diff --git a/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/Engine.java b/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/Engine.java index 499e9ab05..fb50e203b 100644 --- a/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/Engine.java +++ b/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/Engine.java @@ -27,8 +27,8 @@ import org.owasp.dependencycheck.data.nvdcve.DatabaseException; import org.owasp.dependencycheck.utils.Settings; /** - * A modified version of the core engine specifically designed to persist some data between multiple executions of a - * multi-module Maven project. + * A modified version of the core engine specifically designed to persist some + * data between multiple executions of a multi-module Maven project. * * @author Jeremy Long */ @@ -51,7 +51,8 @@ public class Engine extends org.owasp.dependencycheck.Engine { */ private List reactorProjects; /** - * Key used in the MavenProject context values to note whether or not an update has been executed. + * Key used in the MavenProject context values to note whether or not an + * update has been executed. */ public static final String UPDATE_EXECUTED_FLAG = "dependency-check-update-executed"; @@ -59,12 +60,22 @@ public class Engine extends org.owasp.dependencycheck.Engine { * Creates a new Engine to perform anyalsis on dependencies. * * @param project the current Maven project - * @param reactorProjects the reactor projects for the current Maven execution - * @throws DatabaseException thrown if there is an issue connecting to the database + * @param reactorProjects the reactor projects for the current Maven + * execution + * @throws DatabaseException thrown if there is an issue connecting to the + * database */ public Engine(MavenProject project, List reactorProjects) throws DatabaseException { this.currentProject = project; this.reactorProjects = reactorProjects; + initializeEngine(); + } + + /** + * Runs the analyzers against all of the dependencies. + */ + @Override + public void analyzeDependencies() { final MavenProject root = getExecutionRoot(); if (root != null) { LOGGER.fine(String.format("Checking root project, %s, if updates have already been completed", root.getArtifactId())); @@ -74,7 +85,7 @@ public class Engine extends org.owasp.dependencycheck.Engine { if (root != null && root.getContextValue(UPDATE_EXECUTED_FLAG) != null) { System.setProperty(Settings.KEYS.AUTO_UPDATE, Boolean.FALSE.toString()); } - initializeEngine(); + super.analyzeDependencies(); if (root != null) { root.setContextValue(UPDATE_EXECUTED_FLAG, Boolean.TRUE); } @@ -83,14 +94,15 @@ public class Engine extends org.owasp.dependencycheck.Engine { /** * This constructor should not be called. Use Engine(MavenProject) instead. * - * @throws DatabaseException thrown if there is an issue connecting to the database + * @throws DatabaseException thrown if there is an issue connecting to the + * database */ private Engine() throws DatabaseException { } /** - * Initializes the given analyzer. This skips the initialization of the CPEAnalyzer if it has been initialized by a - * previous execution. + * Initializes the given analyzer. This skips the initialization of the + * CPEAnalyzer if it has been initialized by a previous execution. * * @param analyzer the analyzer to initialize * @return the initialized analyzer @@ -109,7 +121,8 @@ public class Engine extends org.owasp.dependencycheck.Engine { } /** - * Releases resources used by the analyzers by calling close() on each analyzer. + * Releases resources used by the analyzers by calling close() on each + * analyzer. */ @Override public void cleanup() { @@ -196,9 +209,10 @@ public class Engine extends org.owasp.dependencycheck.Engine { } /** - * Resets the file type analyzers so that they can be re-used to scan additional directories. Without the reset the - * analyzer might be disabled because the first scan/analyze did not identify any files that could be processed by - * the analyzer. + * Resets the file type analyzers so that they can be re-used to scan + * additional directories. Without the reset the analyzer might be disabled + * because the first scan/analyze did not identify any files that could be + * processed by the analyzer. */ public void resetFileTypeAnalyzers() { for (FileTypeAnalyzer a : getFileTypeAnalyzers()) {