github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-03-21 16:49:43 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'Issues#665_implement' of https://github.com/Prakhash/DependencyCheck into Prakhash-Issues#665_implement

Browse Source
This commit is contained in:
Jeremy Long
2017-05-04 06:48:31 -04:00
parent 40b5c45ef6 2b04c6a7dd
commit bdace1b1b7
6 changed files with 34 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
dependency-check-core/src/main/java/org/owasp/dependencycheck/reporting/ReportGenerator.java
View File

@@ -125,6 +125,28 @@ public class ReportGenerator {
context.put("version", Settings.getString(Settings.KEYS.APPLICATION_VERSION, "Unknown")); context.put("version", Settings.getString(Settings.KEYS.APPLICATION_VERSION, "Unknown"));
} }
/**
* Constructs a new ReportGenerator.
*
* @param applicationName the application name being analyzed
* @param applicationVersion the application version being analyzed
* @param artifactID the application version being analyzed
* @param applicationVersion the application version being analyzed
* @param dependencies the list of dependencies
* @param analyzers the list of analyzers used
* @param properties the database properties (containing timestamps of the
* NVD CVE data)
*/
public ReportGenerator(String applicationName,String applicationVersion,String artifactID,String groupID, List<Dependency> dependencies, List<Analyzer> analyzers, DatabaseProperties properties) {
this(applicationName,dependencies,analyzers,properties);
context.put("applicationVersion",applicationVersion);
context.put("artifactID",artifactID);
context.put("groupID",groupID);
}
/** /**
* Creates a new Velocity Engine. * Creates a new Velocity Engine.
* *

3
dependency-check-core/src/main/resources/schema/dependency-check.1.3.xsd
View File

@@ -24,6 +24,9 @@
<xs:complexType> <xs:complexType>
<xs:sequence> <xs:sequence>
<xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1" /> <xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1" />
<xs:element name="version" type="xs:string" minOccurs="1" maxOccurs="1" />
<xs:element name="artifactID" type="xs:string" minOccurs="1" maxOccurs="1" />
<xs:element name="groupID" type="xs:string" minOccurs="1" maxOccurs="1" />
<xs:element name="reportDate" type="xs:string" minOccurs="1" maxOccurs="1" /> <xs:element name="reportDate" type="xs:string" minOccurs="1" maxOccurs="1" />
<xs:element name="credits" type="xs:string" minOccurs="1" maxOccurs="1" /> <xs:element name="credits" type="xs:string" minOccurs="1" maxOccurs="1" />
</xs:sequence> </xs:sequence>

3
dependency-check-core/src/main/resources/schema/dependency-check.1.4.xsd
View File

@@ -23,6 +23,9 @@
<xs:complexType name="projectInfo"> <xs:complexType name="projectInfo">
<xs:sequence> <xs:sequence>
<xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1" /> <xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1" />
<xs:element name="version" type="xs:string" minOccurs="1" maxOccurs="1" />
<xs:element name="artifactID" type="xs:string" minOccurs="1" maxOccurs="1" />
<xs:element name="groupID" type="xs:string" minOccurs="1" maxOccurs="1" />
<xs:element name="reportDate" type="xs:string" minOccurs="1" maxOccurs="1" /> <xs:element name="reportDate" type="xs:string" minOccurs="1" maxOccurs="1" />
<xs:element name="credits" type="xs:string" minOccurs="1" maxOccurs="1" /> <xs:element name="credits" type="xs:string" minOccurs="1" maxOccurs="1" />
</xs:sequence> </xs:sequence>

3
dependency-check-core/src/main/resources/templates/XmlReport.vsl
View File

@@ -31,6 +31,9 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
</scanInfo> </scanInfo>
<projectInfo> <projectInfo>
<name>$enc.xml($applicationName)</name> <name>$enc.xml($applicationName)</name>
<version>$enc.xml($version)</version>
<artifactID>$enc.xml($artifactID)</artifactID>
<groupID>$enc.xml($groupID)</groupID>
<reportDate>$scanDateXML</reportDate> <reportDate>$scanDateXML</reportDate>
<credits>This report contains data retrieved from the National Vulnerability Database: http://nvd.nist.gov</credits> <credits>This report contains data retrieved from the National Vulnerability Database: http://nvd.nist.gov</credits>
</projectInfo> </projectInfo>

2
dependency-check-core/src/test/java/org/owasp/dependencycheck/reporting/ReportGeneratorIntegrationTest.java
View File

@@ -147,7 +147,7 @@ public class ReportGeneratorIntegrationTest extends BaseDBTestCase {
CveDB cveDB = CveDB.getInstance(); CveDB cveDB = CveDB.getInstance();
DatabaseProperties dbProp = cveDB.getDatabaseProperties(); DatabaseProperties dbProp = cveDB.getDatabaseProperties();
ReportGenerator generator = new ReportGenerator("Test Report", engine.getDependencies(), engine.getAnalyzers(), dbProp); ReportGenerator generator = new ReportGenerator("Test Report","1.4.7","dependency-check-core","org.owasp", engine.getDependencies(), engine.getAnalyzers(), dbProp);
generator.generateReport(templateName, writeTo); generator.generateReport(templateName, writeTo);
cveDB.close(); cveDB.close();

2
dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java
View File

@@ -1015,7 +1015,7 @@ public abstract class BaseDependencyCheckMojo extends AbstractMojo implements Ma
getLog().debug("Unable to retrieve DB Properties", ex); getLog().debug("Unable to retrieve DB Properties", ex);
} }
} }
final ReportGenerator r = new ReportGenerator(p.getName(), engine.getDependencies(), engine.getAnalyzers(), prop); final ReportGenerator r = new ReportGenerator(p.getName(),p.getVersion(),p.getArtifactId(),p.getGroupId(), engine.getDependencies(), engine.getAnalyzers(), prop);
try { try {
r.generateReports(outputDir.getAbsolutePath(), format); r.generateReports(outputDir.getAbsolutePath(), format);
} catch (ReportException ex) { } catch (ReportException ex) {