29
dependency-check-cli/src/main/java/org/owasp/dependencycheck/App.java
View File

@@ -45,7 +45,12 @@ public class App {
* The location of the log properties configuration file. * The location of the log properties configuration file.
*/ */
private static final String LOG_PROPERTIES_FILE = "log.properties"; private static final String LOG_PROPERTIES_FILE = "log.properties";
/**
* The logger.
*/
private static final Logger LOGGER = Logger.getLogger(App.class.getName());
/** /**
* The main method for the application. * The main method for the application.
* *
@@ -115,7 +120,7 @@ public class App {
cve.open(); cve.open();
prop = cve.getDatabaseProperties(); prop = cve.getDatabaseProperties();
} catch (DatabaseException ex) { } catch (DatabaseException ex) {
Logger.getLogger(App.class.getName()).log(Level.FINE, "Unable to retrieve DB Properties", ex); LOGGER.log(Level.FINE, "Unable to retrieve DB Properties", ex);
} finally { } finally {
if (cve != null) { if (cve != null) {
cve.close(); cve.close();
@@ -125,15 +130,15 @@ public class App {
try { try {
report.generateReports(reportDirectory, outputFormat); report.generateReports(reportDirectory, outputFormat);
} catch (IOException ex) { } catch (IOException ex) {
Logger.getLogger(App.class.getName()).log(Level.SEVERE, "There was an IO error while attempting to generate the report."); LOGGER.log(Level.SEVERE, "There was an IO error while attempting to generate the report.");
Logger.getLogger(App.class.getName()).log(Level.FINE, null, ex); LOGGER.log(Level.FINE, null, ex);
} catch (Throwable ex) { } catch (Throwable ex) {
Logger.getLogger(App.class.getName()).log(Level.SEVERE, "There was an error while attempting to generate the report."); LOGGER.log(Level.SEVERE, "There was an error while attempting to generate the report.");
Logger.getLogger(App.class.getName()).log(Level.FINE, null, ex); LOGGER.log(Level.FINE, null, ex);
} }
} catch (DatabaseException ex) { } catch (DatabaseException ex) {
Logger.getLogger(App.class.getName()).log(Level.SEVERE, "Unable to connect to the dependency-check database; analysis has stopped"); LOGGER.log(Level.SEVERE, "Unable to connect to the dependency-check database; analysis has stopped");
Logger.getLogger(App.class.getName()).log(Level.FINE, "", ex); LOGGER.log(Level.FINE, "", ex);
} finally { } finally {
Settings.cleanup(); Settings.cleanup();
if (scanner != null) { if (scanner != null) {
@@ -180,12 +185,12 @@ public class App {
Settings.mergeProperties(propertiesFile); Settings.mergeProperties(propertiesFile);
} catch (FileNotFoundException ex) { } catch (FileNotFoundException ex) {
final String msg = String.format("Unable to load properties file '%s'", propertiesFile.getPath()); final String msg = String.format("Unable to load properties file '%s'", propertiesFile.getPath());
Logger.getLogger(App.class.getName()).log(Level.SEVERE, msg); LOGGER.log(Level.SEVERE, msg);
Logger.getLogger(App.class.getName()).log(Level.FINE, null, ex); LOGGER.log(Level.FINE, null, ex);
} catch (IOException ex) { } catch (IOException ex) {
final String msg = String.format("Unable to find properties file '%s'", propertiesFile.getPath()); final String msg = String.format("Unable to find properties file '%s'", propertiesFile.getPath());
Logger.getLogger(App.class.getName()).log(Level.SEVERE, msg); LOGGER.log(Level.SEVERE, msg);
Logger.getLogger(App.class.getName()).log(Level.FINE, null, ex); LOGGER.log(Level.FINE, null, ex);
} }
} }
// We have to wait until we've merged the properties before attempting to set whether we use // We have to wait until we've merged the properties before attempting to set whether we use

2
dependency-check-core/pom.xml
View File

@@ -366,7 +366,7 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
<exclude>**/generated/*.java</exclude> <exclude>**/generated/*.java</exclude>
</excludes> </excludes>
<rulesets> <rulesets>
<ruleset>dc-rules/dcrules.xml</ruleset> <ruleset>../dc-rules/dcrules.xml</ruleset>
<ruleset>/rulesets/java/basic.xml</ruleset> <ruleset>/rulesets/java/basic.xml</ruleset>
<ruleset>/rulesets/java/imports.xml</ruleset> <ruleset>/rulesets/java/imports.xml</ruleset>
<ruleset>/rulesets/java/unusedcode.xml</ruleset> <ruleset>/rulesets/java/unusedcode.xml</ruleset>

8
dependency-check-maven/pom.xml
View File

@@ -233,7 +233,7 @@ Copyright (c) 2013 Jeremy Long. All Rights Reserved.
<plugin> <plugin>
<groupId>org.apache.maven.plugins</groupId> <groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-pmd-plugin</artifactId> <artifactId>maven-pmd-plugin</artifactId>
<version>3.0.1</version> <version>3.1</version>
<configuration> <configuration>
<targetJdk>1.6</targetJdk> <targetJdk>1.6</targetJdk>
<linkXref>true</linkXref> <linkXref>true</linkXref>
@@ -241,6 +241,12 @@ Copyright (c) 2013 Jeremy Long. All Rights Reserved.
<excludes> <excludes>
<exclude>**/generated/*.java</exclude> <exclude>**/generated/*.java</exclude>
</excludes> </excludes>
<rulesets>
<ruleset>../dc-rules/dcrules.xml</ruleset>
<ruleset>/rulesets/java/basic.xml</ruleset>
<ruleset>/rulesets/java/imports.xml</ruleset>
<ruleset>/rulesets/java/unusedcode.xml</ruleset>
</rulesets>
</configuration> </configuration>
</plugin> </plugin>
<plugin> <plugin>