disable RubyBundlerAnalyzer if RubyBundleAuditAnalyzer

2026-01-15 00:03:43 +01:00 · 2016-05-06 16:42:39 -04:00
parent 8a42fe4ae1
commit 83ab122ddf
2 changed files with 19 additions and 17 deletions
--- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/RubyBundleAuditAnalyzer.java
+++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/RubyBundleAuditAnalyzer.java
@@ -203,21 +203,25 @@ public class RubyBundleAuditAnalyzer extends AbstractFileTypeAnalyzer {
    @Override
    protected void analyzeFileType(Dependency dependency, Engine engine)
            throws AnalysisException {
-//        if (needToDisableGemspecAnalyzer) {
-//            boolean failed = true;
-//            final String className = RubyGemspecAnalyzer.class.getName();
-//            for (FileTypeAnalyzer analyzer : engine.getFileTypeAnalyzers()) {
-//                if (analyzer instanceof RubyGemspecAnalyzer) {
-//                    ((RubyGemspecAnalyzer) analyzer).setEnabled(false);
-//                    LOGGER.info("Disabled " + className + " to avoid noisy duplicate results.");
-//                    failed = false;
-//                }
-//            }
-//            if (failed) {
-//                LOGGER.warn("Did not find" + className + '.');
-//            }
-//            needToDisableGemspecAnalyzer = false;
-//        }
+        if (needToDisableGemspecAnalyzer) {
+            boolean failed = true;
+            final String className = RubyGemspecAnalyzer.class.getName();
+            for (FileTypeAnalyzer analyzer : engine.getFileTypeAnalyzers()) {
+            	if (analyzer instanceof RubyBundlerAnalyzer) {
+                    ((RubyBundlerAnalyzer) analyzer).setEnabled(false);
+                    LOGGER.info("Disabled " + RubyBundlerAnalyzer.class.getName() + " to avoid noisy duplicate results.");
+                }
+            	else if (analyzer instanceof RubyGemspecAnalyzer) {
+                    ((RubyGemspecAnalyzer) analyzer).setEnabled(false);
+                    LOGGER.info("Disabled " + className + " to avoid noisy duplicate results.");
+                    failed = false;
+                }
+            }
+            if (failed) {
+                LOGGER.warn("Did not find " + className + '.');
+            }
+            needToDisableGemspecAnalyzer = false;
+        }
        final File parentFile = dependency.getActualFile().getParentFile();
        final Process process = launchBundleAudit(parentFile);
        try {
--- a/dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/RubyBundleAuditAnalyzerTest.java
+++ b/dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/RubyBundleAuditAnalyzerTest.java
@@ -181,9 +181,7 @@ public class RubyBundleAuditAnalyzerTest extends BaseTest {
        
        final Engine engine = new Engine();
        engine.scan(BaseTest.getResourceAsFile(this,
-//              "ruby/vulnerable/gems/chef-12.8.4/"));
                "ruby/vulnerable/gems/rails-4.1.15/"));
-//        		"java"));
        engine.analyzeDependencies();
        
        List<Dependency> dependencies = engine.getDependencies();