github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-03-22 17:19:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

Removes the test for default Maven repository directory.

Browse Source 
Error: If the M3_REPO directory is not set to a path that contains */m2/repository/* the DependencyCheck doesn't read <library>.pom file. Some dependencies like "spring-core-3.2.0.RELEASE.jar" are not found due to this error.

Fix: Remove the test for default Maven repository directory. The existing check for the existence of <library>.pom file is sufficient.

Former-commit-id: 8d7c51f611b5d26d505cfc3fe9f8b94c12174000
This commit is contained in:
Ahmet Kiyak
2015-02-17 18:57:24 +01:00
parent 49e8ee443c
commit babe4739c5
1 changed files with 5 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java
View File

@@ -295,15 +295,11 @@ public class JarAnalyzer extends AbstractFileTypeAnalyzer {
} }
File externalPom = null; File externalPom = null;
if (pomEntries.isEmpty()) { if (pomEntries.isEmpty()) {
if (dependency.getActualFilePath().matches(".*\\.m2.repository\\b.*")) { String pomPath = dependency.getActualFilePath();
String pomPath = dependency.getActualFilePath(); pomPath = pomPath.substring(0, pomPath.lastIndexOf('.')) + ".pom";
pomPath = pomPath.substring(0, pomPath.lastIndexOf('.')) + ".pom"; externalPom = new File(pomPath);
externalPom = new File(pomPath); if (externalPom.isFile()) {
if (externalPom.isFile()) { pomEntries.add(pomPath);
pomEntries.add(pomPath);
} else {
return false;
}
} else { } else {
return false; return false;
} }