github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-15 00:03:43 +01:00
Code Issues Packages Projects Releases Wiki Activity

major rework of Analyzers and applicatioin in general.

Browse Source 
Former-commit-id: 3b081380f586686762f8a6fcb102778bfc42b17b
This commit is contained in:
Jeremy Long
2012-09-25 11:36:04 -04:00
parent 0643c68da1
commit 8c4d02c909
41 changed files with 1379 additions and 378 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
src/test/java/org/codesecure/dependencycheck/EngineTest.java
View File

@@ -4,14 +4,7 @@
*/
package org.codesecure.dependencycheck;
import org.codesecure.dependencycheck.Engine;
import org.codesecure.dependencycheck.dependency.Dependency;
import org.codesecure.dependencycheck.data.cpe.CPEQuery;
import java.io.IOException;
import org.codesecure.dependencycheck.data.BaseIndexTestCase;
import java.io.File;
import java.util.List;
import java.util.Map;
import org.codesecure.dependencycheck.data.lucene.BaseIndexTestCase;
import org.codesecure.dependencycheck.reporting.ReportGenerator;
import org.junit.After;
import org.junit.AfterClass;
@@ -24,8 +17,8 @@ import static org.junit.Assert.*;
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class EngineTest extends BaseIndexTestCase{
public class EngineTest extends BaseIndexTestCase {
public EngineTest(String testName) {
super(testName);
}
@@ -37,38 +30,28 @@ public class EngineTest extends BaseIndexTestCase{
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
/**
* Test of scan method, of class Engine.
* @throws Exception is thrown when an exception occurs.
*/
@Test
//TODO remove the throws exception, this needs to be much more grainular.
public void testScan() throws Exception {
System.out.println("scan");
String path = "./src/test/resources";
String path = "./src/test/resources/";
Engine instance = new Engine();
instance.scan(path);
assertTrue(instance.getDependencies().size()>0);
CPEQuery query = new CPEQuery();
query.open();
List<Dependency> dependencies = instance.getDependencies();
for (Dependency d : dependencies) {
query.determineCPE(d);
}
query.close();
assertTrue(instance.getDependencies().size() > 0);
instance.analyzeDependencies();
ReportGenerator rg = new ReportGenerator();
rg.generateReports("./target/", "DependencyCheck", instance.getDependencies());
}
}

2
src/test/java/org/codesecure/dependencycheck/analyzer/AnalyzerServiceTest.java
View File

@@ -53,7 +53,7 @@ public class AnalyzerServiceTest {
while (result.hasNext()) {
Analyzer a = result.next();
Set<String> e = a.getSupportedExtensions();
if (e.contains("jar")) {
if (e != null && e.contains("jar")) {
found = true;
}
}

125
src/test/java/org/codesecure/dependencycheck/analyzer/FileNameAnalyzerTest.java Normal file
View File

@@ -0,0 +1,125 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package org.codesecure.dependencycheck.analyzer;
import java.io.File;
import java.util.Set;
import org.codesecure.dependencycheck.dependency.Dependency;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import static org.junit.Assert.*;
/**
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class FileNameAnalyzerTest {
public FileNameAnalyzerTest() {
}
@BeforeClass
public static void setUpClass() throws Exception {
}
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
/**
* Test of getSupportedExtensions method, of class FileNameAnalyzer.
*/
@Test
public void testGetSupportedExtensions() {
System.out.println("getSupportedExtensions");
FileNameAnalyzer instance = new FileNameAnalyzer();
Set expResult = null;
Set result = instance.getSupportedExtensions();
assertEquals(expResult, result);
}
/**
* Test of getName method, of class FileNameAnalyzer.
*/
@Test
public void testGetName() {
System.out.println("getName");
FileNameAnalyzer instance = new FileNameAnalyzer();
String expResult = "File Name Analyzer";
String result = instance.getName();
assertEquals(expResult, result);
}
/**
* Test of supportsExtension method, of class FileNameAnalyzer.
*/
@Test
public void testSupportsExtension() {
System.out.println("supportsExtension");
String extension = "any";
FileNameAnalyzer instance = new FileNameAnalyzer();
boolean expResult = true;
boolean result = instance.supportsExtension(extension);
assertEquals(expResult, result);
}
/**
* Test of getAnalysisPhase method, of class FileNameAnalyzer.
*/
@Test
public void testGetAnalysisPhase() {
System.out.println("getAnalysisPhase");
FileNameAnalyzer instance = new FileNameAnalyzer();
AnalysisPhase expResult = AnalysisPhase.INFORMATION_COLLECTION;
AnalysisPhase result = instance.getAnalysisPhase();
assertEquals(expResult, result);
}
/**
* Test of analyze method, of class FileNameAnalyzer.
*/
@Test
public void testAnalyze() throws Exception {
System.out.println("analyze");
File file = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
Dependency result = new Dependency(file);
FileNameAnalyzer instance = new FileNameAnalyzer();
instance.analyze(result);
assertTrue(result.getVendorEvidence().toString().toLowerCase().contains("struts"));
}
/**
* Test of initialize method, of class FileNameAnalyzer.
*/
@Test
public void testInitialize() {
System.out.println("initialize");
FileNameAnalyzer instance = new FileNameAnalyzer();
instance.initialize();
assertTrue(true); //initialize does nothing.
}
/**
* Test of close method, of class FileNameAnalyzer.
*/
@Test
public void testClose() {
System.out.println("close");
FileNameAnalyzer instance = new FileNameAnalyzer();
instance.close();
assertTrue(true); //close does nothing.
}
}

34
src/test/java/org/codesecure/dependencycheck/analyzer/JarAnalyzerTest.java
View File

@@ -22,7 +22,7 @@ import static org.junit.Assert.*;
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class JarAnalyzerTest {
public JarAnalyzerTest() {
}
@@ -33,11 +33,11 @@ public class JarAnalyzerTest {
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
@@ -47,20 +47,19 @@ public class JarAnalyzerTest {
* @throws Exception is thrown when an excpetion occurs.
*/
@Test
public void testInsepct() throws Exception {
System.out.println("insepct");
public void testAnalyze() throws Exception {
System.out.println("analyze");
File file = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
Dependency result = new Dependency(file);
JarAnalyzer instance = new JarAnalyzer();
Dependency result = instance.insepct(file);
assertEquals("C30B57142E1CCBC1EFD5CD15F307358F", result.getMd5sum());
assertEquals("89CE9E36AA9A9E03F1450936D2F4F8DD0F961F8B", result.getSha1sum());
instance.analyze(result);
assertTrue(result.getVendorEvidence().toString().toLowerCase().contains("apache"));
assertTrue(result.getVendorEvidence().getWeighting().contains("apache"));
file = new File(this.getClass().getClassLoader().getResource("org.mortbay.jetty.jar").getPath());
result = instance.insepct(file);
result = new Dependency(file);
instance.analyze(result);
boolean found = false;
for (Evidence e : result.getProductEvidence()) {
if (e.getName().equals("package-title") && e.getValue().equals("org.mortbay.http")) {
@@ -69,7 +68,7 @@ public class JarAnalyzerTest {
}
}
assertTrue("package-title of org.mortbay.http not found in org.mortbay.jetty.jar", found);
found = false;
for (Evidence e : result.getVendorEvidence()) {
if (e.getName().equals("implementation-url") && e.getValue().equals("http://jetty.mortbay.org")) {
@@ -78,7 +77,7 @@ public class JarAnalyzerTest {
}
}
assertTrue("implementation-url of http://jetty.mortbay.org not found in org.mortbay.jetty.jar", found);
found = false;
for (Evidence e : result.getVersionEvidence()) {
if (e.getName().equals("Implementation-Version") && e.getValue().equals("4.2.27")) {
@@ -87,10 +86,11 @@ public class JarAnalyzerTest {
}
}
assertTrue("implementation-version of 4.2.27 not found in org.mortbay.jetty.jar", found);
file = new File(this.getClass().getClassLoader().getResource("org.mortbay.jmx.jar").getPath());
result = instance.insepct(file);
assertEquals("org.mortbar,jmx.jar has version evidence?",result.getVersionEvidence().size(),0);
result = new Dependency(file);
instance.analyze(result);
assertEquals("org.mortbar,jmx.jar has version evidence?", result.getVersionEvidence().size(), 0);
}
/**

43
src/test/java/org/codesecure/dependencycheck/data/cpe/CPEQueryTest.java → src/test/java/org/codesecure/dependencycheck/data/cpe/CPEAnalyzerTest.java
View File

@@ -11,18 +11,20 @@ import java.util.List;
import java.util.Set;
import org.apache.lucene.index.CorruptIndexException;
import org.apache.lucene.queryParser.ParseException;
import org.codesecure.dependencycheck.data.BaseIndexTestCase;
import org.codesecure.dependencycheck.data.lucene.BaseIndexTestCase;
import org.codesecure.dependencycheck.dependency.Dependency;
import org.codesecure.dependencycheck.analyzer.JarAnalyzer;
import org.codesecure.dependencycheck.dependency.Evidence;
import org.codesecure.dependencycheck.dependency.Evidence.Confidence;
import org.junit.Test;
/**
*
* @author jeremy
*/
public class CPEQueryTest extends BaseIndexTestCase {
public class CPEAnalyzerTest extends BaseIndexTestCase {
public CPEQueryTest(String testName) {
public CPEAnalyzerTest(String testName) {
super(testName);
}
@@ -37,7 +39,7 @@ public class CPEQueryTest extends BaseIndexTestCase {
}
/**
* Tests of buildSearch of class CPEQuery.
* Tests of buildSearch of class CPEAnalyzer.
* @throws IOException is thrown when an IO Exception occurs.
* @throws CorruptIndexException is thrown when the index is corrupt.
* @throws ParseException is thrown when a parse exception occurs
@@ -54,7 +56,7 @@ public class CPEQueryTest extends BaseIndexTestCase {
String vendor = "apache software foundation";
String product = "struts 2 core";
String version = "2.1.2";
CPEQuery instance = new CPEQuery();
CPEAnalyzer instance = new CPEAnalyzer();
String queryText = instance.buildSearch(vendor, product, version, null, null);
String expResult = " product:( struts 2 core ) AND vendor:( apache software foundation ) AND version:(2.1.2^0.7 )";
@@ -74,13 +76,13 @@ public class CPEQueryTest extends BaseIndexTestCase {
}
/**
* Test of open method, of class CPEQuery.
* Test of open method, of class CPEAnalyzer.
* @throws Exception is thrown when an exception occurs
*/
@Test
public void testOpen() throws Exception {
System.out.println("open");
CPEQuery instance = new CPEQuery();
CPEAnalyzer instance = new CPEAnalyzer();
assertFalse(instance.isOpen());
instance.open();
assertTrue(instance.isOpen());
@@ -89,7 +91,7 @@ public class CPEQueryTest extends BaseIndexTestCase {
}
/**
* Test of determineCPE method, of class CPEQuery.
* Test of determineCPE method, of class CPEAnalyzer.
* @throws Exception is thrown when an exception occurs
*/
@Test
@@ -97,18 +99,20 @@ public class CPEQueryTest extends BaseIndexTestCase {
System.out.println("determineCPE");
File file = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
JarAnalyzer jarAnalyzer = new JarAnalyzer();
Dependency depends = jarAnalyzer.insepct(file);
CPEQuery instance = new CPEQuery();
Dependency depends = new Dependency(file);
jarAnalyzer.analyze(depends);
CPEAnalyzer instance = new CPEAnalyzer();
instance.open();
String expResult = "cpe:/a:apache:struts:2.1.2";
instance.determineCPE(depends);
instance.close();
assertTrue("Incorrect match", depends.getCPEs().contains(expResult));
assertTrue("Incorrect match", depends.getCPEs().size() == 1);
assertTrue("Incorrect match", depends.getIdentifiers().size() == 1);
assertTrue("Incorrect match", depends.getIdentifiers().get(0).getValue().equals(expResult));
}
/**
* Test of searchCPE method, of class CPEQuery.
* Test of searchCPE method, of class CPEAnalyzer.
* @throws Exception is thrown when an exception occurs
*/
@Test
@@ -117,7 +121,7 @@ public class CPEQueryTest extends BaseIndexTestCase {
String vendor = "apache software foundation";
String product = "struts 2 core";
String version = "2.1.2";
CPEQuery instance = new CPEQuery();
CPEAnalyzer instance = new CPEAnalyzer();
instance.open();
String expResult = "cpe:/a:apache:struts:2.1.2";
List<Entry> result = instance.searchCPE(vendor, product, version);
@@ -127,17 +131,14 @@ public class CPEQueryTest extends BaseIndexTestCase {
product = "struts 2 core";
version = "2.3.1.2";
expResult = "cpe:/a:apache:struts";
expResult = "cpe:/a:apache:struts:2.3.1.2";
result = instance.searchCPE(vendor, product, version);
//TODO fix this
assertTrue(result.isEmpty());
//boolean startsWith = result.get(0).getName().startsWith(expResult);
//assertTrue("CPE does not begin with apache struts", startsWith);
assertEquals(expResult, result.get(0).getName());
instance.close();
}
/**
* Test of searchCPE method, of class CPEQuery.
* Test of searchCPE method, of class CPEAnalyzer.
* @throws Exception is thrown when an exception occurs
*/
@Test
@@ -148,7 +149,7 @@ public class CPEQueryTest extends BaseIndexTestCase {
String version = "2.1.2";
String expResult = "cpe:/a:apache:struts:2.1.2";
CPEQuery instance = new CPEQuery();
CPEAnalyzer instance = new CPEAnalyzer();
instance.open();
//TODO - yeah, not a very good test as the results are the same with or without weighting...

2
src/test/java/org/codesecure/dependencycheck/data/cpe/IndexTest.java
View File

@@ -4,7 +4,7 @@
*/
package org.codesecure.dependencycheck.data.cpe;
import org.codesecure.dependencycheck.data.BaseIndexTestCase;
import org.codesecure.dependencycheck.data.lucene.BaseIndexTestCase;
import java.io.IOException;
import java.util.logging.Level;
import java.util.logging.Logger;

2
src/test/java/org/codesecure/dependencycheck/data/BaseIndexTestCase.java → src/test/java/org/codesecure/dependencycheck/data/lucene/BaseIndexTestCase.java
View File

@@ -2,7 +2,7 @@
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package org.codesecure.dependencycheck.data;
package org.codesecure.dependencycheck.data.lucene;
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;

3
src/test/java/org/codesecure/dependencycheck/data/LuceneUtilsTest.java → src/test/java/org/codesecure/dependencycheck/data/lucene/LuceneUtilsTest.java
View File

@@ -2,8 +2,9 @@
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package org.codesecure.dependencycheck.data;
package org.codesecure.dependencycheck.data.lucene;
import org.codesecure.dependencycheck.data.lucene.LuceneUtils;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;

266
src/test/java/org/codesecure/dependencycheck/dependency/DependencyTest.java
View File

@@ -4,6 +4,7 @@
*/
package org.codesecure.dependencycheck.dependency;
import java.io.File;
import org.codesecure.dependencycheck.dependency.Dependency;
import org.codesecure.dependencycheck.dependency.Evidence;
import java.util.List;
@@ -63,4 +64,269 @@ public class DependencyTest {
assertTrue(instance.containsUsedString(str));
assertTrue(instance.containsUsedString(str2));
}
/**
* Test of getFileName method, of class Dependency.
*/
@Test
public void testGetFileName() {
System.out.println("getFileName");
Dependency instance = new Dependency();
String expResult = "filename";
instance.setFileName(expResult);
String result = instance.getFileName();
assertEquals(expResult, result);
}
/**
* Test of setFileName method, of class Dependency.
*/
@Test
public void testSetFileName() {
System.out.println("setFileName");
String fileName = "test.file";
Dependency instance = new Dependency();
instance.setFileName(fileName);
assertEquals(fileName,instance.getFileName());
}
/**
* Test of setActualFilePath method, of class Dependency.
*/
@Test
public void testSetActualFilePath() {
System.out.println("setActualFilePath");
String actualFilePath = "test.file";
Dependency instance = new Dependency();
instance.setActualFilePath(actualFilePath);
assertEquals(actualFilePath,instance.getActualFilePath());
}
/**
* Test of getActualFilePath method, of class Dependency.
*/
@Test
public void testGetActualFilePath() {
System.out.println("getActualFilePath");
Dependency instance = new Dependency();
String expResult = "test.file";
instance.setActualFilePath(expResult);
String result = instance.getActualFilePath();
assertEquals(expResult, result);
}
/**
* Test of setFilePath method, of class Dependency.
*/
@Test
public void testSetFilePath() {
System.out.println("setFilePath");
String filePath = "test.file";
Dependency instance = new Dependency();
instance.setFilePath(filePath);
assertEquals(filePath,instance.getFilePath());
}
/**
* Test of getFilePath method, of class Dependency.
*/
@Test
public void testGetFilePath() {
System.out.println("getFilePath");
Dependency instance = new Dependency();
String expResult = "path/test.file";
instance.setFilePath(expResult);
String result = instance.getFilePath();
assertEquals(expResult, result);
}
/**
* Test of setFileExtension method, of class Dependency.
*/
@Test
public void testSetFileExtension() {
System.out.println("setFileExtension");
String fileExtension = "jar";
Dependency instance = new Dependency();
instance.setFileExtension(fileExtension);
assertEquals(fileExtension,instance.getFileExtension());
}
/**
* Test of getFileExtension method, of class Dependency.
*/
@Test
public void testGetFileExtension() {
System.out.println("getFileExtension");
Dependency instance = new Dependency();
String expResult = "jar";
instance.setFileExtension(expResult);
String result = instance.getFileExtension();
assertEquals(expResult, result);
}
/**
* Test of getMd5sum method, of class Dependency.
*/
@Test
public void testGetMd5sum() {
System.out.println("getMd5sum");
File file = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
Dependency instance = new Dependency(file);
// assertEquals("89CE9E36AA9A9E03F1450936D2F4F8DD0F961F8B", result.getSha1sum());
String expResult = "C30B57142E1CCBC1EFD5CD15F307358F";
String result = instance.getMd5sum();
assertEquals(expResult, result);
}
/**
* Test of setMd5sum method, of class Dependency.
*/
@Test
public void testSetMd5sum() {
System.out.println("setMd5sum");
String md5sum = "test";
Dependency instance = new Dependency();
instance.setMd5sum(md5sum);
assertEquals(md5sum,instance.getMd5sum());
}
/**
* Test of getSha1sum method, of class Dependency.
*/
@Test
public void testGetSha1sum() {
System.out.println("getSha1sum");
File file = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
Dependency instance = new Dependency(file);
String expResult = "89CE9E36AA9A9E03F1450936D2F4F8DD0F961F8B";
String result = instance.getSha1sum();
assertEquals(expResult, result);
}
/**
* Test of setSha1sum method, of class Dependency.
*/
@Test
public void testSetSha1sum() {
System.out.println("setSha1sum");
String sha1sum = "test";
Dependency instance = new Dependency();
instance.setSha1sum(sha1sum);
assertEquals(sha1sum,instance.getSha1sum());
}
/**
* Test of getIdentifiers method, of class Dependency.
*/
@Test
public void testGetIdentifiers() {
System.out.println("getIdentifiers");
Dependency instance = new Dependency();
List expResult = null;
List result = instance.getIdentifiers();
assertTrue(true); //this is just a getter setter pair.
}
/**
* Test of setIdentifiers method, of class Dependency.
*/
@Test
public void testSetIdentifiers() {
System.out.println("setIdentifiers");
List<Identifier> identifiers = null;
Dependency instance = new Dependency();
instance.setIdentifiers(identifiers);
assertTrue(true); //this is just a getter setter pair.
}
/**
* Test of addIdentifier method, of class Dependency.
*/
@Test
public void testAddIdentifier() {
System.out.println("addIdentifier");
String type = "cpe";
String value = "cpe:/a:apache:struts:2.1.2";
String title = "Apache Struts 2.1.2";
String url = "http://somewhere";
Dependency instance = new Dependency();
instance.addIdentifier(type, value, title, url);
assertEquals(1,instance.getIdentifiers().size());
Identifier i = instance.getIdentifiers().get(0);
assertEquals(type,i.getType());
assertEquals(value, i.getValue());
assertEquals(title, i.getTitle());
assertEquals(url, i.getUrl());
}
/**
* Test of getEvidence method, of class Dependency.
*/
@Test
public void testGetEvidence() {
System.out.println("getEvidence");
Dependency instance = new Dependency();
EvidenceCollection expResult = null;
EvidenceCollection result = instance.getEvidence();
assertTrue(true); //this is just a getter setter pair.
}
/**
* Test of getEvidenceUsed method, of class Dependency.
*/
@Test
public void testGetEvidenceUsed() {
System.out.println("getEvidenceUsed");
Dependency instance = new Dependency();
String expResult = "used";
instance.getProductEvidence().addEvidence("used", "used", "used", Evidence.Confidence.HIGH);
instance.getProductEvidence().addEvidence("not", "not", "not", Evidence.Confidence.MEDIUM);
for (Evidence e : instance.getProductEvidence().iterator(Evidence.Confidence.HIGH)) {
String use = e.getValue();
}
EvidenceCollection result = instance.getEvidenceUsed();
assertEquals(1, result.size());
assertTrue(result.containsUsedString(expResult));
}
/**
* Test of getVendorEvidence method, of class Dependency.
*/
@Test
public void testGetVendorEvidence() {
System.out.println("getVendorEvidence");
Dependency instance = new Dependency();
EvidenceCollection expResult = null;
EvidenceCollection result = instance.getVendorEvidence();
assertTrue(true); //this is just a getter setter pair.
}
/**
* Test of getProductEvidence method, of class Dependency.
*/
@Test
public void testGetProductEvidence() {
System.out.println("getProductEvidence");
Dependency instance = new Dependency();
EvidenceCollection expResult = null;
EvidenceCollection result = instance.getProductEvidence();
assertTrue(true); //this is just a getter setter pair.
}
/**
* Test of getVersionEvidence method, of class Dependency.
*/
@Test
public void testGetVersionEvidence() {
System.out.println("getVersionEvidence");
Dependency instance = new Dependency();
EvidenceCollection expResult = null;
EvidenceCollection result = instance.getVersionEvidence();
assertTrue(true); //this is just a getter setter pair.
}
}

102
src/test/java/org/codesecure/dependencycheck/reporting/ReportGeneratorTest.java
View File

@@ -10,7 +10,7 @@ import java.util.ArrayList;
import java.io.File;
import org.codesecure.dependencycheck.dependency.Dependency;
import java.util.HashMap;
import org.codesecure.dependencycheck.data.BaseIndexTestCase;
import org.codesecure.dependencycheck.data.lucene.BaseIndexTestCase;
import java.util.Map;
import org.codesecure.dependencycheck.dependency.Evidence.Confidence;
import org.junit.After;
@@ -56,56 +56,56 @@ public class ReportGeneratorTest extends BaseIndexTestCase {
public void testGenerateReport() throws Exception {
System.out.println("generateReport");
String templateName = "HtmlReport";
File f = new File("target/test-reports");
if (!f.exists()) {
f.mkdir();
}
String writeTo = "target/test-reports/Report.html";
Map<String, Object> properties = new HashMap<String, Object>();
Dependency d = new Dependency();
d.setFileName("FileName.jar");
d.setActualFilePath("lib/FileName.jar");
d.addCPEentry("cpe://a:/some:cpe:1.0");
List<Dependency> dependencies = new ArrayList<Dependency>();
d.getProductEvidence().addEvidence("jar","filename","<test>test", Confidence.HIGH);
d.getProductEvidence().addEvidence("manifest","vendor","<test>test", Confidence.HIGH);
for (Evidence e : d.getProductEvidence().iterator(Confidence.HIGH)) {
String t = e.getValue();
}
dependencies.add(d);
Dependency d2 = new Dependency();
d2.setFileName("Another.jar");
d2.setActualFilePath("lib/Another.jar");
d2.addCPEentry("cpe://a:/another:cpe:1.0");
d2.addCPEentry("cpe://a:/another:cpe:1.1");
d2.addCPEentry("cpe://a:/another:cpe:1.2");
d2.getProductEvidence().addEvidence("jar","filename","another.jar", Confidence.HIGH);
d2.getProductEvidence().addEvidence("manifest","vendor","Company A", Confidence.MEDIUM);
for (Evidence e : d2.getProductEvidence().iterator(Confidence.HIGH)) {
String t = e.getValue();
}
dependencies.add(d2);
Dependency d3 = new Dependency();
d3.setFileName("Third.jar");
d3.setActualFilePath("lib/Third.jar");
d3.getProductEvidence().addEvidence("jar","filename","third.jar", Confidence.HIGH);
for (Evidence e : d3.getProductEvidence().iterator(Confidence.HIGH)) {
String t = e.getValue();
}
dependencies.add(d3);
properties.put("dependencies",dependencies);
ReportGenerator instance = new ReportGenerator();
instance.generateReport(templateName, writeTo, properties);
// File f = new File("target/test-reports");
// if (!f.exists()) {
// f.mkdir();
// }
// String writeTo = "target/test-reports/Report.html";
// Map<String, Object> properties = new HashMap<String, Object>();
// Dependency d = new Dependency();
// d.setFileName("FileName.jar");
// d.setActualFilePath("lib/FileName.jar");
// d.addCPEentry("cpe://a:/some:cpe:1.0");
//
// List<Dependency> dependencies = new ArrayList<Dependency>();
// d.getProductEvidence().addEvidence("jar","filename","<test>test", Confidence.HIGH);
// d.getProductEvidence().addEvidence("manifest","vendor","<test>test", Confidence.HIGH);
//
// for (Evidence e : d.getProductEvidence().iterator(Confidence.HIGH)) {
// String t = e.getValue();
// }
// dependencies.add(d);
//
// Dependency d2 = new Dependency();
// d2.setFileName("Another.jar");
// d2.setActualFilePath("lib/Another.jar");
// d2.addCPEentry("cpe://a:/another:cpe:1.0");
// d2.addCPEentry("cpe://a:/another:cpe:1.1");
// d2.addCPEentry("cpe://a:/another:cpe:1.2");
// d2.getProductEvidence().addEvidence("jar","filename","another.jar", Confidence.HIGH);
// d2.getProductEvidence().addEvidence("manifest","vendor","Company A", Confidence.MEDIUM);
//
// for (Evidence e : d2.getProductEvidence().iterator(Confidence.HIGH)) {
// String t = e.getValue();
// }
//
// dependencies.add(d2);
//
// Dependency d3 = new Dependency();
// d3.setFileName("Third.jar");
// d3.setActualFilePath("lib/Third.jar");
// d3.getProductEvidence().addEvidence("jar","filename","third.jar", Confidence.HIGH);
//
// for (Evidence e : d3.getProductEvidence().iterator(Confidence.HIGH)) {
// String t = e.getValue();
// }
//
// dependencies.add(d3);
//
// properties.put("dependencies",dependencies);
//
// ReportGenerator instance = new ReportGenerator();
// instance.generateReport(templateName, writeTo, properties);
//TODO add an assertion here...
//assertTrue("need to add a real check here", false);
}