github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-16 00:33:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

major rework of Analyzers and applicatioin in general.

Browse Source 
Former-commit-id: 3b081380f586686762f8a6fcb102778bfc42b17b
This commit is contained in:
Jeremy Long
2012-09-25 11:36:04 -04:00
parent 0643c68da1
commit 8c4d02c909
41 changed files with 1379 additions and 378 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
src/test/java/org/codesecure/dependencycheck/EngineTest.java
View File

@@ -4,14 +4,7 @@
*/
package org.codesecure.dependencycheck;
import org.codesecure.dependencycheck.Engine;
import org.codesecure.dependencycheck.dependency.Dependency;
import org.codesecure.dependencycheck.data.cpe.CPEQuery;
import java.io.IOException;
import org.codesecure.dependencycheck.data.BaseIndexTestCase;
import java.io.File;
import java.util.List;
import java.util.Map;
import org.codesecure.dependencycheck.data.lucene.BaseIndexTestCase;
import org.codesecure.dependencycheck.reporting.ReportGenerator;
import org.junit.After;
import org.junit.AfterClass;
@@ -24,8 +17,8 @@ import static org.junit.Assert.*;
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class EngineTest extends BaseIndexTestCase{
public class EngineTest extends BaseIndexTestCase {
public EngineTest(String testName) {
super(testName);
}
@@ -37,38 +30,28 @@ public class EngineTest extends BaseIndexTestCase{
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
/**
* Test of scan method, of class Engine.
* @throws Exception is thrown when an exception occurs.
*/
@Test
//TODO remove the throws exception, this needs to be much more grainular.
public void testScan() throws Exception {
System.out.println("scan");
String path = "./src/test/resources";
String path = "./src/test/resources/";
Engine instance = new Engine();
instance.scan(path);
assertTrue(instance.getDependencies().size()>0);
CPEQuery query = new CPEQuery();
query.open();
List<Dependency> dependencies = instance.getDependencies();
for (Dependency d : dependencies) {
query.determineCPE(d);
}
query.close();
assertTrue(instance.getDependencies().size() > 0);
instance.analyzeDependencies();
ReportGenerator rg = new ReportGenerator();
rg.generateReports("./target/", "DependencyCheck", instance.getDependencies());
}
}

2
src/test/java/org/codesecure/dependencycheck/analyzer/AnalyzerServiceTest.java
View File

@@ -53,7 +53,7 @@ public class AnalyzerServiceTest {
while (result.hasNext()) {
Analyzer a = result.next();
Set<String> e = a.getSupportedExtensions();
if (e.contains("jar")) {
if (e != null && e.contains("jar")) {
found = true;
}
}

125
src/test/java/org/codesecure/dependencycheck/analyzer/FileNameAnalyzerTest.java Normal file
View File

@@ -0,0 +1,125 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package org.codesecure.dependencycheck.analyzer;
import java.io.File;
import java.util.Set;
import org.codesecure.dependencycheck.dependency.Dependency;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import static org.junit.Assert.*;
/**
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class FileNameAnalyzerTest {
public FileNameAnalyzerTest() {
}
@BeforeClass
public static void setUpClass() throws Exception {
}
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
/**
* Test of getSupportedExtensions method, of class FileNameAnalyzer.
*/
@Test
public void testGetSupportedExtensions() {
System.out.println("getSupportedExtensions");
FileNameAnalyzer instance = new FileNameAnalyzer();
Set expResult = null;
Set result = instance.getSupportedExtensions();
assertEquals(expResult, result);
}
/**
* Test of getName method, of class FileNameAnalyzer.
*/
@Test
public void testGetName() {
System.out.println("getName");
FileNameAnalyzer instance = new FileNameAnalyzer();
String expResult = "File Name Analyzer";
String result = instance.getName();
assertEquals(expResult, result);
}
/**
* Test of supportsExtension method, of class FileNameAnalyzer.
*/
@Test
public void testSupportsExtension() {
System.out.println("supportsExtension");
String extension = "any";
FileNameAnalyzer instance = new FileNameAnalyzer();
boolean expResult = true;
boolean result = instance.supportsExtension(extension);
assertEquals(expResult, result);
}
/**
* Test of getAnalysisPhase method, of class FileNameAnalyzer.
*/
@Test
public void testGetAnalysisPhase() {
System.out.println("getAnalysisPhase");
FileNameAnalyzer instance = new FileNameAnalyzer();
AnalysisPhase expResult = AnalysisPhase.INFORMATION_COLLECTION;
AnalysisPhase result = instance.getAnalysisPhase();
assertEquals(expResult, result);
}
/**
* Test of analyze method, of class FileNameAnalyzer.
*/
@Test
public void testAnalyze() throws Exception {
System.out.println("analyze");
File file = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
Dependency result = new Dependency(file);
FileNameAnalyzer instance = new FileNameAnalyzer();
instance.analyze(result);
assertTrue(result.getVendorEvidence().toString().toLowerCase().contains("struts"));
}
/**
* Test of initialize method, of class FileNameAnalyzer.
*/
@Test
public void testInitialize() {
System.out.println("initialize");
FileNameAnalyzer instance = new FileNameAnalyzer();
instance.initialize();
assertTrue(true); //initialize does nothing.
}
/**
* Test of close method, of class FileNameAnalyzer.
*/
@Test
public void testClose() {
System.out.println("close");
FileNameAnalyzer instance = new FileNameAnalyzer();
instance.close();
assertTrue(true); //close does nothing.
}
}

34
src/test/java/org/codesecure/dependencycheck/analyzer/JarAnalyzerTest.java
View File

@@ -22,7 +22,7 @@ import static org.junit.Assert.*;
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class JarAnalyzerTest {
public JarAnalyzerTest() {
}
@@ -33,11 +33,11 @@ public class JarAnalyzerTest {
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
@@ -47,20 +47,19 @@ public class JarAnalyzerTest {
* @throws Exception is thrown when an excpetion occurs.
*/
@Test
public void testInsepct() throws Exception {
System.out.println("insepct");
public void testAnalyze() throws Exception {
System.out.println("analyze");
File file = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
Dependency result = new Dependency(file);
JarAnalyzer instance = new JarAnalyzer();
Dependency result = instance.insepct(file);
assertEquals("C30B57142E1CCBC1EFD5CD15F307358F", result.getMd5sum());
assertEquals("89CE9E36AA9A9E03F1450936D2F4F8DD0F961F8B", result.getSha1sum());
instance.analyze(result);
assertTrue(result.getVendorEvidence().toString().toLowerCase().contains("apache"));
assertTrue(result.getVendorEvidence().getWeighting().contains("apache"));
file = new File(this.getClass().getClassLoader().getResource("org.mortbay.jetty.jar").getPath());
result = instance.insepct(file);
result = new Dependency(file);
instance.analyze(result);
boolean found = false;
for (Evidence e : result.getProductEvidence()) {
if (e.getName().equals("package-title") && e.getValue().equals("org.mortbay.http")) {
@@ -69,7 +68,7 @@ public class JarAnalyzerTest {
}
}
assertTrue("package-title of org.mortbay.http not found in org.mortbay.jetty.jar", found);
found = false;
for (Evidence e : result.getVendorEvidence()) {
if (e.getName().equals("implementation-url") && e.getValue().equals("http://jetty.mortbay.org")) {
@@ -78,7 +77,7 @@ public class JarAnalyzerTest {
}
}
assertTrue("implementation-url of http://jetty.mortbay.org not found in org.mortbay.jetty.jar", found);
found = false;
for (Evidence e : result.getVersionEvidence()) {
if (e.getName().equals("Implementation-Version") && e.getValue().equals("4.2.27")) {
@@ -87,10 +86,11 @@ public class JarAnalyzerTest {
}
}
assertTrue("implementation-version of 4.2.27 not found in org.mortbay.jetty.jar", found);
file = new File(this.getClass().getClassLoader().getResource("org.mortbay.jmx.jar").getPath());
result = instance.insepct(file);
assertEquals("org.mortbar,jmx.jar has version evidence?",result.getVersionEvidence().size(),0);
result = new Dependency(file);
instance.analyze(result);
assertEquals("org.mortbar,jmx.jar has version evidence?", result.getVersionEvidence().size(), 0);
}
/**

43
src/test/java/org/codesecure/dependencycheck/data/cpe/CPEQueryTest.java → src/test/java/org/codesecure/dependencycheck/data/cpe/CPEAnalyzerTest.java
View File

@@ -11,18 +11,20 @@ import java.util.List;
import java.util.Set;
import org.apache.lucene.index.CorruptIndexException;
import org.apache.lucene.queryParser.ParseException;
import org.codesecure.dependencycheck.data.BaseIndexTestCase;
import org.codesecure.dependencycheck.data.lucene.BaseIndexTestCase;
import org.codesecure.dependencycheck.dependency.Dependency;
import org.codesecure.dependencycheck.analyzer.JarAnalyzer;
import org.codesecure.dependencycheck.dependency.Evidence;
import org.codesecure.dependencycheck.dependency.Evidence.Confidence;
import org.junit.Test;
/**
*
* @author jeremy
*/
public class CPEQueryTest extends BaseIndexTestCase {
public class CPEAnalyzerTest extends BaseIndexTestCase {
public CPEQueryTest(String testName) {
public CPEAnalyzerTest(String testName) {
super(testName);
}
@@ -37,7 +39,7 @@ public class CPEQueryTest extends BaseIndexTestCase {
}
/**
* Tests of buildSearch of class CPEQuery.
* Tests of buildSearch of class CPEAnalyzer.
* @throws IOException is thrown when an IO Exception occurs.
* @throws CorruptIndexException is thrown when the index is corrupt.
* @throws ParseException is thrown when a parse exception occurs
@@ -54,7 +56,7 @@ public class CPEQueryTest extends BaseIndexTestCase {
String vendor = "apache software foundation";
String product = "struts 2 core";
String version = "2.1.2";
CPEQuery instance = new CPEQuery();
CPEAnalyzer instance = new CPEAnalyzer();
String queryText = instance.buildSearch(vendor, product, version, null, null);
String expResult = " product:( struts 2 core ) AND vendor:( apache software foundation ) AND version:(2.1.2^0.7 )";
@@ -74,13 +76,13 @@ public class CPEQueryTest extends BaseIndexTestCase {
}
/**
* Test of open method, of class CPEQuery.
* Test of open method, of class CPEAnalyzer.
* @throws Exception is thrown when an exception occurs
*/
@Test
public void testOpen() throws Exception {
System.out.println("open");
CPEQuery instance = new CPEQuery();
CPEAnalyzer instance = new CPEAnalyzer();
assertFalse(instance.isOpen());
instance.open();
assertTrue(instance.isOpen());
@@ -89,7 +91,7 @@ public class CPEQueryTest extends BaseIndexTestCase {
}
/**
* Test of determineCPE method, of class CPEQuery.
* Test of determineCPE method, of class CPEAnalyzer.
* @throws Exception is thrown when an exception occurs
*/
@Test
@@ -97,18 +99,20 @@ public class CPEQueryTest extends BaseIndexTestCase {
System.out.println("determineCPE");
File file = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
JarAnalyzer jarAnalyzer = new JarAnalyzer();
Dependency depends = jarAnalyzer.insepct(file);
CPEQuery instance = new CPEQuery();
Dependency depends = new Dependency(file);
jarAnalyzer.analyze(depends);
CPEAnalyzer instance = new CPEAnalyzer();
instance.open();
String expResult = "cpe:/a:apache:struts:2.1.2";
instance.determineCPE(depends);
instance.close();
assertTrue("Incorrect match", depends.getCPEs().contains(expResult));
assertTrue("Incorrect match", depends.getCPEs().size() == 1);
assertTrue("Incorrect match", depends.getIdentifiers().size() == 1);
assertTrue("Incorrect match", depends.getIdentifiers().get(0).getValue().equals(expResult));
}
/**
* Test of searchCPE method, of class CPEQuery.
* Test of searchCPE method, of class CPEAnalyzer.
* @throws Exception is thrown when an exception occurs
*/
@Test
@@ -117,7 +121,7 @@ public class CPEQueryTest extends BaseIndexTestCase {
String vendor = "apache software foundation";
String product = "struts 2 core";
String version = "2.1.2";
CPEQuery instance = new CPEQuery();
CPEAnalyzer instance = new CPEAnalyzer();
instance.open();
String expResult = "cpe:/a:apache:struts:2.1.2";
List<Entry> result = instance.searchCPE(vendor, product, version);
@@ -127,17 +131,14 @@ public class CPEQueryTest extends BaseIndexTestCase {
product = "struts 2 core";
version = "2.3.1.2";
expResult = "cpe:/a:apache:struts";
expResult = "cpe:/a:apache:struts:2.3.1.2";
result = instance.searchCPE(vendor, product, version);
//TODO fix this
assertTrue(result.isEmpty());
//boolean startsWith = result.get(0).getName().startsWith(expResult);
//assertTrue("CPE does not begin with apache struts", startsWith);
assertEquals(expResult, result.get(0).getName());
instance.close();
}
/**
* Test of searchCPE method, of class CPEQuery.
* Test of searchCPE method, of class CPEAnalyzer.
* @throws Exception is thrown when an exception occurs
*/
@Test
@@ -148,7 +149,7 @@ public class CPEQueryTest extends BaseIndexTestCase {
String version = "2.1.2";
String expResult = "cpe:/a:apache:struts:2.1.2";
CPEQuery instance = new CPEQuery();
CPEAnalyzer instance = new CPEAnalyzer();
instance.open();
//TODO - yeah, not a very good test as the results are the same with or without weighting...

2
src/test/java/org/codesecure/dependencycheck/data/cpe/IndexTest.java
View File

@@ -4,7 +4,7 @@
*/
package org.codesecure.dependencycheck.data.cpe;
import org.codesecure.dependencycheck.data.BaseIndexTestCase;
import org.codesecure.dependencycheck.data.lucene.BaseIndexTestCase;
import java.io.IOException;
import java.util.logging.Level;
import java.util.logging.Logger;

2
src/test/java/org/codesecure/dependencycheck/data/BaseIndexTestCase.java → src/test/java/org/codesecure/dependencycheck/data/lucene/BaseIndexTestCase.java
View File

@@ -2,7 +2,7 @@
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package org.codesecure.dependencycheck.data;
package org.codesecure.dependencycheck.data.lucene;
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;

3
src/test/java/org/codesecure/dependencycheck/data/LuceneUtilsTest.java → src/test/java/org/codesecure/dependencycheck/data/lucene/LuceneUtilsTest.java
View File

@@ -2,8 +2,9 @@
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package org.codesecure.dependencycheck.data;
package org.codesecure.dependencycheck.data.lucene;
import org.codesecure.dependencycheck.data.lucene.LuceneUtils;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;

266
src/test/java/org/codesecure/dependencycheck/dependency/DependencyTest.java
View File

@@ -4,6 +4,7 @@
*/
package org.codesecure.dependencycheck.dependency;
import java.io.File;
import org.codesecure.dependencycheck.dependency.Dependency;
import org.codesecure.dependencycheck.dependency.Evidence;
import java.util.List;
@@ -63,4 +64,269 @@ public class DependencyTest {
assertTrue(instance.containsUsedString(str));
assertTrue(instance.containsUsedString(str2));
}
/**
* Test of getFileName method, of class Dependency.
*/
@Test
public void testGetFileName() {
System.out.println("getFileName");
Dependency instance = new Dependency();
String expResult = "filename";
instance.setFileName(expResult);
String result = instance.getFileName();
assertEquals(expResult, result);
}
/**
* Test of setFileName method, of class Dependency.
*/
@Test
public void testSetFileName() {
System.out.println("setFileName");
String fileName = "test.file";
Dependency instance = new Dependency();
instance.setFileName(fileName);
assertEquals(fileName,instance.getFileName());
}
/**
* Test of setActualFilePath method, of class Dependency.
*/
@Test
public void testSetActualFilePath() {
System.out.println("setActualFilePath");
String actualFilePath = "test.file";
Dependency instance = new Dependency();
instance.setActualFilePath(actualFilePath);
assertEquals(actualFilePath,instance.getActualFilePath());
}
/**
* Test of getActualFilePath method, of class Dependency.
*/
@Test
public void testGetActualFilePath() {
System.out.println("getActualFilePath");
Dependency instance = new Dependency();
String expResult = "test.file";
instance.setActualFilePath(expResult);
String result = instance.getActualFilePath();
assertEquals(expResult, result);
}
/**
* Test of setFilePath method, of class Dependency.
*/
@Test
public void testSetFilePath() {
System.out.println("setFilePath");
String filePath = "test.file";
Dependency instance = new Dependency();
instance.setFilePath(filePath);
assertEquals(filePath,instance.getFilePath());
}
/**
* Test of getFilePath method, of class Dependency.
*/
@Test
public void testGetFilePath() {
System.out.println("getFilePath");
Dependency instance = new Dependency();
String expResult = "path/test.file";
instance.setFilePath(expResult);
String result = instance.getFilePath();
assertEquals(expResult, result);
}
/**
* Test of setFileExtension method, of class Dependency.
*/
@Test
public void testSetFileExtension() {
System.out.println("setFileExtension");
String fileExtension = "jar";
Dependency instance = new Dependency();
instance.setFileExtension(fileExtension);
assertEquals(fileExtension,instance.getFileExtension());
}
/**
* Test of getFileExtension method, of class Dependency.
*/
@Test
public void testGetFileExtension() {
System.out.println("getFileExtension");
Dependency instance = new Dependency();
String expResult = "jar";
instance.setFileExtension(expResult);
String result = instance.getFileExtension();
assertEquals(expResult, result);
}
/**
* Test of getMd5sum method, of class Dependency.
*/
@Test
public void testGetMd5sum() {
System.out.println("getMd5sum");
File file = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
Dependency instance = new Dependency(file);
// assertEquals("89CE9E36AA9A9E03F1450936D2F4F8DD0F961F8B", result.getSha1sum());
String expResult = "C30B57142E1CCBC1EFD5CD15F307358F";
String result = instance.getMd5sum();
assertEquals(expResult, result);
}
/**
* Test of setMd5sum method, of class Dependency.
*/
@Test
public void testSetMd5sum() {
System.out.println("setMd5sum");
String md5sum = "test";
Dependency instance = new Dependency();
instance.setMd5sum(md5sum);
assertEquals(md5sum,instance.getMd5sum());
}
/**
* Test of getSha1sum method, of class Dependency.
*/
@Test
public void testGetSha1sum() {
System.out.println("getSha1sum");
File file = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
Dependency instance = new Dependency(file);
String expResult = "89CE9E36AA9A9E03F1450936D2F4F8DD0F961F8B";
String result = instance.getSha1sum();
assertEquals(expResult, result);
}
/**
* Test of setSha1sum method, of class Dependency.
*/
@Test
public void testSetSha1sum() {
System.out.println("setSha1sum");
String sha1sum = "test";
Dependency instance = new Dependency();
instance.setSha1sum(sha1sum);
assertEquals(sha1sum,instance.getSha1sum());
}
/**
* Test of getIdentifiers method, of class Dependency.
*/
@Test
public void testGetIdentifiers() {
System.out.println("getIdentifiers");
Dependency instance = new Dependency();
List expResult = null;
List result = instance.getIdentifiers();
assertTrue(true); //this is just a getter setter pair.
}
/**
* Test of setIdentifiers method, of class Dependency.
*/
@Test
public void testSetIdentifiers() {
System.out.println("setIdentifiers");
List<Identifier> identifiers = null;
Dependency instance = new Dependency();
instance.setIdentifiers(identifiers);
assertTrue(true); //this is just a getter setter pair.
}
/**
* Test of addIdentifier method, of class Dependency.
*/
@Test
public void testAddIdentifier() {
System.out.println("addIdentifier");
String type = "cpe";
String value = "cpe:/a:apache:struts:2.1.2";
String title = "Apache Struts 2.1.2";
String url = "http://somewhere";
Dependency instance = new Dependency();
instance.addIdentifier(type, value, title, url);
assertEquals(1,instance.getIdentifiers().size());
Identifier i = instance.getIdentifiers().get(0);
assertEquals(type,i.getType());
assertEquals(value, i.getValue());
assertEquals(title, i.getTitle());
assertEquals(url, i.getUrl());
}
/**
* Test of getEvidence method, of class Dependency.
*/
@Test
public void testGetEvidence() {
System.out.println("getEvidence");
Dependency instance = new Dependency();
EvidenceCollection expResult = null;
EvidenceCollection result = instance.getEvidence();
assertTrue(true); //this is just a getter setter pair.
}
/**
* Test of getEvidenceUsed method, of class Dependency.
*/
@Test
public void testGetEvidenceUsed() {
System.out.println("getEvidenceUsed");
Dependency instance = new Dependency();
String expResult = "used";
instance.getProductEvidence().addEvidence("used", "used", "used", Evidence.Confidence.HIGH);
instance.getProductEvidence().addEvidence("not", "not", "not", Evidence.Confidence.MEDIUM);
for (Evidence e : instance.getProductEvidence().iterator(Evidence.Confidence.HIGH)) {
String use = e.getValue();
}
EvidenceCollection result = instance.getEvidenceUsed();
assertEquals(1, result.size());
assertTrue(result.containsUsedString(expResult));
}
/**
* Test of getVendorEvidence method, of class Dependency.
*/
@Test
public void testGetVendorEvidence() {
System.out.println("getVendorEvidence");
Dependency instance = new Dependency();
EvidenceCollection expResult = null;
EvidenceCollection result = instance.getVendorEvidence();
assertTrue(true); //this is just a getter setter pair.
}
/**
* Test of getProductEvidence method, of class Dependency.
*/
@Test
public void testGetProductEvidence() {
System.out.println("getProductEvidence");
Dependency instance = new Dependency();
EvidenceCollection expResult = null;
EvidenceCollection result = instance.getProductEvidence();
assertTrue(true); //this is just a getter setter pair.
}
/**
* Test of getVersionEvidence method, of class Dependency.
*/
@Test
public void testGetVersionEvidence() {
System.out.println("getVersionEvidence");
Dependency instance = new Dependency();
EvidenceCollection expResult = null;
EvidenceCollection result = instance.getVersionEvidence();
assertTrue(true); //this is just a getter setter pair.
}
}

102
src/test/java/org/codesecure/dependencycheck/reporting/ReportGeneratorTest.java
View File

@@ -10,7 +10,7 @@ import java.util.ArrayList;
import java.io.File;
import org.codesecure.dependencycheck.dependency.Dependency;
import java.util.HashMap;
import org.codesecure.dependencycheck.data.BaseIndexTestCase;
import org.codesecure.dependencycheck.data.lucene.BaseIndexTestCase;
import java.util.Map;
import org.codesecure.dependencycheck.dependency.Evidence.Confidence;
import org.junit.After;
@@ -56,56 +56,56 @@ public class ReportGeneratorTest extends BaseIndexTestCase {
public void testGenerateReport() throws Exception {
System.out.println("generateReport");
String templateName = "HtmlReport";
File f = new File("target/test-reports");
if (!f.exists()) {
f.mkdir();
}
String writeTo = "target/test-reports/Report.html";
Map<String, Object> properties = new HashMap<String, Object>();
Dependency d = new Dependency();
d.setFileName("FileName.jar");
d.setActualFilePath("lib/FileName.jar");
d.addCPEentry("cpe://a:/some:cpe:1.0");
List<Dependency> dependencies = new ArrayList<Dependency>();
d.getProductEvidence().addEvidence("jar","filename","<test>test", Confidence.HIGH);
d.getProductEvidence().addEvidence("manifest","vendor","<test>test", Confidence.HIGH);
for (Evidence e : d.getProductEvidence().iterator(Confidence.HIGH)) {
String t = e.getValue();
}
dependencies.add(d);
Dependency d2 = new Dependency();
d2.setFileName("Another.jar");
d2.setActualFilePath("lib/Another.jar");
d2.addCPEentry("cpe://a:/another:cpe:1.0");
d2.addCPEentry("cpe://a:/another:cpe:1.1");
d2.addCPEentry("cpe://a:/another:cpe:1.2");
d2.getProductEvidence().addEvidence("jar","filename","another.jar", Confidence.HIGH);
d2.getProductEvidence().addEvidence("manifest","vendor","Company A", Confidence.MEDIUM);
for (Evidence e : d2.getProductEvidence().iterator(Confidence.HIGH)) {
String t = e.getValue();
}
dependencies.add(d2);
Dependency d3 = new Dependency();
d3.setFileName("Third.jar");
d3.setActualFilePath("lib/Third.jar");
d3.getProductEvidence().addEvidence("jar","filename","third.jar", Confidence.HIGH);
for (Evidence e : d3.getProductEvidence().iterator(Confidence.HIGH)) {
String t = e.getValue();
}
dependencies.add(d3);
properties.put("dependencies",dependencies);
ReportGenerator instance = new ReportGenerator();
instance.generateReport(templateName, writeTo, properties);
// File f = new File("target/test-reports");
// if (!f.exists()) {
// f.mkdir();
// }
// String writeTo = "target/test-reports/Report.html";
// Map<String, Object> properties = new HashMap<String, Object>();
// Dependency d = new Dependency();
// d.setFileName("FileName.jar");
// d.setActualFilePath("lib/FileName.jar");
// d.addCPEentry("cpe://a:/some:cpe:1.0");
//
// List<Dependency> dependencies = new ArrayList<Dependency>();
// d.getProductEvidence().addEvidence("jar","filename","<test>test", Confidence.HIGH);
// d.getProductEvidence().addEvidence("manifest","vendor","<test>test", Confidence.HIGH);
//
// for (Evidence e : d.getProductEvidence().iterator(Confidence.HIGH)) {
// String t = e.getValue();
// }
// dependencies.add(d);
//
// Dependency d2 = new Dependency();
// d2.setFileName("Another.jar");
// d2.setActualFilePath("lib/Another.jar");
// d2.addCPEentry("cpe://a:/another:cpe:1.0");
// d2.addCPEentry("cpe://a:/another:cpe:1.1");
// d2.addCPEentry("cpe://a:/another:cpe:1.2");
// d2.getProductEvidence().addEvidence("jar","filename","another.jar", Confidence.HIGH);
// d2.getProductEvidence().addEvidence("manifest","vendor","Company A", Confidence.MEDIUM);
//
// for (Evidence e : d2.getProductEvidence().iterator(Confidence.HIGH)) {
// String t = e.getValue();
// }
//
// dependencies.add(d2);
//
// Dependency d3 = new Dependency();
// d3.setFileName("Third.jar");
// d3.setActualFilePath("lib/Third.jar");
// d3.getProductEvidence().addEvidence("jar","filename","third.jar", Confidence.HIGH);
//
// for (Evidence e : d3.getProductEvidence().iterator(Confidence.HIGH)) {
// String t = e.getValue();
// }
//
// dependencies.add(d3);
//
// properties.put("dependencies",dependencies);
//
// ReportGenerator instance = new ReportGenerator();
// instance.generateReport(templateName, writeTo, properties);
//TODO add an assertion here...
//assertTrue("need to add a real check here", false);
}

189
src/test/resources/MANIFEST.MF Normal file
View File

@@ -0,0 +1,189 @@
Manifest-Version: 1.0
Archiver-Version: Plexus Archiver
Created-By: 1.5.0_10 (Sun Microsystems Inc.)
Built-By: dbrown
Build-Jdk: 1.5.0_10
Bundle-License: http://www.apache.org/licenses/LICENSE-2.0.txt
Import-Package: com.opensymphony.xwork2,com.opensymphony.xwork2.config
,com.opensymphony.xwork2.config.entities,com.opensymphony.xwork2.conf
ig.providers,com.opensymphony.xwork2.conversion,com.opensymphony.xwor
k2.conversion.impl,com.opensymphony.xwork2.inject,com.opensymphony.xw
ork2.interceptor,com.opensymphony.xwork2.ognl,com.opensymphony.xwork2
.util,com.opensymphony.xwork2.util.location,com.opensymphony.xwork2.u
til.logging,com.opensymphony.xwork2.util.profiling,com.opensymphony.x
work2.util.reflection,com.opensymphony.xwork2.validator,freemarker.ca
che,freemarker.core,freemarker.ext.beans,freemarker.ext.jsp,freemarke
r.ext.servlet,freemarker.ext.util,freemarker.template,javax.servlet,j
avax.servlet.http,javax.servlet.jsp,javax.servlet.jsp.tagext,javax.xm
l.transform,javax.xml.transform.dom,javax.xml.transform.stream,ognl,o
rg.apache.commons.fileupload;version="1.2",org.apache.commons.fileupl
oad.disk;version="1.2",org.apache.commons.fileupload.servlet;version=
"1.2",org.apache.struts2;version="2.1.2",org.apache.struts2.component
s;version="2.1.2",org.apache.struts2.components.template;version="2.1
.2",org.apache.struts2.config;version="2.1.2",org.apache.struts2.disp
atcher;version="2.1.2",org.apache.struts2.dispatcher.mapper;version="
2.1.2",org.apache.struts2.dispatcher.multipart;version="2.1.2",org.ap
ache.struts2.impl;version="2.1.2",org.apache.struts2.interceptor;vers
ion="2.1.2",org.apache.struts2.interceptor.debugging;version="2.1.2",
org.apache.struts2.interceptor.validation;version="2.1.2",org.apache.
struts2.servlet.interceptor;version="2.1.2",org.apache.struts2.static
;version="2.1.2",org.apache.struts2.util;version="2.1.2",org.apache.s
truts2.views;version="2.1.2",org.apache.struts2.views.annotations;ver
sion="2.1.2",org.apache.struts2.views.freemarker;version="2.1.2",org.
apache.struts2.views.freemarker.tags;version="2.1.2",org.apache.strut
s2.views.jsp;version="2.1.2",org.apache.struts2.views.jsp.iterator;ve
rsion="2.1.2",org.apache.struts2.views.jsp.ui;version="2.1.2",org.apa
che.struts2.views.jsp.ui.table;version="2.1.2",org.apache.struts2.vie
ws.util;version="2.1.2",org.apache.struts2.views.velocity;version="2.
1.2",org.apache.struts2.views.velocity.components;version="2.1.2",org
.apache.struts2.views.xslt;version="2.1.2",org.apache.velocity,org.ap
ache.velocity.app,org.apache.velocity.context,org.apache.velocity.exc
eption,org.apache.velocity.runtime.directive,org.apache.velocity.runt
ime.parser.node,org.apache.velocity.runtime.resource.loader,org.apach
e.velocity.tools.view,org.apache.velocity.tools.view.context,org.apac
he.velocity.tools.view.servlet,org.w3c.dom,org.xml.sax,template.archi
ve.ajax;version="2.1.2",template.archive.simple;version="2.1.2",templ
ate.archive.xhtml;version="2.1.2",template.css_xhtml;version="2.1.2",
template.simple;version="2.1.2",template.xhtml;version="2.1.2"
Bnd-LastModified: 1209700736700
Export-Package: org.apache.struts2.views.xslt;uses:="javax.servlet.htt
p,com.opensymphony.xwork2,org.xml.sax,org.apache.struts2,org.w3c.dom,
com.opensymphony.xwork2.util.logging,javax.xml.transform,javax.xml.tr
ansform.dom,com.opensymphony.xwork2.util,javax.servlet,com.opensympho
ny.xwork2.inject,javax.xml.transform.stream";version="2.1.2",org.apac
he.struts2.static;version="2.1.2",org.apache.struts2.views;uses:="org
.apache.struts2.views.freemarker.tags,javax.servlet.http,com.opensymp
hony.xwork2.util,javax.servlet,org.apache.struts2.views.velocity.comp
onents";version="2.1.2",org.apache.struts2.views.freemarker.tags;uses
:="freemarker.ext.beans,freemarker.template,javax.servlet.http,com.op
ensymphony.xwork2.util,org.apache.struts2.components,com.opensymphony
.xwork2.util.logging,com.opensymphony.xwork2.inject";version="2.1.2",
template.archive.xhtml;version="2.1.2",org.apache.struts2.dispatcher.
mapper;uses:="javax.servlet.http,com.opensymphony.xwork2,com.opensymp
hony.xwork2.config,org.apache.struts2,com.opensymphony.xwork2.util.lo
gging,org.apache.struts2.dispatcher,org.apache.struts2.util,com.opens
ymphony.xwork2.config.entities,com.opensymphony.xwork2.inject";versio
n="2.1.2",org.apache.struts2;uses:="com.opensymphony.xwork2,javax.ser
vlet.http,com.opensymphony.xwork2.util,org.apache.struts2.dispatcher.
mapper,javax.servlet,javax.servlet.jsp,com.opensymphony.xwork2.util.l
ocation";version="2.1.2",template.css_xhtml;version="2.1.2",template.
archive.ajax;version="2.1.2",org.apache.struts2.interceptor;uses:="co
m.opensymphony.xwork2,javax.servlet.http,org.apache.struts2.servlet.i
nterceptor,org.apache.struts2.dispatcher.mapper,org.apache.struts2,co
m.opensymphony.xwork2.util.logging,org.apache.struts2.dispatcher,com.
opensymphony.xwork2.util,javax.servlet,org.apache.struts2.util,com.op
ensymphony.xwork2.config.entities,com.opensymphony.xwork2.util.profil
ing,com.opensymphony.xwork2.inject,org.apache.struts2.dispatcher.mult
ipart,com.opensymphony.xwork2.interceptor";version="2.1.2",org.apache
.struts2.dispatcher;uses:="org.apache.struts2.views,javax.servlet.htt
p,org.apache.struts2.dispatcher.mapper,com.opensymphony.xwork2.config
,org.apache.struts2,com.opensymphony.xwork2.config.providers,org.apac
he.struts2.views.freemarker,freemarker.template,javax.servlet,org.apa
che.struts2.views.velocity,org.apache.struts2.util,com.opensymphony.x
work2.config.entities,org.apache.velocity.app,org.apache.velocity,org
.apache.velocity.context,com.opensymphony.xwork2.inject,com.opensymph
ony.xwork2.util.location,com.opensymphony.xwork2,com.opensymphony.xwo
rk2.util.logging,com.opensymphony.xwork2.util.reflection,javax.servle
t.jsp,org.apache.struts2.views.util,org.apache.struts2.config,com.ope
nsymphony.xwork2.util,com.opensymphony.xwork2.util.profiling,org.apac
he.struts2.dispatcher.multipart";version="2.1.2",org.apache.struts2.v
iews.freemarker;uses:="com.opensymphony.xwork2,javax.servlet.http,org
.apache.struts2.views,freemarker.ext.jsp,freemarker.cache,org.apache.
struts2,freemarker.ext.util,com.opensymphony.xwork2.util.logging,org.
apache.struts2.dispatcher,org.apache.struts2.views.util,freemarker.ex
t.servlet,freemarker.ext.beans,freemarker.template,freemarker.core,co
m.opensymphony.xwork2.util,javax.servlet,com.opensymphony.xwork2.inje
ct";version="2.1.2",org.apache.struts2.interceptor.validation;uses:="
com.opensymphony.xwork2,javax.servlet.http,org.apache.struts2,com.ope
nsymphony.xwork2.validator,com.opensymphony.xwork2.util.logging,com.o
pensymphony.xwork2.interceptor";version="2.1.2",org.apache.struts2.ut
il;uses:="javax.servlet.http,com.opensymphony.xwork2,com.opensymphony
.xwork2.conversion.impl,com.opensymphony.xwork2.util.logging,org.apac
he.struts2.dispatcher,org.apache.struts2.views.util,javax.servlet.jsp
,org.apache.velocity.exception,com.opensymphony.xwork2.util,javax.ser
vlet,org.apache.struts2.views.jsp.ui,org.apache.velocity.app,org.apac
he.velocity.context,com.opensymphony.xwork2.inject";version="2.1.2",o
rg.apache.struts2.views.velocity;uses:="javax.servlet.http,org.apache
.struts2.views,com.opensymphony.xwork2,org.apache.velocity.tools.view
,org.apache.struts2,com.opensymphony.xwork2.util.logging,org.apache.s
truts2.views.util,org.apache.velocity.tools.view.servlet,org.apache.v
elocity.tools.view.context,org.apache.velocity.exception,org.apache.v
elocity.runtime.resource.loader,com.opensymphony.xwork2.util,javax.se
rvlet,org.apache.struts2.util,org.apache.velocity.app,com.opensymphon
y.xwork2.inject,org.apache.velocity.context,org.apache.velocity";vers
ion="2.1.2",template.simple;version="2.1.2",org.apache.struts2.interc
eptor.debugging;uses:="com.opensymphony.xwork2,javax.servlet.http,org
.apache.struts2,com.opensymphony.xwork2.util.logging,com.opensymphony
.xwork2.util.reflection,org.apache.struts2.views.freemarker,com.opens
ymphony.xwork2.util,com.opensymphony.xwork2.inject,com.opensymphony.x
work2.interceptor";version="2.1.2",org.apache.struts2.views.jsp.ui;us
es:="javax.servlet.http,com.opensymphony.xwork2.util,org.apache.strut
s2.components,javax.servlet.jsp.tagext,org.apache.struts2.views.jsp,c
om.opensymphony.xwork2.inject,ognl,javax.servlet.jsp,com.opensymphony
.xwork2.ognl";version="2.1.2",org.apache.struts2.views.annotations;ve
rsion="2.1.2",template.archive.simple;version="2.1.2",org.apache.stru
ts2.servlet.interceptor;uses:="javax.servlet.http,org.apache.struts2.
interceptor";version="2.1.2",org.apache.struts2.components;uses:="jav
ax.servlet.http,org.apache.struts2.dispatcher.mapper,com.opensymphony
.xwork2.config,org.apache.struts2,org.apache.struts2.dispatcher,javax
.servlet,org.apache.struts2.util,com.opensymphony.xwork2.config.entit
ies,com.opensymphony.xwork2.inject,org.apache.struts2.views.annotatio
ns,com.opensymphony.xwork2.interceptor,com.opensymphony.xwork2,org.ap
ache.struts2.views.jsp,org.apache.struts2.components.template,com.ope
nsymphony.xwork2.util.logging,com.opensymphony.xwork2.validator,com.o
pensymphony.xwork2.util.reflection,javax.servlet.jsp,org.apache.strut
s2.views.util,com.opensymphony.xwork2.util";version="2.1.2",org.apach
e.struts2.views.jsp.iterator;uses:="javax.servlet.http,com.opensympho
ny.xwork2.util,org.apache.struts2.util,org.apache.struts2.components,
org.apache.struts2.views.jsp,com.opensymphony.xwork2.util.logging,jav
ax.servlet.jsp,org.apache.struts2.views.annotations";version="2.1.2",
org.apache.struts2.components.template;uses:="com.opensymphony.xwork2
,javax.servlet.http,freemarker.cache,org.apache.struts2.components,co
m.opensymphony.xwork2.config,com.opensymphony.xwork2.util.logging,jav
ax.servlet.jsp,org.apache.struts2.views.freemarker,freemarker.templat
e,com.opensymphony.xwork2.util,freemarker.core,javax.servlet,org.apac
he.struts2.views.velocity,org.apache.velocity.app,org.apache.velocity
.context,org.apache.velocity,com.opensymphony.xwork2.inject";version=
"2.1.2",org.apache.struts2.views.jsp;uses:="com.opensymphony.xwork2,j
avax.servlet.http,org.apache.struts2.dispatcher.mapper,org.apache.str
uts2.components,com.opensymphony.xwork2.config,javax.servlet.jsp.tage
xt,org.apache.struts2,com.opensymphony.xwork2.util.logging,org.apache
.struts2.dispatcher,org.apache.struts2.views.util,javax.servlet.jsp,c
om.opensymphony.xwork2.util,javax.servlet,org.apache.struts2.util,com
.opensymphony.xwork2.inject";version="2.1.2",org.apache.struts2.views
.velocity.components;uses:="org.apache.velocity.exception,javax.servl
et.http,com.opensymphony.xwork2.util,org.apache.velocity.runtime.pars
er.node,org.apache.struts2.components,com.opensymphony.xwork2.inject,
org.apache.velocity.context,org.apache.velocity.runtime.directive";ve
rsion="2.1.2",org.apache.struts2.config;uses:="com.opensymphony.xwork
2,org.apache.struts2.dispatcher.mapper,com.opensymphony.xwork2.conver
sion.impl,org.apache.struts2.components,com.opensymphony.xwork2.confi
g,org.apache.struts2,com.opensymphony.xwork2.util.logging,com.opensym
phony.xwork2.validator,com.opensymphony.xwork2.util.reflection,com.op
ensymphony.xwork2.config.providers,com.opensymphony.xwork2.conversion
,org.apache.struts2.views.freemarker,com.opensymphony.xwork2.util,jav
ax.servlet,org.apache.struts2.util,org.apache.struts2.views.velocity,
com.opensymphony.xwork2.inject,org.apache.struts2.dispatcher.multipar
t,com.opensymphony.xwork2.util.location";version="2.1.2",org.apache.s
truts2.views.util;uses:="javax.servlet.http,com.opensymphony.xwork2,o
rg.apache.struts2,com.opensymphony.xwork2.util.logging,com.opensympho
ny.xwork2.util,org.apache.struts2.util,org.apache.struts2.views.jsp.u
i,com.opensymphony.xwork2.inject";version="2.1.2",org.apache.struts2.
impl;uses:="com.opensymphony.xwork2,com.opensymphony.xwork2.config.en
tities,com.opensymphony.xwork2.config,com.opensymphony.xwork2.inject,
com.opensymphony.xwork2.util.reflection,com.opensymphony.xwork2.inter
ceptor";version="2.1.2",org.apache.struts2.views.jsp.ui.table;version
="2.1.2",template.xhtml;version="2.1.2",org.apache.struts2.dispatcher
.multipart;uses:="javax.servlet.http,javax.servlet,org.apache.commons
.fileupload.servlet,com.opensymphony.xwork2.util.logging,com.opensymp
hony.xwork2.inject,org.apache.struts2.dispatcher,org.apache.commons.f
ileupload.disk,org.apache.commons.fileupload";version="2.1.2"
Bundle-Version: 2.1.2
Bundle-Description: Apache Struts 2
Bundle-Name: Struts 2 Core
Bundle-DocURL: http://www.apache.org
Bundle-ManifestVersion: 2
Bundle-Vendor: Apache Software Foundation
Bundle-SymbolicName: org.apache.struts.struts2-core
Tool: Bnd-0.0.238