github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-03-24 18:11:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

changed where the flag is set to only update once in a multi-module project (from issue #168) to resolve issue #191

Browse Source 
Former-commit-id: 56b8342ffeead397b2c9554c36bf360cb4c2b7fe
This commit is contained in:
Jeremy Long
2015-01-21 19:27:13 -05:00
parent 4461c2e4a4
commit 88924ea520
1 changed files with 27 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/Engine.java
View File

@@ -27,8 +27,8 @@ import org.owasp.dependencycheck.data.nvdcve.DatabaseException;
import org.owasp.dependencycheck.utils.Settings; import org.owasp.dependencycheck.utils.Settings;
/** /**
* A modified version of the core engine specifically designed to persist some data between multiple executions of a * A modified version of the core engine specifically designed to persist some
* multi-module Maven project. * data between multiple executions of a multi-module Maven project.
* *
* @author Jeremy Long <jeremy.long@owasp.org> * @author Jeremy Long <jeremy.long@owasp.org>
*/ */
@@ -51,7 +51,8 @@ public class Engine extends org.owasp.dependencycheck.Engine {
*/ */
private List<MavenProject> reactorProjects; private List<MavenProject> reactorProjects;
/** /**
* Key used in the MavenProject context values to note whether or not an update has been executed. * Key used in the MavenProject context values to note whether or not an
* update has been executed.
*/ */
public static final String UPDATE_EXECUTED_FLAG = "dependency-check-update-executed"; public static final String UPDATE_EXECUTED_FLAG = "dependency-check-update-executed";
@@ -59,12 +60,22 @@ public class Engine extends org.owasp.dependencycheck.Engine {
* Creates a new Engine to perform anyalsis on dependencies. * Creates a new Engine to perform anyalsis on dependencies.
* *
* @param project the current Maven project * @param project the current Maven project
* @param reactorProjects the reactor projects for the current Maven execution * @param reactorProjects the reactor projects for the current Maven
* @throws DatabaseException thrown if there is an issue connecting to the database * execution
* @throws DatabaseException thrown if there is an issue connecting to the
* database
*/ */
public Engine(MavenProject project, List<MavenProject> reactorProjects) throws DatabaseException { public Engine(MavenProject project, List<MavenProject> reactorProjects) throws DatabaseException {
this.currentProject = project; this.currentProject = project;
this.reactorProjects = reactorProjects; this.reactorProjects = reactorProjects;
initializeEngine();
}
/**
* Runs the analyzers against all of the dependencies.
*/
@Override
public void analyzeDependencies() {
final MavenProject root = getExecutionRoot(); final MavenProject root = getExecutionRoot();
if (root != null) { if (root != null) {
LOGGER.fine(String.format("Checking root project, %s, if updates have already been completed", root.getArtifactId())); LOGGER.fine(String.format("Checking root project, %s, if updates have already been completed", root.getArtifactId()));
@@ -74,7 +85,7 @@ public class Engine extends org.owasp.dependencycheck.Engine {
if (root != null && root.getContextValue(UPDATE_EXECUTED_FLAG) != null) { if (root != null && root.getContextValue(UPDATE_EXECUTED_FLAG) != null) {
System.setProperty(Settings.KEYS.AUTO_UPDATE, Boolean.FALSE.toString()); System.setProperty(Settings.KEYS.AUTO_UPDATE, Boolean.FALSE.toString());
} }
initializeEngine(); super.analyzeDependencies();
if (root != null) { if (root != null) {
root.setContextValue(UPDATE_EXECUTED_FLAG, Boolean.TRUE); root.setContextValue(UPDATE_EXECUTED_FLAG, Boolean.TRUE);
} }
@@ -83,14 +94,15 @@ public class Engine extends org.owasp.dependencycheck.Engine {
/** /**
* This constructor should not be called. Use Engine(MavenProject) instead. * This constructor should not be called. Use Engine(MavenProject) instead.
* *
* @throws DatabaseException thrown if there is an issue connecting to the database * @throws DatabaseException thrown if there is an issue connecting to the
* database
*/ */
private Engine() throws DatabaseException { private Engine() throws DatabaseException {
} }
/** /**
* Initializes the given analyzer. This skips the initialization of the CPEAnalyzer if it has been initialized by a * Initializes the given analyzer. This skips the initialization of the
* previous execution. * CPEAnalyzer if it has been initialized by a previous execution.
* *
* @param analyzer the analyzer to initialize * @param analyzer the analyzer to initialize
* @return the initialized analyzer * @return the initialized analyzer
@@ -109,7 +121,8 @@ public class Engine extends org.owasp.dependencycheck.Engine {
} }
/** /**
* Releases resources used by the analyzers by calling close() on each analyzer. * Releases resources used by the analyzers by calling close() on each
* analyzer.
*/ */
@Override @Override
public void cleanup() { public void cleanup() {
@@ -196,9 +209,10 @@ public class Engine extends org.owasp.dependencycheck.Engine {
} }
/** /**
* Resets the file type analyzers so that they can be re-used to scan additional directories. Without the reset the * Resets the file type analyzers so that they can be re-used to scan
* analyzer might be disabled because the first scan/analyze did not identify any files that could be processed by * additional directories. Without the reset the analyzer might be disabled
* the analyzer. * because the first scan/analyze did not identify any files that could be
* processed by the analyzer.
*/ */
public void resetFileTypeAnalyzers() { public void resetFileTypeAnalyzers() {
for (FileTypeAnalyzer a : getFileTypeAnalyzers()) { for (FileTypeAnalyzer a : getFileTypeAnalyzers()) {