github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-03-20 08:14:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

Branch showSummary on checkForFailure

Browse Source
This commit is contained in:
Erik Lenoir
2017-09-14 15:12:57 +02:00
parent 9a9cf826ab
commit 9db7012042
3 changed files with 30 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
dependency-check-ant/src/main/java/org/owasp/dependencycheck/taskdefs/Check.java
View File

@@ -1079,9 +1079,16 @@ public class Check extends Update {
} }
} }
if (ids.length() > 0) { if (ids.length() > 0) {
final String msg = String.format("%n%nDependency-Check Failure:%n" final String msg;
if (showSummary) {
msg = String.format("%n%nDependency-Check Failure:%n"
+ "One or more dependencies were identified with vulnerabilities that have a CVSS score greater than '%.1f': %s%n" + "One or more dependencies were identified with vulnerabilities that have a CVSS score greater than '%.1f': %s%n"
+ "See the dependency-check report for more details.%n%n", failBuildOnCVSS, ids.toString()); + "See the dependency-check report for more details.%n%n", failBuildOnCVSS, ids.toString());
} else {
msg = String.format("%n%nDependency-Check Failure:%n"
+ "One or more dependencies were identified with vulnerabilities.%n%n"
+ "See the dependency-check report for more details.%n%n");
}
throw new BuildException(msg); throw new BuildException(msg);
} }
} }

9
dependency-check-core/src/main/java/org/owasp/dependencycheck/agent/DependencyCheckScanAgent.java
View File

@@ -1021,9 +1021,16 @@ public class DependencyCheckScanAgent {
} }
} }
if (ids.length() > 0) { if (ids.length() > 0) {
final String msg = String.format("%n%nDependency-Check Failure:%n" final String msg;
if (showSummary) {
msg = String.format("%n%nDependency-Check Failure:%n"
+ "One or more dependencies were identified with vulnerabilities that have a CVSS score greater than '%.1f': %s%n" + "One or more dependencies were identified with vulnerabilities that have a CVSS score greater than '%.1f': %s%n"
+ "See the dependency-check report for more details.%n%n", failBuildOnCVSS, ids.toString()); + "See the dependency-check report for more details.%n%n", failBuildOnCVSS, ids.toString());
} else {
msg = String.format("%n%nDependency-Check Failure:%n"
+ "One or more dependencies were identified with vulnerabilities.%n%n"
+ "See the dependency-check report for more details.%n%n");
}
throw new ScanAgentException(msg); throw new ScanAgentException(msg);
} }

5
dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java
View File

@@ -1193,6 +1193,7 @@ public abstract class BaseDependencyCheckMojo extends AbstractMojo implements Ma
} }
if (ids.length() > 0) { if (ids.length() > 0) {
final String msg; final String msg;
if (showSummary) {
if (failBuildOnAnyVulnerability) { if (failBuildOnAnyVulnerability) {
msg = String.format("%n%nOne or more dependencies were identified with vulnerabilities: %n%s%n%n" msg = String.format("%n%nOne or more dependencies were identified with vulnerabilities: %n%s%n%n"
+ "See the dependency-check report for more details.%n%n", ids.toString()); + "See the dependency-check report for more details.%n%n", ids.toString());
@@ -1200,6 +1201,10 @@ public abstract class BaseDependencyCheckMojo extends AbstractMojo implements Ma
msg = String.format("%n%nOne or more dependencies were identified with vulnerabilities that have a CVSS score greater than '%.1f': " msg = String.format("%n%nOne or more dependencies were identified with vulnerabilities that have a CVSS score greater than '%.1f': "
+ "%n%s%n%nSee the dependency-check report for more details.%n%n", failBuildOnCVSS, ids.toString()); + "%n%s%n%nSee the dependency-check report for more details.%n%n", failBuildOnCVSS, ids.toString());
} }
} else {
msg = String.format("%n%nOne or more dependencies were identified with vulnerabilities.%n%n"
+ "See the dependency-check report for more details.%n%n");
}
throw new MojoFailureException(msg); throw new MojoFailureException(msg);
} }