github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-03-18 15:24:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

version 1.0.4

Browse Source
This commit is contained in:
Jeremy Long
2013-10-26 17:31:40 -04:00
parent acf4f26f96
commit d6ec751081
788 changed files with 9887 additions and 8151 deletions
Download Patch File Download Diff File Expand all files Collapse all files

377
dependency-check-ant/xref/org/owasp/dependencycheck/taskdefs/DependencyCheckTask.html
View File

@@ -33,21 +33,21 @@
<a class="jxr_linenumber" name="23" href="#23">23</a> <strong class="jxr_keyword">import</strong> java.io.InputStream;
<a class="jxr_linenumber" name="24" href="#24">24</a> <strong class="jxr_keyword">import</strong> java.util.List;
<a class="jxr_linenumber" name="25" href="#25">25</a> <strong class="jxr_keyword">import</strong> java.util.logging.Level;
<a class="jxr_linenumber" name="26" href="#26">26</a> <strong class="jxr_keyword">import</strong> java.util.logging.LogManager;
<a class="jxr_linenumber" name="27" href="#27">27</a> <strong class="jxr_keyword">import</strong> java.util.logging.Logger;
<a class="jxr_linenumber" name="28" href="#28">28</a> <strong class="jxr_keyword">import</strong> org.apache.tools.ant.BuildException;
<a class="jxr_linenumber" name="29" href="#29">29</a> <strong class="jxr_keyword">import</strong> org.apache.tools.ant.Task;
<a class="jxr_linenumber" name="30" href="#30">30</a> <strong class="jxr_keyword">import</strong> org.apache.tools.ant.types.EnumeratedAttribute;
<a class="jxr_linenumber" name="31" href="#31">31</a> <strong class="jxr_keyword">import</strong> org.apache.tools.ant.types.Reference;
<a class="jxr_linenumber" name="32" href="#32">32</a> <strong class="jxr_keyword">import</strong> org.apache.tools.ant.types.Resource;
<a class="jxr_linenumber" name="33" href="#33">33</a> <strong class="jxr_keyword">import</strong> org.apache.tools.ant.types.ResourceCollection;
<a class="jxr_linenumber" name="34" href="#34">34</a> <strong class="jxr_keyword">import</strong> org.apache.tools.ant.types.resources.FileProvider;
<a class="jxr_linenumber" name="35" href="#35">35</a> <strong class="jxr_keyword">import</strong> org.apache.tools.ant.types.resources.Resources;
<a class="jxr_linenumber" name="36" href="#36">36</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.Engine;
<a class="jxr_linenumber" name="37" href="#37">37</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.dependency.Dependency;
<a class="jxr_linenumber" name="38" href="#38">38</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.dependency.Vulnerability;
<a class="jxr_linenumber" name="39" href="#39">39</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.reporting.ReportGenerator;
<a class="jxr_linenumber" name="40" href="#40">40</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.reporting.ReportGenerator.Format;
<a class="jxr_linenumber" name="26" href="#26">26</a> <strong class="jxr_keyword">import</strong> java.util.logging.Logger;
<a class="jxr_linenumber" name="27" href="#27">27</a> <strong class="jxr_keyword">import</strong> org.apache.tools.ant.BuildException;
<a class="jxr_linenumber" name="28" href="#28">28</a> <strong class="jxr_keyword">import</strong> org.apache.tools.ant.Task;
<a class="jxr_linenumber" name="29" href="#29">29</a> <strong class="jxr_keyword">import</strong> org.apache.tools.ant.types.EnumeratedAttribute;
<a class="jxr_linenumber" name="30" href="#30">30</a> <strong class="jxr_keyword">import</strong> org.apache.tools.ant.types.Reference;
<a class="jxr_linenumber" name="31" href="#31">31</a> <strong class="jxr_keyword">import</strong> org.apache.tools.ant.types.Resource;
<a class="jxr_linenumber" name="32" href="#32">32</a> <strong class="jxr_keyword">import</strong> org.apache.tools.ant.types.ResourceCollection;
<a class="jxr_linenumber" name="33" href="#33">33</a> <strong class="jxr_keyword">import</strong> org.apache.tools.ant.types.resources.FileProvider;
<a class="jxr_linenumber" name="34" href="#34">34</a> <strong class="jxr_keyword">import</strong> org.apache.tools.ant.types.resources.Resources;
<a class="jxr_linenumber" name="35" href="#35">35</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.Engine;
<a class="jxr_linenumber" name="36" href="#36">36</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.dependency.Dependency;
<a class="jxr_linenumber" name="37" href="#37">37</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.dependency.Vulnerability;
<a class="jxr_linenumber" name="38" href="#38">38</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.reporting.ReportGenerator;
<a class="jxr_linenumber" name="39" href="#39">39</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.reporting.ReportGenerator.Format;
<a class="jxr_linenumber" name="40" href="#40">40</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.utils.LogUtils;
<a class="jxr_linenumber" name="41" href="#41">41</a> <strong class="jxr_keyword">import</strong> org.owasp.dependencycheck.utils.Settings;
<a class="jxr_linenumber" name="42" href="#42">42</a>
<a class="jxr_linenumber" name="43" href="#43">43</a> <em class="jxr_javadoccomment">/**</em>
@@ -355,184 +355,177 @@
<a class="jxr_linenumber" name="345" href="#345">345</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> setConnectionTimeout(String connectionTimeout) {
<a class="jxr_linenumber" name="346" href="#346">346</a> <strong class="jxr_keyword">this</strong>.connectionTimeout = connectionTimeout;
<a class="jxr_linenumber" name="347" href="#347">347</a> }
<a class="jxr_linenumber" name="348" href="#348">348</a>
<a class="jxr_linenumber" name="349" href="#349">349</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="350" href="#350">350</a> <em class="jxr_javadoccomment"> * Configures the logger for use by the application.</em>
<a class="jxr_linenumber" name="351" href="#351">351</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="352" href="#352">352</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">void</strong> prepareLogger() {
<a class="jxr_linenumber" name="353" href="#353">353</a> InputStream in = <strong class="jxr_keyword">null</strong>;
<a class="jxr_linenumber" name="354" href="#354">354</a> <strong class="jxr_keyword">try</strong> {
<a class="jxr_linenumber" name="355" href="#355">355</a> in = DependencyCheckTask.<strong class="jxr_keyword">class</strong>.getClassLoader().getResourceAsStream(LOG_PROPERTIES_FILE);
<a class="jxr_linenumber" name="356" href="#356">356</a> LogManager.getLogManager().reset();
<a class="jxr_linenumber" name="357" href="#357">357</a> LogManager.getLogManager().readConfiguration(in);
<a class="jxr_linenumber" name="358" href="#358">358</a> <em class="jxr_comment">//TODO add code to disable fine grained log file.</em>
<a class="jxr_linenumber" name="359" href="#359">359</a> <em class="jxr_comment">// Logger logger = LogManager.getLogManager().getLogger("");</em>
<a class="jxr_linenumber" name="360" href="#360">360</a> <em class="jxr_comment">// for (Handler h : logger.getHandlers()) {</em>
<a class="jxr_linenumber" name="361" href="#361">361</a> <em class="jxr_comment">// if (h.getFormatter(). h.toString());</em>
<a class="jxr_linenumber" name="362" href="#362">362</a> <em class="jxr_comment">// }</em>
<a class="jxr_linenumber" name="363" href="#363">363</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
<a class="jxr_linenumber" name="364" href="#364">364</a> System.err.println(ex.toString());
<a class="jxr_linenumber" name="365" href="#365">365</a> Logger.getLogger(DependencyCheckTask.<strong class="jxr_keyword">class</strong>.getName()).log(Level.SEVERE, <strong class="jxr_keyword">null</strong>, ex);
<a class="jxr_linenumber" name="366" href="#366">366</a> } <strong class="jxr_keyword">catch</strong> (SecurityException ex) {
<a class="jxr_linenumber" name="367" href="#367">367</a> Logger.getLogger(DependencyCheckTask.<strong class="jxr_keyword">class</strong>.getName()).log(Level.SEVERE, <strong class="jxr_keyword">null</strong>, ex);
<a class="jxr_linenumber" name="368" href="#368">368</a> } <strong class="jxr_keyword">finally</strong> {
<a class="jxr_linenumber" name="369" href="#369">369</a> <strong class="jxr_keyword">if</strong> (in != <strong class="jxr_keyword">null</strong>) {
<a class="jxr_linenumber" name="370" href="#370">370</a> <strong class="jxr_keyword">try</strong> {
<a class="jxr_linenumber" name="371" href="#371">371</a> in.close();
<a class="jxr_linenumber" name="372" href="#372">372</a> } <strong class="jxr_keyword">catch</strong> (Exception ex) {
<a class="jxr_linenumber" name="373" href="#373">373</a> <em class="jxr_comment">//noinspection UnusedAssignment</em>
<a class="jxr_linenumber" name="374" href="#374">374</a> in = <strong class="jxr_keyword">null</strong>;
<a class="jxr_linenumber" name="375" href="#375">375</a> }
<a class="jxr_linenumber" name="376" href="#376">376</a> }
<a class="jxr_linenumber" name="377" href="#377">377</a> }
<a class="jxr_linenumber" name="378" href="#378">378</a> }
<a class="jxr_linenumber" name="348" href="#348">348</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="349" href="#349">349</a> <em class="jxr_javadoccomment"> * The file path used for verbose logging.</em>
<a class="jxr_linenumber" name="350" href="#350">350</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="351" href="#351">351</a> <strong class="jxr_keyword">private</strong> String logFile = <strong class="jxr_keyword">null</strong>;
<a class="jxr_linenumber" name="352" href="#352">352</a>
<a class="jxr_linenumber" name="353" href="#353">353</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="354" href="#354">354</a> <em class="jxr_javadoccomment"> * Get the value of logFile.</em>
<a class="jxr_linenumber" name="355" href="#355">355</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="356" href="#356">356</a> <em class="jxr_javadoccomment"> * @return the value of logFile</em>
<a class="jxr_linenumber" name="357" href="#357">357</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="358" href="#358">358</a> <strong class="jxr_keyword">public</strong> String getLogFile() {
<a class="jxr_linenumber" name="359" href="#359">359</a> <strong class="jxr_keyword">return</strong> logFile;
<a class="jxr_linenumber" name="360" href="#360">360</a> }
<a class="jxr_linenumber" name="361" href="#361">361</a>
<a class="jxr_linenumber" name="362" href="#362">362</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="363" href="#363">363</a> <em class="jxr_javadoccomment"> * Set the value of logFile.</em>
<a class="jxr_linenumber" name="364" href="#364">364</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="365" href="#365">365</a> <em class="jxr_javadoccomment"> * @param logFile new value of logFile</em>
<a class="jxr_linenumber" name="366" href="#366">366</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="367" href="#367">367</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> setLogFile(String logFile) {
<a class="jxr_linenumber" name="368" href="#368">368</a> <strong class="jxr_keyword">this</strong>.logFile = logFile;
<a class="jxr_linenumber" name="369" href="#369">369</a> }
<a class="jxr_linenumber" name="370" href="#370">370</a>
<a class="jxr_linenumber" name="371" href="#371">371</a> @Override
<a class="jxr_linenumber" name="372" href="#372">372</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> execute() <strong class="jxr_keyword">throws</strong> BuildException {
<a class="jxr_linenumber" name="373" href="#373">373</a> <strong class="jxr_keyword">final</strong> InputStream in = DependencyCheckTask.<strong class="jxr_keyword">class</strong>.getClassLoader().getResourceAsStream(LOG_PROPERTIES_FILE);
<a class="jxr_linenumber" name="374" href="#374">374</a> LogUtils.prepareLogger(in, logFile);
<a class="jxr_linenumber" name="375" href="#375">375</a>
<a class="jxr_linenumber" name="376" href="#376">376</a> dealWithReferences();
<a class="jxr_linenumber" name="377" href="#377">377</a> validateConfiguration();
<a class="jxr_linenumber" name="378" href="#378">378</a> populateSettings();
<a class="jxr_linenumber" name="379" href="#379">379</a>
<a class="jxr_linenumber" name="380" href="#380">380</a> @Override
<a class="jxr_linenumber" name="381" href="#381">381</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> execute() <strong class="jxr_keyword">throws</strong> BuildException {
<a class="jxr_linenumber" name="382" href="#382">382</a> prepareLogger();
<a class="jxr_linenumber" name="383" href="#383">383</a>
<a class="jxr_linenumber" name="384" href="#384">384</a> dealWithReferences();
<a class="jxr_linenumber" name="385" href="#385">385</a> validateConfiguration();
<a class="jxr_linenumber" name="386" href="#386">386</a> populateSettings();
<a class="jxr_linenumber" name="387" href="#387">387</a>
<a class="jxr_linenumber" name="388" href="#388">388</a> <strong class="jxr_keyword">final</strong> Engine engine = <strong class="jxr_keyword">new</strong> Engine();
<a class="jxr_linenumber" name="389" href="#389">389</a> <strong class="jxr_keyword">for</strong> (Resource resource : path) {
<a class="jxr_linenumber" name="390" href="#390">390</a> <strong class="jxr_keyword">final</strong> FileProvider provider = resource.as(FileProvider.<strong class="jxr_keyword">class</strong>);
<a class="jxr_linenumber" name="391" href="#391">391</a> <strong class="jxr_keyword">if</strong> (provider != <strong class="jxr_keyword">null</strong>) {
<a class="jxr_linenumber" name="392" href="#392">392</a> <strong class="jxr_keyword">final</strong> File file = provider.getFile();
<a class="jxr_linenumber" name="393" href="#393">393</a> <strong class="jxr_keyword">if</strong> (file != <strong class="jxr_keyword">null</strong> &amp;&amp; file.exists()) {
<a class="jxr_linenumber" name="394" href="#394">394</a> engine.scan(file);
<a class="jxr_linenumber" name="395" href="#395">395</a> }
<a class="jxr_linenumber" name="396" href="#396">396</a> }
<a class="jxr_linenumber" name="397" href="#397">397</a> }
<a class="jxr_linenumber" name="398" href="#398">398</a> <strong class="jxr_keyword">try</strong> {
<a class="jxr_linenumber" name="399" href="#399">399</a> engine.analyzeDependencies();
<a class="jxr_linenumber" name="400" href="#400">400</a> <strong class="jxr_keyword">final</strong> ReportGenerator reporter = <strong class="jxr_keyword">new</strong> ReportGenerator(applicationName, engine.getDependencies(), engine.getAnalyzers());
<a class="jxr_linenumber" name="401" href="#401">401</a> reporter.generateReports(reportOutputDirectory, reportFormat);
<a class="jxr_linenumber" name="402" href="#402">402</a>
<a class="jxr_linenumber" name="403" href="#403">403</a> <strong class="jxr_keyword">if</strong> (<strong class="jxr_keyword">this</strong>.failBuildOnCVSS &lt;= 10) {
<a class="jxr_linenumber" name="404" href="#404">404</a> checkForFailure(engine.getDependencies());
<a class="jxr_linenumber" name="405" href="#405">405</a> }
<a class="jxr_linenumber" name="406" href="#406">406</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
<a class="jxr_linenumber" name="407" href="#407">407</a> Logger.getLogger(DependencyCheckTask.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINE, <strong class="jxr_keyword">null</strong>, ex);
<a class="jxr_linenumber" name="408" href="#408">408</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> BuildException(<span class="jxr_string">"Unable to generate dependency-check report"</span>, ex);
<a class="jxr_linenumber" name="409" href="#409">409</a> } <strong class="jxr_keyword">catch</strong> (Exception ex) {
<a class="jxr_linenumber" name="410" href="#410">410</a> Logger.getLogger(DependencyCheckTask.<strong class="jxr_keyword">class</strong>.getName()).log(Level.SEVERE, <strong class="jxr_keyword">null</strong>, ex);
<a class="jxr_linenumber" name="411" href="#411">411</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> BuildException(<span class="jxr_string">"An exception occured; unable to continue task"</span>, ex);
<a class="jxr_linenumber" name="412" href="#412">412</a> }
<a class="jxr_linenumber" name="413" href="#413">413</a> }
<a class="jxr_linenumber" name="414" href="#414">414</a>
<a class="jxr_linenumber" name="415" href="#415">415</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="416" href="#416">416</a> <em class="jxr_javadoccomment"> * Validate the configuration to ensure the parameters have been properly</em>
<a class="jxr_linenumber" name="417" href="#417">417</a> <em class="jxr_javadoccomment"> * configured/initialized.</em>
<a class="jxr_linenumber" name="418" href="#418">418</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="419" href="#419">419</a> <em class="jxr_javadoccomment"> * @throws BuildException if the task was not configured correctly.</em>
<a class="jxr_linenumber" name="420" href="#420">420</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="421" href="#421">421</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">void</strong> validateConfiguration() <strong class="jxr_keyword">throws</strong> BuildException {
<a class="jxr_linenumber" name="422" href="#422">422</a> <strong class="jxr_keyword">if</strong> (path == <strong class="jxr_keyword">null</strong>) {
<a class="jxr_linenumber" name="423" href="#423">423</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> BuildException(<span class="jxr_string">"No project dependencies have been defined to analyze."</span>);
<a class="jxr_linenumber" name="424" href="#424">424</a> }
<a class="jxr_linenumber" name="425" href="#425">425</a> <strong class="jxr_keyword">if</strong> (failBuildOnCVSS &lt; 0 || failBuildOnCVSS &gt; 11) {
<a class="jxr_linenumber" name="426" href="#426">426</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> BuildException(<span class="jxr_string">"Invalid configuration, failBuildOnCVSS must be between 0 and 11."</span>);
<a class="jxr_linenumber" name="427" href="#427">427</a> }
<a class="jxr_linenumber" name="428" href="#428">428</a> }
<a class="jxr_linenumber" name="429" href="#429">429</a>
<a class="jxr_linenumber" name="430" href="#430">430</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="431" href="#431">431</a> <em class="jxr_javadoccomment"> * Takes the properties supplied and updates the dependency-check settings.</em>
<a class="jxr_linenumber" name="432" href="#432">432</a> <em class="jxr_javadoccomment"> * Additionally, this sets the system properties required to change the</em>
<a class="jxr_linenumber" name="433" href="#433">433</a> <em class="jxr_javadoccomment"> * proxy url, port, and connection timeout.</em>
<a class="jxr_linenumber" name="434" href="#434">434</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="435" href="#435">435</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">void</strong> populateSettings() {
<a class="jxr_linenumber" name="436" href="#436">436</a> InputStream taskProperties = <strong class="jxr_keyword">null</strong>;
<a class="jxr_linenumber" name="437" href="#437">437</a> <strong class="jxr_keyword">try</strong> {
<a class="jxr_linenumber" name="438" href="#438">438</a> taskProperties = <strong class="jxr_keyword">this</strong>.getClass().getClassLoader().getResourceAsStream(PROPERTIES_FILE);
<a class="jxr_linenumber" name="439" href="#439">439</a> Settings.mergeProperties(taskProperties);
<a class="jxr_linenumber" name="440" href="#440">440</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
<a class="jxr_linenumber" name="441" href="#441">441</a> Logger.getLogger(DependencyCheckTask.<strong class="jxr_keyword">class</strong>.getName()).log(Level.WARNING, <span class="jxr_string">"Unable to load the dependency-check ant task.properties file."</span>);
<a class="jxr_linenumber" name="442" href="#442">442</a> Logger.getLogger(DependencyCheckTask.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINE, <strong class="jxr_keyword">null</strong>, ex);
<a class="jxr_linenumber" name="443" href="#443">443</a> } <strong class="jxr_keyword">finally</strong> {
<a class="jxr_linenumber" name="444" href="#444">444</a> <strong class="jxr_keyword">if</strong> (taskProperties != <strong class="jxr_keyword">null</strong>) {
<a class="jxr_linenumber" name="445" href="#445">445</a> <strong class="jxr_keyword">try</strong> {
<a class="jxr_linenumber" name="446" href="#446">446</a> taskProperties.close();
<a class="jxr_linenumber" name="447" href="#447">447</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
<a class="jxr_linenumber" name="448" href="#448">448</a> Logger.getLogger(DependencyCheckTask.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINEST, <strong class="jxr_keyword">null</strong>, ex);
<a class="jxr_linenumber" name="449" href="#449">449</a> }
<a class="jxr_linenumber" name="450" href="#450">450</a> }
<a class="jxr_linenumber" name="451" href="#451">451</a> }
<a class="jxr_linenumber" name="452" href="#452">452</a> <strong class="jxr_keyword">if</strong> (dataDirectory != <strong class="jxr_keyword">null</strong>) {
<a class="jxr_linenumber" name="453" href="#453">453</a> Settings.setString(Settings.KEYS.DATA_DIRECTORY, dataDirectory);
<a class="jxr_linenumber" name="454" href="#454">454</a> } <strong class="jxr_keyword">else</strong> {
<a class="jxr_linenumber" name="455" href="#455">455</a> <strong class="jxr_keyword">final</strong> File jarPath = <strong class="jxr_keyword">new</strong> File(DependencyCheckTask.<strong class="jxr_keyword">class</strong>.getProtectionDomain().getCodeSource().getLocation().getPath());
<a class="jxr_linenumber" name="456" href="#456">456</a> <strong class="jxr_keyword">final</strong> File base = jarPath.getParentFile();
<a class="jxr_linenumber" name="457" href="#457">457</a> <strong class="jxr_keyword">final</strong> String sub = Settings.getString(Settings.KEYS.DATA_DIRECTORY);
<a class="jxr_linenumber" name="458" href="#458">458</a> <strong class="jxr_keyword">final</strong> File dataDir = <strong class="jxr_keyword">new</strong> File(base, sub);
<a class="jxr_linenumber" name="459" href="#459">459</a> Settings.setString(Settings.KEYS.DATA_DIRECTORY, dataDir.getAbsolutePath());
<a class="jxr_linenumber" name="460" href="#460">460</a> }
<a class="jxr_linenumber" name="461" href="#461">461</a>
<a class="jxr_linenumber" name="462" href="#462">462</a> Settings.setBoolean(Settings.KEYS.AUTO_UPDATE, autoUpdate);
<a class="jxr_linenumber" name="463" href="#463">463</a>
<a class="jxr_linenumber" name="464" href="#464">464</a> <strong class="jxr_keyword">if</strong> (proxyUrl != <strong class="jxr_keyword">null</strong> &amp;&amp; !proxyUrl.isEmpty()) {
<a class="jxr_linenumber" name="465" href="#465">465</a> Settings.setString(Settings.KEYS.PROXY_URL, proxyUrl);
<a class="jxr_linenumber" name="466" href="#466">466</a> }
<a class="jxr_linenumber" name="467" href="#467">467</a> <strong class="jxr_keyword">if</strong> (proxyPort != <strong class="jxr_keyword">null</strong> &amp;&amp; !proxyPort.isEmpty()) {
<a class="jxr_linenumber" name="468" href="#468">468</a> Settings.setString(Settings.KEYS.PROXY_PORT, proxyPort);
<a class="jxr_linenumber" name="469" href="#469">469</a> }
<a class="jxr_linenumber" name="470" href="#470">470</a> <strong class="jxr_keyword">if</strong> (connectionTimeout != <strong class="jxr_keyword">null</strong> &amp;&amp; !connectionTimeout.isEmpty()) {
<a class="jxr_linenumber" name="471" href="#471">471</a> Settings.setString(Settings.KEYS.CONNECTION_TIMEOUT, connectionTimeout);
<a class="jxr_linenumber" name="472" href="#472">472</a> }
<a class="jxr_linenumber" name="473" href="#473">473</a> }
<a class="jxr_linenumber" name="474" href="#474">474</a>
<a class="jxr_linenumber" name="475" href="#475">475</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="476" href="#476">476</a> <em class="jxr_javadoccomment"> * Checks to see if a vulnerability has been identified with a CVSS score</em>
<a class="jxr_linenumber" name="477" href="#477">477</a> <em class="jxr_javadoccomment"> * that is above the threshold set in the configuration.</em>
<a class="jxr_linenumber" name="478" href="#478">478</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="479" href="#479">479</a> <em class="jxr_javadoccomment"> * @param dependencies the list of dependency objects</em>
<a class="jxr_linenumber" name="480" href="#480">480</a> <em class="jxr_javadoccomment"> * @throws BuildException thrown if a CVSS score is found that is higher</em>
<a class="jxr_linenumber" name="481" href="#481">481</a> <em class="jxr_javadoccomment"> * then the threshold set</em>
<a class="jxr_linenumber" name="482" href="#482">482</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="483" href="#483">483</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">void</strong> checkForFailure(List&lt;Dependency&gt; dependencies) <strong class="jxr_keyword">throws</strong> BuildException {
<a class="jxr_linenumber" name="484" href="#484">484</a> <strong class="jxr_keyword">final</strong> StringBuilder ids = <strong class="jxr_keyword">new</strong> StringBuilder();
<a class="jxr_linenumber" name="485" href="#485">485</a> <strong class="jxr_keyword">for</strong> (Dependency d : dependencies) {
<a class="jxr_linenumber" name="486" href="#486">486</a> <strong class="jxr_keyword">for</strong> (Vulnerability v : d.getVulnerabilities()) {
<a class="jxr_linenumber" name="487" href="#487">487</a> <strong class="jxr_keyword">if</strong> (v.getCvssScore() &gt;= failBuildOnCVSS) {
<a class="jxr_linenumber" name="488" href="#488">488</a> <strong class="jxr_keyword">if</strong> (ids.length() == 0) {
<a class="jxr_linenumber" name="489" href="#489">489</a> ids.append(v.getName());
<a class="jxr_linenumber" name="490" href="#490">490</a> } <strong class="jxr_keyword">else</strong> {
<a class="jxr_linenumber" name="491" href="#491">491</a> ids.append(<span class="jxr_string">", "</span>).append(v.getName());
<a class="jxr_linenumber" name="492" href="#492">492</a> }
<a class="jxr_linenumber" name="493" href="#493">493</a> }
<a class="jxr_linenumber" name="494" href="#494">494</a> }
<a class="jxr_linenumber" name="495" href="#495">495</a> }
<a class="jxr_linenumber" name="496" href="#496">496</a> <strong class="jxr_keyword">if</strong> (ids.length() &gt; 0) {
<a class="jxr_linenumber" name="497" href="#497">497</a> <strong class="jxr_keyword">final</strong> String msg = String.format(<span class="jxr_string">"%n%nDependency-Check Failure:%n"</span>
<a class="jxr_linenumber" name="498" href="#498">498</a> + <span class="jxr_string">"One or more dependencies were identified with vulnerabilities that have a CVSS score greater then '%.1f': %s%n"</span>
<a class="jxr_linenumber" name="499" href="#499">499</a> + <span class="jxr_string">"See the dependency-check report for more details.%n%n"</span>, failBuildOnCVSS, ids.toString());
<a class="jxr_linenumber" name="500" href="#500">500</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> BuildException(msg);
<a class="jxr_linenumber" name="501" href="#501">501</a> }
<a class="jxr_linenumber" name="502" href="#502">502</a> }
<a class="jxr_linenumber" name="503" href="#503">503</a>
<a class="jxr_linenumber" name="504" href="#504">504</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="505" href="#505">505</a> <em class="jxr_javadoccomment"> * An enumeration of supported report formats: "ALL", "HTML", "XML", "VULN",</em>
<a class="jxr_linenumber" name="506" href="#506">506</a> <em class="jxr_javadoccomment"> * etc..</em>
<a class="jxr_linenumber" name="507" href="#507">507</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="508" href="#508">508</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../org/owasp/dependencycheck/taskdefs/DependencyCheckTask.html">ReportFormats</a> <strong class="jxr_keyword">extends</strong> EnumeratedAttribute {
<a class="jxr_linenumber" name="509" href="#509">509</a>
<a class="jxr_linenumber" name="510" href="#510">510</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="511" href="#511">511</a> <em class="jxr_javadoccomment"> * Returns the list of values for the report format.</em>
<a class="jxr_linenumber" name="512" href="#512">512</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="513" href="#513">513</a> <em class="jxr_javadoccomment"> * @return the list of values for the report format</em>
<a class="jxr_linenumber" name="514" href="#514">514</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="515" href="#515">515</a> <strong class="jxr_keyword">public</strong> String[] getValues() {
<a class="jxr_linenumber" name="516" href="#516">516</a> <strong class="jxr_keyword">int</strong> i = 0;
<a class="jxr_linenumber" name="517" href="#517">517</a> <strong class="jxr_keyword">final</strong> Format[] formats = Format.values();
<a class="jxr_linenumber" name="518" href="#518">518</a> <strong class="jxr_keyword">final</strong> String[] values = <strong class="jxr_keyword">new</strong> String[formats.length];
<a class="jxr_linenumber" name="519" href="#519">519</a> <strong class="jxr_keyword">for</strong> (Format format : formats) {
<a class="jxr_linenumber" name="520" href="#520">520</a> values[i++] = format.name();
<a class="jxr_linenumber" name="521" href="#521">521</a> }
<a class="jxr_linenumber" name="522" href="#522">522</a> <strong class="jxr_keyword">return</strong> values;
<a class="jxr_linenumber" name="523" href="#523">523</a> }
<a class="jxr_linenumber" name="524" href="#524">524</a> }
<a class="jxr_linenumber" name="525" href="#525">525</a> }
<a class="jxr_linenumber" name="380" href="#380">380</a> <strong class="jxr_keyword">final</strong> Engine engine = <strong class="jxr_keyword">new</strong> Engine();
<a class="jxr_linenumber" name="381" href="#381">381</a> <strong class="jxr_keyword">for</strong> (Resource resource : path) {
<a class="jxr_linenumber" name="382" href="#382">382</a> <strong class="jxr_keyword">final</strong> FileProvider provider = resource.as(FileProvider.<strong class="jxr_keyword">class</strong>);
<a class="jxr_linenumber" name="383" href="#383">383</a> <strong class="jxr_keyword">if</strong> (provider != <strong class="jxr_keyword">null</strong>) {
<a class="jxr_linenumber" name="384" href="#384">384</a> <strong class="jxr_keyword">final</strong> File file = provider.getFile();
<a class="jxr_linenumber" name="385" href="#385">385</a> <strong class="jxr_keyword">if</strong> (file != <strong class="jxr_keyword">null</strong> &amp;&amp; file.exists()) {
<a class="jxr_linenumber" name="386" href="#386">386</a> engine.scan(file);
<a class="jxr_linenumber" name="387" href="#387">387</a> }
<a class="jxr_linenumber" name="388" href="#388">388</a> }
<a class="jxr_linenumber" name="389" href="#389">389</a> }
<a class="jxr_linenumber" name="390" href="#390">390</a> <strong class="jxr_keyword">try</strong> {
<a class="jxr_linenumber" name="391" href="#391">391</a> engine.analyzeDependencies();
<a class="jxr_linenumber" name="392" href="#392">392</a> <strong class="jxr_keyword">final</strong> ReportGenerator reporter = <strong class="jxr_keyword">new</strong> ReportGenerator(applicationName, engine.getDependencies(), engine.getAnalyzers());
<a class="jxr_linenumber" name="393" href="#393">393</a> reporter.generateReports(reportOutputDirectory, reportFormat);
<a class="jxr_linenumber" name="394" href="#394">394</a>
<a class="jxr_linenumber" name="395" href="#395">395</a> <strong class="jxr_keyword">if</strong> (<strong class="jxr_keyword">this</strong>.failBuildOnCVSS &lt;= 10) {
<a class="jxr_linenumber" name="396" href="#396">396</a> checkForFailure(engine.getDependencies());
<a class="jxr_linenumber" name="397" href="#397">397</a> }
<a class="jxr_linenumber" name="398" href="#398">398</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
<a class="jxr_linenumber" name="399" href="#399">399</a> Logger.getLogger(DependencyCheckTask.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINE, <strong class="jxr_keyword">null</strong>, ex);
<a class="jxr_linenumber" name="400" href="#400">400</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> BuildException(<span class="jxr_string">"Unable to generate dependency-check report"</span>, ex);
<a class="jxr_linenumber" name="401" href="#401">401</a> } <strong class="jxr_keyword">catch</strong> (Exception ex) {
<a class="jxr_linenumber" name="402" href="#402">402</a> Logger.getLogger(DependencyCheckTask.<strong class="jxr_keyword">class</strong>.getName()).log(Level.SEVERE, <strong class="jxr_keyword">null</strong>, ex);
<a class="jxr_linenumber" name="403" href="#403">403</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> BuildException(<span class="jxr_string">"An exception occured; unable to continue task"</span>, ex);
<a class="jxr_linenumber" name="404" href="#404">404</a> }
<a class="jxr_linenumber" name="405" href="#405">405</a> }
<a class="jxr_linenumber" name="406" href="#406">406</a>
<a class="jxr_linenumber" name="407" href="#407">407</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="408" href="#408">408</a> <em class="jxr_javadoccomment"> * Validate the configuration to ensure the parameters have been properly</em>
<a class="jxr_linenumber" name="409" href="#409">409</a> <em class="jxr_javadoccomment"> * configured/initialized.</em>
<a class="jxr_linenumber" name="410" href="#410">410</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="411" href="#411">411</a> <em class="jxr_javadoccomment"> * @throws BuildException if the task was not configured correctly.</em>
<a class="jxr_linenumber" name="412" href="#412">412</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="413" href="#413">413</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">void</strong> validateConfiguration() <strong class="jxr_keyword">throws</strong> BuildException {
<a class="jxr_linenumber" name="414" href="#414">414</a> <strong class="jxr_keyword">if</strong> (path == <strong class="jxr_keyword">null</strong>) {
<a class="jxr_linenumber" name="415" href="#415">415</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> BuildException(<span class="jxr_string">"No project dependencies have been defined to analyze."</span>);
<a class="jxr_linenumber" name="416" href="#416">416</a> }
<a class="jxr_linenumber" name="417" href="#417">417</a> <strong class="jxr_keyword">if</strong> (failBuildOnCVSS &lt; 0 || failBuildOnCVSS &gt; 11) {
<a class="jxr_linenumber" name="418" href="#418">418</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> BuildException(<span class="jxr_string">"Invalid configuration, failBuildOnCVSS must be between 0 and 11."</span>);
<a class="jxr_linenumber" name="419" href="#419">419</a> }
<a class="jxr_linenumber" name="420" href="#420">420</a> }
<a class="jxr_linenumber" name="421" href="#421">421</a>
<a class="jxr_linenumber" name="422" href="#422">422</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="423" href="#423">423</a> <em class="jxr_javadoccomment"> * Takes the properties supplied and updates the dependency-check settings.</em>
<a class="jxr_linenumber" name="424" href="#424">424</a> <em class="jxr_javadoccomment"> * Additionally, this sets the system properties required to change the</em>
<a class="jxr_linenumber" name="425" href="#425">425</a> <em class="jxr_javadoccomment"> * proxy url, port, and connection timeout.</em>
<a class="jxr_linenumber" name="426" href="#426">426</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="427" href="#427">427</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">void</strong> populateSettings() {
<a class="jxr_linenumber" name="428" href="#428">428</a> InputStream taskProperties = <strong class="jxr_keyword">null</strong>;
<a class="jxr_linenumber" name="429" href="#429">429</a> <strong class="jxr_keyword">try</strong> {
<a class="jxr_linenumber" name="430" href="#430">430</a> taskProperties = <strong class="jxr_keyword">this</strong>.getClass().getClassLoader().getResourceAsStream(PROPERTIES_FILE);
<a class="jxr_linenumber" name="431" href="#431">431</a> Settings.mergeProperties(taskProperties);
<a class="jxr_linenumber" name="432" href="#432">432</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
<a class="jxr_linenumber" name="433" href="#433">433</a> Logger.getLogger(DependencyCheckTask.<strong class="jxr_keyword">class</strong>.getName()).log(Level.WARNING, <span class="jxr_string">"Unable to load the dependency-check ant task.properties file."</span>);
<a class="jxr_linenumber" name="434" href="#434">434</a> Logger.getLogger(DependencyCheckTask.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINE, <strong class="jxr_keyword">null</strong>, ex);
<a class="jxr_linenumber" name="435" href="#435">435</a> } <strong class="jxr_keyword">finally</strong> {
<a class="jxr_linenumber" name="436" href="#436">436</a> <strong class="jxr_keyword">if</strong> (taskProperties != <strong class="jxr_keyword">null</strong>) {
<a class="jxr_linenumber" name="437" href="#437">437</a> <strong class="jxr_keyword">try</strong> {
<a class="jxr_linenumber" name="438" href="#438">438</a> taskProperties.close();
<a class="jxr_linenumber" name="439" href="#439">439</a> } <strong class="jxr_keyword">catch</strong> (IOException ex) {
<a class="jxr_linenumber" name="440" href="#440">440</a> Logger.getLogger(DependencyCheckTask.<strong class="jxr_keyword">class</strong>.getName()).log(Level.FINEST, <strong class="jxr_keyword">null</strong>, ex);
<a class="jxr_linenumber" name="441" href="#441">441</a> }
<a class="jxr_linenumber" name="442" href="#442">442</a> }
<a class="jxr_linenumber" name="443" href="#443">443</a> }
<a class="jxr_linenumber" name="444" href="#444">444</a> <strong class="jxr_keyword">if</strong> (dataDirectory != <strong class="jxr_keyword">null</strong>) {
<a class="jxr_linenumber" name="445" href="#445">445</a> Settings.setString(Settings.KEYS.DATA_DIRECTORY, dataDirectory);
<a class="jxr_linenumber" name="446" href="#446">446</a> } <strong class="jxr_keyword">else</strong> {
<a class="jxr_linenumber" name="447" href="#447">447</a> <strong class="jxr_keyword">final</strong> File jarPath = <strong class="jxr_keyword">new</strong> File(DependencyCheckTask.<strong class="jxr_keyword">class</strong>.getProtectionDomain().getCodeSource().getLocation().getPath());
<a class="jxr_linenumber" name="448" href="#448">448</a> <strong class="jxr_keyword">final</strong> File base = jarPath.getParentFile();
<a class="jxr_linenumber" name="449" href="#449">449</a> <strong class="jxr_keyword">final</strong> String sub = Settings.getString(Settings.KEYS.DATA_DIRECTORY);
<a class="jxr_linenumber" name="450" href="#450">450</a> <strong class="jxr_keyword">final</strong> File dataDir = <strong class="jxr_keyword">new</strong> File(base, sub);
<a class="jxr_linenumber" name="451" href="#451">451</a> Settings.setString(Settings.KEYS.DATA_DIRECTORY, dataDir.getAbsolutePath());
<a class="jxr_linenumber" name="452" href="#452">452</a> }
<a class="jxr_linenumber" name="453" href="#453">453</a>
<a class="jxr_linenumber" name="454" href="#454">454</a> Settings.setBoolean(Settings.KEYS.AUTO_UPDATE, autoUpdate);
<a class="jxr_linenumber" name="455" href="#455">455</a>
<a class="jxr_linenumber" name="456" href="#456">456</a> <strong class="jxr_keyword">if</strong> (proxyUrl != <strong class="jxr_keyword">null</strong> &amp;&amp; !proxyUrl.isEmpty()) {
<a class="jxr_linenumber" name="457" href="#457">457</a> Settings.setString(Settings.KEYS.PROXY_URL, proxyUrl);
<a class="jxr_linenumber" name="458" href="#458">458</a> }
<a class="jxr_linenumber" name="459" href="#459">459</a> <strong class="jxr_keyword">if</strong> (proxyPort != <strong class="jxr_keyword">null</strong> &amp;&amp; !proxyPort.isEmpty()) {
<a class="jxr_linenumber" name="460" href="#460">460</a> Settings.setString(Settings.KEYS.PROXY_PORT, proxyPort);
<a class="jxr_linenumber" name="461" href="#461">461</a> }
<a class="jxr_linenumber" name="462" href="#462">462</a> <strong class="jxr_keyword">if</strong> (connectionTimeout != <strong class="jxr_keyword">null</strong> &amp;&amp; !connectionTimeout.isEmpty()) {
<a class="jxr_linenumber" name="463" href="#463">463</a> Settings.setString(Settings.KEYS.CONNECTION_TIMEOUT, connectionTimeout);
<a class="jxr_linenumber" name="464" href="#464">464</a> }
<a class="jxr_linenumber" name="465" href="#465">465</a> }
<a class="jxr_linenumber" name="466" href="#466">466</a>
<a class="jxr_linenumber" name="467" href="#467">467</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="468" href="#468">468</a> <em class="jxr_javadoccomment"> * Checks to see if a vulnerability has been identified with a CVSS score</em>
<a class="jxr_linenumber" name="469" href="#469">469</a> <em class="jxr_javadoccomment"> * that is above the threshold set in the configuration.</em>
<a class="jxr_linenumber" name="470" href="#470">470</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="471" href="#471">471</a> <em class="jxr_javadoccomment"> * @param dependencies the list of dependency objects</em>
<a class="jxr_linenumber" name="472" href="#472">472</a> <em class="jxr_javadoccomment"> * @throws BuildException thrown if a CVSS score is found that is higher</em>
<a class="jxr_linenumber" name="473" href="#473">473</a> <em class="jxr_javadoccomment"> * then the threshold set</em>
<a class="jxr_linenumber" name="474" href="#474">474</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="475" href="#475">475</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">void</strong> checkForFailure(List&lt;Dependency&gt; dependencies) <strong class="jxr_keyword">throws</strong> BuildException {
<a class="jxr_linenumber" name="476" href="#476">476</a> <strong class="jxr_keyword">final</strong> StringBuilder ids = <strong class="jxr_keyword">new</strong> StringBuilder();
<a class="jxr_linenumber" name="477" href="#477">477</a> <strong class="jxr_keyword">for</strong> (Dependency d : dependencies) {
<a class="jxr_linenumber" name="478" href="#478">478</a> <strong class="jxr_keyword">for</strong> (Vulnerability v : d.getVulnerabilities()) {
<a class="jxr_linenumber" name="479" href="#479">479</a> <strong class="jxr_keyword">if</strong> (v.getCvssScore() &gt;= failBuildOnCVSS) {
<a class="jxr_linenumber" name="480" href="#480">480</a> <strong class="jxr_keyword">if</strong> (ids.length() == 0) {
<a class="jxr_linenumber" name="481" href="#481">481</a> ids.append(v.getName());
<a class="jxr_linenumber" name="482" href="#482">482</a> } <strong class="jxr_keyword">else</strong> {
<a class="jxr_linenumber" name="483" href="#483">483</a> ids.append(<span class="jxr_string">", "</span>).append(v.getName());
<a class="jxr_linenumber" name="484" href="#484">484</a> }
<a class="jxr_linenumber" name="485" href="#485">485</a> }
<a class="jxr_linenumber" name="486" href="#486">486</a> }
<a class="jxr_linenumber" name="487" href="#487">487</a> }
<a class="jxr_linenumber" name="488" href="#488">488</a> <strong class="jxr_keyword">if</strong> (ids.length() &gt; 0) {
<a class="jxr_linenumber" name="489" href="#489">489</a> <strong class="jxr_keyword">final</strong> String msg = String.format(<span class="jxr_string">"%n%nDependency-Check Failure:%n"</span>
<a class="jxr_linenumber" name="490" href="#490">490</a> + <span class="jxr_string">"One or more dependencies were identified with vulnerabilities that have a CVSS score greater then '%.1f': %s%n"</span>
<a class="jxr_linenumber" name="491" href="#491">491</a> + <span class="jxr_string">"See the dependency-check report for more details.%n%n"</span>, failBuildOnCVSS, ids.toString());
<a class="jxr_linenumber" name="492" href="#492">492</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> BuildException(msg);
<a class="jxr_linenumber" name="493" href="#493">493</a> }
<a class="jxr_linenumber" name="494" href="#494">494</a> }
<a class="jxr_linenumber" name="495" href="#495">495</a>
<a class="jxr_linenumber" name="496" href="#496">496</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="497" href="#497">497</a> <em class="jxr_javadoccomment"> * An enumeration of supported report formats: "ALL", "HTML", "XML", "VULN",</em>
<a class="jxr_linenumber" name="498" href="#498">498</a> <em class="jxr_javadoccomment"> * etc..</em>
<a class="jxr_linenumber" name="499" href="#499">499</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="500" href="#500">500</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../org/owasp/dependencycheck/taskdefs/DependencyCheckTask.html">ReportFormats</a> <strong class="jxr_keyword">extends</strong> EnumeratedAttribute {
<a class="jxr_linenumber" name="501" href="#501">501</a>
<a class="jxr_linenumber" name="502" href="#502">502</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="503" href="#503">503</a> <em class="jxr_javadoccomment"> * Returns the list of values for the report format.</em>
<a class="jxr_linenumber" name="504" href="#504">504</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="505" href="#505">505</a> <em class="jxr_javadoccomment"> * @return the list of values for the report format</em>
<a class="jxr_linenumber" name="506" href="#506">506</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="507" href="#507">507</a> @Override
<a class="jxr_linenumber" name="508" href="#508">508</a> <strong class="jxr_keyword">public</strong> String[] getValues() {
<a class="jxr_linenumber" name="509" href="#509">509</a> <strong class="jxr_keyword">int</strong> i = 0;
<a class="jxr_linenumber" name="510" href="#510">510</a> <strong class="jxr_keyword">final</strong> Format[] formats = Format.values();
<a class="jxr_linenumber" name="511" href="#511">511</a> <strong class="jxr_keyword">final</strong> String[] values = <strong class="jxr_keyword">new</strong> String[formats.length];
<a class="jxr_linenumber" name="512" href="#512">512</a> <strong class="jxr_keyword">for</strong> (Format format : formats) {
<a class="jxr_linenumber" name="513" href="#513">513</a> values[i++] = format.name();
<a class="jxr_linenumber" name="514" href="#514">514</a> }
<a class="jxr_linenumber" name="515" href="#515">515</a> <strong class="jxr_keyword">return</strong> values;
<a class="jxr_linenumber" name="516" href="#516">516</a> }
<a class="jxr_linenumber" name="517" href="#517">517</a> }
<a class="jxr_linenumber" name="518" href="#518">518</a> }
</pre>
<hr/><div id="footer">This page was automatically generated by <a href="http://maven.apache.org/">Maven</a></div></body>
</html>