implement nested configuration for CVE settings

2026-01-14 07:43:40 +01:00 · 2015-08-25 19:49:03 +08:00
parent 2c5e64d0d5
commit afb85309a2
5 changed files with 56 additions and 28 deletions
--- a/dependency-check-gradle/src/main/groovy/com/tools/security/extension/CveExtension.groovy
+++ b/dependency-check-gradle/src/main/groovy/com/tools/security/extension/CveExtension.groovy
@@ -0,0 +1,27 @@
+/*
+ * This file is part of dependency-check-gradle.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Copyright (c) 2015 Wei Ma. All Rights Reserved.
+ */
+
+package com.tools.security.extension
+
+class CveExtension {
+    String url20Modified
+    String url12Modified
+    Integer startYear
+    String url20Base
+    String url12Base
+}
--- a/dependency-check-gradle/src/main/groovy/com/tools/security/extension/DependencyCheckExtension.groovy
+++ b/dependency-check-gradle/src/main/groovy/com/tools/security/extension/DependencyCheckExtension.groovy
@@ -19,15 +19,9 @@
 package com.tools.security.extension

 class DependencyCheckExtension {
-    ProxyExtension proxyExtension;
-
-    String cveUrl20Modified
-    String cveUrl12Modified
-    Integer cveStartYear
-    String cveUrl20Base
-    String cveUrl12Base
+    ProxyExtension proxyExtension
+    CveExtension cveExtension

    String outputDirectory = "./reports"
-
    Boolean quickQueryTimestamp;
 }
--- a/dependency-check-gradle/src/main/groovy/com/tools/security/plugin/DependencyCheckGradlePlugin.groovy
+++ b/dependency-check-gradle/src/main/groovy/com/tools/security/plugin/DependencyCheckGradlePlugin.groovy
@@ -18,6 +18,7 @@

 package com.tools.security.plugin

+import com.tools.security.extension.CveExtension
 import com.tools.security.extension.DependencyCheckExtension
 import com.tools.security.extension.ProxyExtension
 import com.tools.security.tasks.DependencyCheckTask
@@ -28,6 +29,7 @@ class DependencyCheckGradlePlugin implements Plugin<Project> {
    private static final String ROOT_EXTENSION_NAME = 'dependencyCheck'
    private static final String TASK_NAME = 'dependencyCheck'
    private static final String PROXY_EXTENSION_NAME = "proxy"
+    private static final String CVE_EXTENSION_NAME = "cve"

    @Override
    void apply(Project project) {
@@ -38,6 +40,7 @@ class DependencyCheckGradlePlugin implements Plugin<Project> {
    def initializeConfigurations(Project project) {
        project.extensions.create(ROOT_EXTENSION_NAME, DependencyCheckExtension)
        project.dependencyCheck.extensions.create(PROXY_EXTENSION_NAME, ProxyExtension)
+        project.dependencyCheck.extensions.create(CVE_EXTENSION_NAME, CveExtension)
    }

    def registerTasks(Project project) {
--- a/dependency-check-gradle/src/main/groovy/com/tools/security/tasks/DependencyCheckTask.groovy
+++ b/dependency-check-gradle/src/main/groovy/com/tools/security/tasks/DependencyCheckTask.groovy
@@ -134,11 +134,11 @@ class DependencyCheckTask extends DefaultTask {
    }

    def overrideCveUrlSetting() {
-        overrideStringBasedSettingWhenProvided(CVE_MODIFIED_20_URL, config.cveUrl20Modified)
-        overrideStringBasedSettingWhenProvided(CVE_MODIFIED_12_URL, config.cveUrl12Modified)
-        overrideIntegerBasedSettingWhenProvided(CVE_START_YEAR, config.cveStartYear)
-        overrideStringBasedSettingWhenProvided(CVE_SCHEMA_2_0, config.cveUrl20Base)
-        overrideStringBasedSettingWhenProvided(CVE_SCHEMA_1_2, config.cveUrl12Base)
+        overrideStringBasedSettingWhenProvided(CVE_MODIFIED_20_URL, config.cve.url20Modified)
+        overrideStringBasedSettingWhenProvided(CVE_MODIFIED_12_URL, config.cve.url12Modified)
+        overrideIntegerBasedSettingWhenProvided(CVE_START_YEAR, config.cve.startYear)
+        overrideStringBasedSettingWhenProvided(CVE_SCHEMA_2_0, config.cve.url20Base)
+        overrideStringBasedSettingWhenProvided(CVE_SCHEMA_1_2, config.cve.url12Base)
    }

    def overrideDownloaderSetting() {
--- a/dependency-check-gradle/src/test/groovy/com/tools/security/plugin/DependencyCheckGradlePluginSpec.groovy
+++ b/dependency-check-gradle/src/test/groovy/com/tools/security/plugin/DependencyCheckGradlePluginSpec.groovy
@@ -52,11 +52,11 @@ class DependencyCheckGradlePluginSpec extends PluginProjectSpec {
        project.dependencyCheck.proxy.port == null
        project.dependencyCheck.proxy.username == null
        project.dependencyCheck.proxy.password == null
-        project.dependencyCheck.cveUrl12Modified == null
-        project.dependencyCheck.cveUrl20Modified == null
-        project.dependencyCheck.cveStartYear == null
-        project.dependencyCheck.cveUrl12Base == null
-        project.dependencyCheck.cveUrl20Base == null
+        project.dependencyCheck.cve.url12Modified == null
+        project.dependencyCheck.cve.url20Modified == null
+        project.dependencyCheck.cve.startYear == null
+        project.dependencyCheck.cve.url12Base == null
+        project.dependencyCheck.cve.url20Base == null
        project.dependencyCheck.outputDirectory == './reports'
        project.dependencyCheck.quickQueryTimestamp == null
    }
@@ -70,11 +70,15 @@ class DependencyCheckGradlePluginSpec extends PluginProjectSpec {
                username = 'proxyUsername'
                password = 'proxyPassword'
            }
-            cveUrl12Modified = 'cveUrl12Modified'
-            cveUrl20Modified = 'cveUrl20Modified'
-            cveStartYear = 2002
-            cveUrl12Base = 'cveUrl12Base'
-            cveUrl20Base = 'cveUrl20Base'
+
+            cve {
+                startYear = 2002
+                url12Base = 'cveUrl12Base'
+                url20Base = 'cveUrl20Base'
+                url12Modified = 'cveUrl12Modified'
+                url20Modified = 'cveUrl20Modified'
+            }
+
            outputDirectory = 'outputDirectory'
            quickQueryTimestamp = false
        }
@@ -84,11 +88,11 @@ class DependencyCheckGradlePluginSpec extends PluginProjectSpec {
        project.dependencyCheck.proxy.port == 3128
        project.dependencyCheck.proxy.username == 'proxyUsername'
        project.dependencyCheck.proxy.password == 'proxyPassword'
-        project.dependencyCheck.cveUrl12Modified == 'cveUrl12Modified'
-        project.dependencyCheck.cveUrl20Modified == 'cveUrl20Modified'
-        project.dependencyCheck.cveStartYear == 2002
-        project.dependencyCheck.cveUrl12Base == 'cveUrl12Base'
-        project.dependencyCheck.cveUrl20Base == 'cveUrl20Base'
+        project.dependencyCheck.cve.url12Modified == 'cveUrl12Modified'
+        project.dependencyCheck.cve.url20Modified == 'cveUrl20Modified'
+        project.dependencyCheck.cve.startYear == 2002
+        project.dependencyCheck.cve.url12Base == 'cveUrl12Base'
+        project.dependencyCheck.cve.url20Base == 'cveUrl20Base'
        project.dependencyCheck.outputDirectory == 'outputDirectory'
        project.dependencyCheck.quickQueryTimestamp == false
    }