mirror of
https://github.com/ysoftdevs/DependencyCheck.git
synced 2026-01-19 10:07:12 +01:00
remove duplicated configuration items in DependencyCheckTask
This commit is contained in:
ma wei
@@ -18,19 +18,19 @@
|
|||||||
|
|
||||||
package com.tools.security.extension
|
package com.tools.security.extension
|
||||||
|
|
||||||
class DependencyCheckConfigurationExtension {
|
class DependencyCheckExtension {
|
||||||
String proxyServer
|
String proxyServer
|
||||||
Integer proxyPort
|
Integer proxyPort
|
||||||
String proxyUsername = ""
|
String proxyUsername
|
||||||
String proxyPassword = ""
|
String proxyPassword
|
||||||
|
|
||||||
String cveUrl12Modified = "https://nvd.nist.gov/download/nvdcve-Modified.xml.gz"
|
String cveUrl20Modified
|
||||||
String cveUrl20Modified = "https://nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-Modified.xml.gz"
|
String cveUrl12Modified
|
||||||
Integer cveStartYear = 2002
|
Integer cveStartYear
|
||||||
String cveUrl12Base = "https://nvd.nist.gov/download/nvdcve-%d.xml.gz"
|
String cveUrl20Base
|
||||||
String cveUrl20Base = "https://nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-%d.xml.gz"
|
String cveUrl12Base
|
||||||
|
|
||||||
String outputDirectory = "./reports"
|
String outputDirectory = "./reports"
|
||||||
|
|
||||||
Boolean quickQueryTimestamp = true;
|
Boolean quickQueryTimestamp;
|
||||||
}
|
}
|
||||||
@@ -18,13 +18,14 @@
|
|||||||
|
|
||||||
package com.tools.security.plugin
|
package com.tools.security.plugin
|
||||||
|
|
||||||
import com.tools.security.extension.DependencyCheckConfigurationExtension
|
import com.tools.security.extension.DependencyCheckExtension
|
||||||
import com.tools.security.tasks.DependencyCheckTask
|
import com.tools.security.tasks.DependencyCheckTask
|
||||||
import org.gradle.api.Plugin
|
import org.gradle.api.Plugin
|
||||||
import org.gradle.api.Project
|
import org.gradle.api.Project
|
||||||
|
|
||||||
class DependencyCheckGradlePlugin implements Plugin<Project> {
|
class DependencyCheckGradlePlugin implements Plugin<Project> {
|
||||||
static final String EXTENSION_NAME = 'dependencyCheck'
|
private static final String EXTENSION_NAME = 'dependencyCheck'
|
||||||
|
private static final String TASK_NAME = 'dependencyCheck'
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
void apply(Project project) {
|
void apply(Project project) {
|
||||||
@@ -33,23 +34,10 @@ class DependencyCheckGradlePlugin implements Plugin<Project> {
|
|||||||
}
|
}
|
||||||
|
|
||||||
def initializeConfigurations(Project project) {
|
def initializeConfigurations(Project project) {
|
||||||
project.extensions.create(EXTENSION_NAME, DependencyCheckConfigurationExtension)
|
project.extensions.create(EXTENSION_NAME, DependencyCheckExtension)
|
||||||
}
|
}
|
||||||
|
|
||||||
def registerTasks(Project project) {
|
def registerTasks(Project project) {
|
||||||
project.task('dependencyCheck', type: DependencyCheckTask) {
|
project.task(TASK_NAME, type: DependencyCheckTask)
|
||||||
def extension = project.extensions.findByName(EXTENSION_NAME)
|
|
||||||
conventionMapping.proxyServer = { extension.proxyServer }
|
|
||||||
conventionMapping.proxyPort = { extension.proxyPort }
|
|
||||||
conventionMapping.proxyUsername = { extension.proxyUsername }
|
|
||||||
conventionMapping.proxyPassword = { extension.proxyPassword }
|
|
||||||
conventionMapping.cveUrl12Modified = { extension.cveUrl12Modified }
|
|
||||||
conventionMapping.cveUrl20Modified = { extension.cveUrl20Modified }
|
|
||||||
conventionMapping.cveStartYear = { extension.cveStartYear }
|
|
||||||
conventionMapping.cveUrl12Base = { extension.cveUrl12Base }
|
|
||||||
conventionMapping.cveUrl20Base = { extension.cveUrl20Base }
|
|
||||||
conventionMapping.outputDirectory = { extension.outputDirectory }
|
|
||||||
conventionMapping.quickQueryTimestamp = { extension.quickQueryTimestamp }
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -28,27 +28,23 @@ import org.owasp.dependencycheck.dependency.Dependency
|
|||||||
import org.owasp.dependencycheck.reporting.ReportGenerator
|
import org.owasp.dependencycheck.reporting.ReportGenerator
|
||||||
import org.owasp.dependencycheck.utils.Settings
|
import org.owasp.dependencycheck.utils.Settings
|
||||||
|
|
||||||
|
import static org.owasp.dependencycheck.utils.Settings.KEYS.CVE_MODIFIED_12_URL
|
||||||
|
import static org.owasp.dependencycheck.utils.Settings.KEYS.CVE_MODIFIED_20_URL
|
||||||
|
import static org.owasp.dependencycheck.utils.Settings.KEYS.CVE_SCHEMA_1_2
|
||||||
|
import static org.owasp.dependencycheck.utils.Settings.KEYS.CVE_SCHEMA_2_0
|
||||||
|
import static org.owasp.dependencycheck.utils.Settings.KEYS.CVE_START_YEAR
|
||||||
|
import static org.owasp.dependencycheck.utils.Settings.KEYS.DOWNLOADER_QUICK_QUERY_TIMESTAMP
|
||||||
|
import static org.owasp.dependencycheck.utils.Settings.KEYS.PROXY_PASSWORD
|
||||||
|
import static org.owasp.dependencycheck.utils.Settings.KEYS.PROXY_PORT
|
||||||
|
import static org.owasp.dependencycheck.utils.Settings.KEYS.PROXY_SERVER
|
||||||
|
import static org.owasp.dependencycheck.utils.Settings.KEYS.PROXY_USERNAME
|
||||||
import static org.owasp.dependencycheck.utils.Settings.setBoolean
|
import static org.owasp.dependencycheck.utils.Settings.setBoolean
|
||||||
import static org.owasp.dependencycheck.utils.Settings.setString
|
import static org.owasp.dependencycheck.utils.Settings.setString
|
||||||
|
|
||||||
class DependencyCheckTask extends DefaultTask {
|
class DependencyCheckTask extends DefaultTask {
|
||||||
|
|
||||||
def currentProjectName = project.getName()
|
def currentProjectName = project.getName()
|
||||||
|
def config = project.dependencyCheck
|
||||||
String proxyServer
|
|
||||||
Integer proxyPort
|
|
||||||
String proxyUsername = ""
|
|
||||||
String proxyPassword = ""
|
|
||||||
|
|
||||||
String cveUrl12Modified = "https://nvd.nist.gov/download/nvdcve-Modified.xml.gz"
|
|
||||||
String cveUrl20Modified = "https://nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-Modified.xml.gz"
|
|
||||||
Integer cveStartYear = 2002
|
|
||||||
String cveUrl12Base = "https://nvd.nist.gov/download/nvdcve-%d.xml.gz"
|
|
||||||
String cveUrl20Base = "https://nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-%d.xml.gz"
|
|
||||||
|
|
||||||
String outputDirectory = "./reports"
|
|
||||||
|
|
||||||
Boolean quickQueryTimestamp = true;
|
|
||||||
|
|
||||||
DependencyCheckTask() {
|
DependencyCheckTask() {
|
||||||
group = 'Dependency Check'
|
group = 'Dependency Check'
|
||||||
@@ -111,22 +107,22 @@ class DependencyCheckTask extends DefaultTask {
|
|||||||
}
|
}
|
||||||
|
|
||||||
def generateReportDirectory(String currentProjectName) {
|
def generateReportDirectory(String currentProjectName) {
|
||||||
"${getOutputDirectory()}/${currentProjectName}"
|
"${config.outputDirectory}/${currentProjectName}"
|
||||||
}
|
}
|
||||||
|
|
||||||
def overrideProxySetting() {
|
def overrideProxySetting() {
|
||||||
if (isProxySettingExist()) {
|
if (isProxySettingExist()) {
|
||||||
logger.lifecycle("Using proxy ${getProxyServer()}:${getProxyPort()}")
|
logger.lifecycle("Using proxy ${config.proxyServer}:${config.proxyPort}")
|
||||||
|
|
||||||
setString(Settings.KEYS.PROXY_SERVER, getProxyServer())
|
overrideStringBasedSettingWhenProvided(PROXY_SERVER, config.proxyServer)
|
||||||
setString(Settings.KEYS.PROXY_PORT, "${getProxyPort()}")
|
overrideStringBasedSettingWhenProvided(PROXY_PORT, "${config.proxyPort}")
|
||||||
setString(Settings.KEYS.PROXY_USERNAME, getProxyUsername())
|
overrideStringBasedSettingWhenProvided(PROXY_USERNAME, config.proxyUsername)
|
||||||
setString(Settings.KEYS.PROXY_PASSWORD, getProxyPassword())
|
overrideStringBasedSettingWhenProvided(PROXY_PASSWORD, config.proxyPassword)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
def isProxySettingExist() {
|
def isProxySettingExist() {
|
||||||
getProxyServer() != null && getProxyPort() != null
|
config.proxyServer != null && config.proxyPort != null
|
||||||
}
|
}
|
||||||
|
|
||||||
def getAllDependencies(project) {
|
def getAllDependencies(project) {
|
||||||
@@ -138,14 +134,35 @@ class DependencyCheckTask extends DefaultTask {
|
|||||||
}
|
}
|
||||||
|
|
||||||
def overrideCveUrlSetting() {
|
def overrideCveUrlSetting() {
|
||||||
setString(Settings.KEYS.CVE_MODIFIED_20_URL, getCveUrl20Modified())
|
overrideStringBasedSettingWhenProvided(CVE_MODIFIED_20_URL, config.cveUrl20Modified)
|
||||||
setString(Settings.KEYS.CVE_MODIFIED_12_URL, getCveUrl12Modified())
|
overrideStringBasedSettingWhenProvided(CVE_MODIFIED_12_URL, config.cveUrl12Modified)
|
||||||
setString(Settings.KEYS.CVE_START_YEAR, "${getCveStartYear()}")
|
overrideIntegerBasedSettingWhenProvided(CVE_START_YEAR, config.cveStartYear)
|
||||||
setString(Settings.KEYS.CVE_SCHEMA_2_0, getCveUrl20Base())
|
overrideStringBasedSettingWhenProvided(CVE_SCHEMA_2_0, config.cveUrl20Base)
|
||||||
setString(Settings.KEYS.CVE_SCHEMA_1_2, getCveUrl12Base())
|
overrideStringBasedSettingWhenProvided(CVE_SCHEMA_1_2, config.cveUrl12Base)
|
||||||
}
|
}
|
||||||
|
|
||||||
def overrideDownloaderSetting() {
|
def overrideDownloaderSetting() {
|
||||||
setBoolean(Settings.KEYS.DOWNLOADER_QUICK_QUERY_TIMESTAMP, getQuickQueryTimestamp())
|
overrideBooleanBasedSettingWhenProvided(DOWNLOADER_QUICK_QUERY_TIMESTAMP, config.quickQueryTimestamp)
|
||||||
|
}
|
||||||
|
|
||||||
|
private overrideStringBasedSettingWhenProvided(String key, String providedValue) {
|
||||||
|
if (providedValue != null) {
|
||||||
|
logger.lifecycle("Setting [${key}] overrided with value [${providedValue}]")
|
||||||
|
setString(key, providedValue)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private overrideIntegerBasedSettingWhenProvided(String key, Integer providedValue) {
|
||||||
|
if (providedValue != null) {
|
||||||
|
logger.lifecycle("Setting [${key}] overrided with value [${providedValue}]")
|
||||||
|
setString(key, "${providedValue}")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private overrideBooleanBasedSettingWhenProvided(String key, Boolean providedValue) {
|
||||||
|
if (providedValue != null) {
|
||||||
|
logger.lifecycle("Setting [${key}] overrided with value [${providedValue}]")
|
||||||
|
setBoolean(key, providedValue)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user