github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-13 23:33:37 +01:00
Code Issues Packages Projects Releases Wiki Activity

remove duplicated configuration items in DependencyCheckTask

Browse Source
This commit is contained in:
ma wei
2015-08-24 22:17:16 +08:00
parent d308e50e1e
commit 761a5ed3dd
3 changed files with 59 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
dependency-check-gradle/src/main/groovy/com/tools/security/extension/DependencyCheckConfigurationExtension.groovy → dependency-check-gradle/src/main/groovy/com/tools/security/extension/DependencyCheckExtension.groovy
View File

@@ -18,19 +18,19 @@
package com.tools.security.extension
class DependencyCheckConfigurationExtension {
class DependencyCheckExtension {
String proxyServer
Integer proxyPort
String proxyUsername = ""
String proxyPassword = ""
String proxyUsername
String proxyPassword
String cveUrl12Modified = "https://nvd.nist.gov/download/nvdcve-Modified.xml.gz"
String cveUrl20Modified = "https://nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-Modified.xml.gz"
Integer cveStartYear = 2002
String cveUrl12Base = "https://nvd.nist.gov/download/nvdcve-%d.xml.gz"
String cveUrl20Base = "https://nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-%d.xml.gz"
String cveUrl20Modified
String cveUrl12Modified
Integer cveStartYear
String cveUrl20Base
String cveUrl12Base
String outputDirectory = "./reports"
Boolean quickQueryTimestamp = true;
Boolean quickQueryTimestamp;
}

22
dependency-check-gradle/src/main/groovy/com/tools/security/plugin/DependencyCheckGradlePlugin.groovy
View File

@@ -18,13 +18,14 @@
package com.tools.security.plugin
import com.tools.security.extension.DependencyCheckConfigurationExtension
import com.tools.security.extension.DependencyCheckExtension
import com.tools.security.tasks.DependencyCheckTask
import org.gradle.api.Plugin
import org.gradle.api.Project
class DependencyCheckGradlePlugin implements Plugin<Project> {
static final String EXTENSION_NAME = 'dependencyCheck'
private static final String EXTENSION_NAME = 'dependencyCheck'
private static final String TASK_NAME = 'dependencyCheck'
@Override
void apply(Project project) {
@@ -33,23 +34,10 @@ class DependencyCheckGradlePlugin implements Plugin<Project> {
}
def initializeConfigurations(Project project) {
project.extensions.create(EXTENSION_NAME, DependencyCheckConfigurationExtension)
project.extensions.create(EXTENSION_NAME, DependencyCheckExtension)
}
def registerTasks(Project project) {
project.task('dependencyCheck', type: DependencyCheckTask) {
def extension = project.extensions.findByName(EXTENSION_NAME)
conventionMapping.proxyServer = { extension.proxyServer }
conventionMapping.proxyPort = { extension.proxyPort }
conventionMapping.proxyUsername = { extension.proxyUsername }
conventionMapping.proxyPassword = { extension.proxyPassword }
conventionMapping.cveUrl12Modified = { extension.cveUrl12Modified }
conventionMapping.cveUrl20Modified = { extension.cveUrl20Modified }
conventionMapping.cveStartYear = { extension.cveStartYear }
conventionMapping.cveUrl12Base = { extension.cveUrl12Base }
conventionMapping.cveUrl20Base = { extension.cveUrl20Base }
conventionMapping.outputDirectory = { extension.outputDirectory }
conventionMapping.quickQueryTimestamp = { extension.quickQueryTimestamp }
}
project.task(TASK_NAME, type: DependencyCheckTask)
}
}

73
dependency-check-gradle/src/main/groovy/com/tools/security/tasks/DependencyCheckTask.groovy
View File

@@ -28,27 +28,23 @@ import org.owasp.dependencycheck.dependency.Dependency
import org.owasp.dependencycheck.reporting.ReportGenerator
import org.owasp.dependencycheck.utils.Settings
import static org.owasp.dependencycheck.utils.Settings.KEYS.CVE_MODIFIED_12_URL
import static org.owasp.dependencycheck.utils.Settings.KEYS.CVE_MODIFIED_20_URL
import static org.owasp.dependencycheck.utils.Settings.KEYS.CVE_SCHEMA_1_2
import static org.owasp.dependencycheck.utils.Settings.KEYS.CVE_SCHEMA_2_0
import static org.owasp.dependencycheck.utils.Settings.KEYS.CVE_START_YEAR
import static org.owasp.dependencycheck.utils.Settings.KEYS.DOWNLOADER_QUICK_QUERY_TIMESTAMP
import static org.owasp.dependencycheck.utils.Settings.KEYS.PROXY_PASSWORD
import static org.owasp.dependencycheck.utils.Settings.KEYS.PROXY_PORT
import static org.owasp.dependencycheck.utils.Settings.KEYS.PROXY_SERVER
import static org.owasp.dependencycheck.utils.Settings.KEYS.PROXY_USERNAME
import static org.owasp.dependencycheck.utils.Settings.setBoolean
import static org.owasp.dependencycheck.utils.Settings.setString
class DependencyCheckTask extends DefaultTask {
def currentProjectName = project.getName()
String proxyServer
Integer proxyPort
String proxyUsername = ""
String proxyPassword = ""
String cveUrl12Modified = "https://nvd.nist.gov/download/nvdcve-Modified.xml.gz"
String cveUrl20Modified = "https://nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-Modified.xml.gz"
Integer cveStartYear = 2002
String cveUrl12Base = "https://nvd.nist.gov/download/nvdcve-%d.xml.gz"
String cveUrl20Base = "https://nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-%d.xml.gz"
String outputDirectory = "./reports"
Boolean quickQueryTimestamp = true;
def config = project.dependencyCheck
DependencyCheckTask() {
group = 'Dependency Check'
@@ -111,22 +107,22 @@ class DependencyCheckTask extends DefaultTask {
}
def generateReportDirectory(String currentProjectName) {
"${getOutputDirectory()}/${currentProjectName}"
"${config.outputDirectory}/${currentProjectName}"
}
def overrideProxySetting() {
if (isProxySettingExist()) {
logger.lifecycle("Using proxy ${getProxyServer()}:${getProxyPort()}")
logger.lifecycle("Using proxy ${config.proxyServer}:${config.proxyPort}")
setString(Settings.KEYS.PROXY_SERVER, getProxyServer())
setString(Settings.KEYS.PROXY_PORT, "${getProxyPort()}")
setString(Settings.KEYS.PROXY_USERNAME, getProxyUsername())
setString(Settings.KEYS.PROXY_PASSWORD, getProxyPassword())
overrideStringBasedSettingWhenProvided(PROXY_SERVER, config.proxyServer)
overrideStringBasedSettingWhenProvided(PROXY_PORT, "${config.proxyPort}")
overrideStringBasedSettingWhenProvided(PROXY_USERNAME, config.proxyUsername)
overrideStringBasedSettingWhenProvided(PROXY_PASSWORD, config.proxyPassword)
}
}
def isProxySettingExist() {
getProxyServer() != null && getProxyPort() != null
config.proxyServer != null && config.proxyPort != null
}
def getAllDependencies(project) {
@@ -138,14 +134,35 @@ class DependencyCheckTask extends DefaultTask {
}
def overrideCveUrlSetting() {
setString(Settings.KEYS.CVE_MODIFIED_20_URL, getCveUrl20Modified())
setString(Settings.KEYS.CVE_MODIFIED_12_URL, getCveUrl12Modified())
setString(Settings.KEYS.CVE_START_YEAR, "${getCveStartYear()}")
setString(Settings.KEYS.CVE_SCHEMA_2_0, getCveUrl20Base())
setString(Settings.KEYS.CVE_SCHEMA_1_2, getCveUrl12Base())
overrideStringBasedSettingWhenProvided(CVE_MODIFIED_20_URL, config.cveUrl20Modified)
overrideStringBasedSettingWhenProvided(CVE_MODIFIED_12_URL, config.cveUrl12Modified)
overrideIntegerBasedSettingWhenProvided(CVE_START_YEAR, config.cveStartYear)
overrideStringBasedSettingWhenProvided(CVE_SCHEMA_2_0, config.cveUrl20Base)
overrideStringBasedSettingWhenProvided(CVE_SCHEMA_1_2, config.cveUrl12Base)
}
def overrideDownloaderSetting() {
setBoolean(Settings.KEYS.DOWNLOADER_QUICK_QUERY_TIMESTAMP, getQuickQueryTimestamp())
overrideBooleanBasedSettingWhenProvided(DOWNLOADER_QUICK_QUERY_TIMESTAMP, config.quickQueryTimestamp)
}
private overrideStringBasedSettingWhenProvided(String key, String providedValue) {
if (providedValue != null) {
logger.lifecycle("Setting [${key}] overrided with value [${providedValue}]")
setString(key, providedValue)
}
}
private overrideIntegerBasedSettingWhenProvided(String key, Integer providedValue) {
if (providedValue != null) {
logger.lifecycle("Setting [${key}] overrided with value [${providedValue}]")
setString(key, "${providedValue}")
}
}
private overrideBooleanBasedSettingWhenProvided(String key, Boolean providedValue) {
if (providedValue != null) {
logger.lifecycle("Setting [${key}] overrided with value [${providedValue}]")
setBoolean(key, providedValue)
}
}
}