From 9db70120428c164cb88893631b3cc8a2c4954d61 Mon Sep 17 00:00:00 2001 From: Erik Lenoir Date: Thu, 14 Sep 2017 15:12:57 +0200 Subject: [PATCH] Branch showSummary on checkForFailure --- .../org/owasp/dependencycheck/taskdefs/Check.java | 13 ++++++++++--- .../agent/DependencyCheckScanAgent.java | 13 ++++++++++--- .../maven/BaseDependencyCheckMojo.java | 15 ++++++++++----- 3 files changed, 30 insertions(+), 11 deletions(-) diff --git a/dependency-check-ant/src/main/java/org/owasp/dependencycheck/taskdefs/Check.java b/dependency-check-ant/src/main/java/org/owasp/dependencycheck/taskdefs/Check.java index 5f6ccc06d..9e73314d1 100644 --- a/dependency-check-ant/src/main/java/org/owasp/dependencycheck/taskdefs/Check.java +++ b/dependency-check-ant/src/main/java/org/owasp/dependencycheck/taskdefs/Check.java @@ -1079,9 +1079,16 @@ public class Check extends Update { } } if (ids.length() > 0) { - final String msg = String.format("%n%nDependency-Check Failure:%n" - + "One or more dependencies were identified with vulnerabilities that have a CVSS score greater than '%.1f': %s%n" - + "See the dependency-check report for more details.%n%n", failBuildOnCVSS, ids.toString()); + final String msg; + if (showSummary) { + msg = String.format("%n%nDependency-Check Failure:%n" + + "One or more dependencies were identified with vulnerabilities that have a CVSS score greater than '%.1f': %s%n" + + "See the dependency-check report for more details.%n%n", failBuildOnCVSS, ids.toString()); + } else { + msg = String.format("%n%nDependency-Check Failure:%n" + + "One or more dependencies were identified with vulnerabilities.%n%n" + + "See the dependency-check report for more details.%n%n"); + } throw new BuildException(msg); } } diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/agent/DependencyCheckScanAgent.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/agent/DependencyCheckScanAgent.java index c7f5b1021..3e15ae34e 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/agent/DependencyCheckScanAgent.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/agent/DependencyCheckScanAgent.java @@ -1021,9 +1021,16 @@ public class DependencyCheckScanAgent { } } if (ids.length() > 0) { - final String msg = String.format("%n%nDependency-Check Failure:%n" - + "One or more dependencies were identified with vulnerabilities that have a CVSS score greater than '%.1f': %s%n" - + "See the dependency-check report for more details.%n%n", failBuildOnCVSS, ids.toString()); + final String msg; + if (showSummary) { + msg = String.format("%n%nDependency-Check Failure:%n" + + "One or more dependencies were identified with vulnerabilities that have a CVSS score greater than '%.1f': %s%n" + + "See the dependency-check report for more details.%n%n", failBuildOnCVSS, ids.toString()); + } else { + msg = String.format("%n%nDependency-Check Failure:%n" + + "One or more dependencies were identified with vulnerabilities.%n%n" + + "See the dependency-check report for more details.%n%n"); + } throw new ScanAgentException(msg); } diff --git a/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java b/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java index a55f77618..b8e641bb3 100644 --- a/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java +++ b/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java @@ -1193,12 +1193,17 @@ public abstract class BaseDependencyCheckMojo extends AbstractMojo implements Ma } if (ids.length() > 0) { final String msg; - if (failBuildOnAnyVulnerability) { - msg = String.format("%n%nOne or more dependencies were identified with vulnerabilities: %n%s%n%n" - + "See the dependency-check report for more details.%n%n", ids.toString()); + if (showSummary) { + if (failBuildOnAnyVulnerability) { + msg = String.format("%n%nOne or more dependencies were identified with vulnerabilities: %n%s%n%n" + + "See the dependency-check report for more details.%n%n", ids.toString()); + } else { + msg = String.format("%n%nOne or more dependencies were identified with vulnerabilities that have a CVSS score greater than '%.1f': " + + "%n%s%n%nSee the dependency-check report for more details.%n%n", failBuildOnCVSS, ids.toString()); + } } else { - msg = String.format("%n%nOne or more dependencies were identified with vulnerabilities that have a CVSS score greater than '%.1f': " - + "%n%s%n%nSee the dependency-check report for more details.%n%n", failBuildOnCVSS, ids.toString()); + msg = String.format("%n%nOne or more dependencies were identified with vulnerabilities.%n%n" + + "See the dependency-check report for more details.%n%n"); } throw new MojoFailureException(msg);