From 6c837f0639a90abba5b5b7edd64feca1dceb547b Mon Sep 17 00:00:00 2001
From: Jeremy Long <jeremy.long@gmail.com>
Date: Sun, 17 Feb 2013 07:27:01 -0500
Subject: [PATCH] Patches from Steve Springett for XML report format

Former-commit-id: 711371d19c3b79cc6411adef59d992cc16d5bf57
---
 .../org/codesecure/dependencycheck/App.java   |  7 ++--
 .../reporting/ReportGenerator.java            | 10 +++--
 .../dependencycheck/utils/CliParser.java      | 42 ++++++++++++++++---
 .../EngineIntegrationTest.java                |  2 +-
 4 files changed, 48 insertions(+), 13 deletions(-)

diff --git a/src/main/java/org/codesecure/dependencycheck/App.java b/src/main/java/org/codesecure/dependencycheck/App.java
index 6f36fc9ff..66d8efcbb 100644
--- a/src/main/java/org/codesecure/dependencycheck/App.java
+++ b/src/main/java/org/codesecure/dependencycheck/App.java
@@ -112,7 +112,7 @@ public class App {
         if (cli.isGetVersion()) {
             cli.printVersionInfo();
         } else if (cli.isRunScan()) {
-            runScan(cli.getReportDirectory(), cli.getApplicationName(), cli.getScanFiles(), cli.isAutoUpdate());
+            runScan(cli.getReportDirectory(), cli.getReportFormat(), cli.getApplicationName(), cli.getScanFiles(), cli.isAutoUpdate());
         } else {
             cli.printHelp();
         }
@@ -125,10 +125,11 @@ public class App {
      *
      * @param reportDirectory the path to the directory where the reports will
      * be written.
+     * @param outputFormat the output format of the report.
      * @param applicationName the application name for the report.
      * @param files the files/directories to scan.
      */
-    private void runScan(String reportDirectory, String applicationName, String[] files, boolean autoUpdate) {
+    private void runScan(String reportDirectory, String outputFormat, String applicationName, String[] files, boolean autoUpdate) {
         Engine scanner = new Engine(autoUpdate);
         for (String file : files) {
             scanner.scan(file);
@@ -138,7 +139,7 @@ public class App {
 
         ReportGenerator report = new ReportGenerator(applicationName, dependencies, scanner.getAnalyzers());
         try {
-            report.generateReports(reportDirectory);
+            report.generateReports(reportDirectory, outputFormat);
         } catch (IOException ex) {
             Logger.getLogger(App.class.getName()).log(Level.SEVERE, null, ex);
         } catch (Exception ex) {
diff --git a/src/main/java/org/codesecure/dependencycheck/reporting/ReportGenerator.java b/src/main/java/org/codesecure/dependencycheck/reporting/ReportGenerator.java
index 7c680e6df..e1396fb30 100644
--- a/src/main/java/org/codesecure/dependencycheck/reporting/ReportGenerator.java
+++ b/src/main/java/org/codesecure/dependencycheck/reporting/ReportGenerator.java
@@ -104,13 +104,17 @@ public class ReportGenerator {
      * Generates the Dependency Reports for the identified dependencies.
      *
      * @param outputDir the path where the reports should be written.
+     * @param outputFormat the format the report should be written in.
      * @throws IOException is thrown when the template file does not exist.
      * @throws Exception is thrown if there is an error writting out the
      * reports.
      */
-    public void generateReports(String outputDir) throws IOException, Exception {
-        generateReport("HtmlReport", outputDir + File.separator + "DependencyCheck-Report.html");
-        //generateReport("XmlReport", outputDir + File.separator + "DependencyCheck-Report.xml");
+    public void generateReports(String outputDir, String outputFormat) throws IOException, Exception {
+        if (outputFormat.equalsIgnoreCase("XML")) {
+            generateReport("XmlReport", outputDir + File.separator + "DependencyCheck-Report.xml");
+        } else {
+            generateReport("HtmlReport", outputDir + File.separator + "DependencyCheck-Report.html");
+		}
     }
 
     /**
diff --git a/src/main/java/org/codesecure/dependencycheck/utils/CliParser.java b/src/main/java/org/codesecure/dependencycheck/utils/CliParser.java
index d3c8687d8..55659da31 100644
--- a/src/main/java/org/codesecure/dependencycheck/utils/CliParser.java
+++ b/src/main/java/org/codesecure/dependencycheck/utils/CliParser.java
@@ -105,6 +105,11 @@ public final class CliParser {
                 throw new ParseException("Scan cannot be run without specifying an application "
                         + "name via the 'app' argument.");
             }
+            if (line.hasOption(ArgumentName.OUTPUT_FORMAT)) {
+                String format = line.getOptionValue(ArgumentName.OUTPUT_FORMAT);
+                if (!(format.equalsIgnoreCase("XML") || format.equalsIgnoreCase("HTML")))
+                    throw new ParseException("Supported output formats are XML and HTML");
+            }
         }
     }
 
@@ -114,7 +119,7 @@ public final class CliParser {
      * thrown.
      *
      * @param paths the paths to validate if they exists
-     * @throws FileNoteFoundException is thrown if one of the paths being
+     * @throws FileNotFoundException is thrown if one of the paths being
      * validated does not exist.
      */
     private void validatePathExists(String[] paths) throws FileNotFoundException {
@@ -128,8 +133,8 @@ public final class CliParser {
      * path does not point to an existing file a FileNotFoundException is
      * thrown.
      *
-     * @param paths the paths to validate if they exists
-     * @throws FileNoteFoundException is thrown if the path being validated does
+     * @param path the paths to validate if they exists
+     * @throws FileNotFoundException is thrown if the path being validated does
      * not exist.
      */
     private void validatePathExists(String path) throws FileNotFoundException {
@@ -176,6 +181,10 @@ public final class CliParser {
                 .withDescription("the folder to write reports to.")
                 .create(ArgumentName.OUT_SHORT);
 
+        Option outputformat = OptionBuilder.withArgName("format").hasArg().withLongOpt(ArgumentName.OUTPUT_FORMAT)
+                .withDescription("the output format to write to.")
+                .create(ArgumentName.OUTPUT_FORMAT_SHORT);
+
         //TODO add the ability to load a properties file to override the defaults...
 
         OptionGroup og = new OptionGroup();
@@ -184,6 +193,7 @@ public final class CliParser {
         Options opts = new Options();
         opts.addOptionGroup(og);
         opts.addOption(out);
+        opts.addOption(outputformat);
         opts.addOption(appname);
         opts.addOption(version);
         opts.addOption(help);
@@ -233,13 +243,13 @@ public final class CliParser {
                     + "using the -p <file> argument or by passing them in as system properties." + nl
                     + nl + " " + Settings.KEYS.PROXY_URL + "\t\t    the proxy URL to use when downloading resources."
                     + nl + " " + Settings.KEYS.PROXY_PORT + "\t\t    the proxy port to use when downloading resources."
-                    + nl + " " + Settings.KEYS.CONNECTION_TIMEOUT + "\t    the cconnection timeout (in milliseconds) to use"
+                    + nl + " " + Settings.KEYS.CONNECTION_TIMEOUT + "\t    the connection timeout (in milliseconds) to use"
                     + nl + "\t\t\t    when downloading resources.";
         }
 
         formatter.printHelp(Settings.getString("application.name", "DependencyCheck"),
                 nl + Settings.getString("application.name", "DependencyCheck")
-                + " can be used to identify if there are any known CVE vulnerabilities in libraries utillized by an application. "
+                + " can be used to identify if there are any known CVE vulnerabilities in libraries utilized by an application. "
                 + Settings.getString("application.name", "DependencyCheck")
                 + " will automatically update required data from the Internet, such as the CVE and CPE data files from nvd.nist.gov." + nl + nl,
                 options,
@@ -271,10 +281,20 @@ public final class CliParser {
         return line.getOptionValue(ArgumentName.OUT);
     }
 
+    /**
+     * Returns the output format specified on the command line. Defaults to
+     * HTML if no format was specified.
+     *
+     * @return the output format name.
+     */
+    public String getReportFormat() {
+        return line.getOptionValue(ArgumentName.OUTPUT_FORMAT, "HTML");
+    }
+
     /**
      * Returns the application name specified on the command line.
      *
-     * @return the applicatoin name.
+     * @return the application name.
      */
     public String getApplicationName() {
         return line.getOptionValue(ArgumentName.APPNAME);
@@ -336,6 +356,16 @@ public final class CliParser {
          * reports to.
          */
         public static final String OUT_SHORT = "o";
+        /**
+         * The long CLI argument name specifing the output format to write the
+         * reports to.
+         */
+        public static final String OUTPUT_FORMAT = "format";
+        /**
+         * The short CLI argument name specifing the output format to write the
+         * reports to.
+         */
+        public static final String OUTPUT_FORMAT_SHORT = "f";
         /**
          * The long CLI argument name specifing the name of the application to
          * be scanned.
diff --git a/src/test/java/org/codesecure/dependencycheck/EngineIntegrationTest.java b/src/test/java/org/codesecure/dependencycheck/EngineIntegrationTest.java
index 4ec411df2..0c8cf80f4 100644
--- a/src/test/java/org/codesecure/dependencycheck/EngineIntegrationTest.java
+++ b/src/test/java/org/codesecure/dependencycheck/EngineIntegrationTest.java
@@ -53,6 +53,6 @@ public class EngineIntegrationTest {
         instance.analyzeDependencies();
         ReportGenerator rg = new ReportGenerator("DependencyCheck",
                 instance.getDependencies(), instance.getAnalyzers());
-        rg.generateReports("./target/");
+        rg.generateReports("./target/", "HTML");
     }
 }