github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-03-25 18:41:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

remove code duplication

Browse Source
This commit is contained in:
Jeremy Long
2017-12-03 05:57:20 -05:00
parent c6363fde7a
commit d713e5d7d7
3 changed files with 28 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/AbstractNpmAnalyzer.java
View File

@@ -32,6 +32,7 @@ import javax.json.JsonObject;
import javax.json.JsonObjectBuilder; import javax.json.JsonObjectBuilder;
import javax.json.JsonString; import javax.json.JsonString;
import javax.json.JsonValue; import javax.json.JsonValue;
import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
import org.owasp.dependencycheck.dependency.EvidenceType; import org.owasp.dependencycheck.dependency.EvidenceType;
import org.owasp.dependencycheck.utils.Checksum; import org.owasp.dependencycheck.utils.Checksum;
@@ -71,19 +72,37 @@ public abstract class AbstractNpmAnalyzer extends AbstractFileTypeAnalyzer {
boolean accept = super.accept(pathname); boolean accept = super.accept(pathname);
if (accept) { if (accept) {
try { try {
// Do not scan the node_modules directory accept |= shouldProcess(pathname);
if (pathname.getCanonicalPath().contains(File.separator + "node_modules" + File.separator)) { } catch (AnalysisException ex) {
LOGGER.debug("Skipping analysis of node module: " + pathname.getCanonicalPath()); throw new RuntimeException(ex.getMessage(), ex.getCause());
accept = false;
}
} catch (IOException ex) {
throw new RuntimeException("Unable to process dependency", ex);
} }
} }
return accept; return accept;
} }
/**
* Determines if the path contains "/node_modules/" (i.e. it is a child
* module. This analyzer does not scan child modules.
*
* @param pathname the path to test
* @return <code>true</code> if the path does not contain "/node_modules/"
* @throws AnalysisException thrown if the canonical path cannot be obtained
* from the given file
*/
protected boolean shouldProcess(File pathname) throws AnalysisException {
try {
// Do not scan the node_modules directory
if (pathname.getCanonicalPath().contains(File.separator + "node_modules" + File.separator)) {
LOGGER.debug("Skipping analysis of node module: " + pathname.getCanonicalPath());
return false;
}
} catch (IOException ex) {
throw new AnalysisException("Unable to process dependency", ex);
}
return true;
}
/** /**
* Construct a dependency object. * Construct a dependency object.
* *

11
dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/NodePackageAnalyzer.java
View File

@@ -167,18 +167,9 @@ public class NodePackageAnalyzer extends AbstractNpmAnalyzer {
protected void analyzeDependency(Dependency dependency, Engine engine) throws AnalysisException { protected void analyzeDependency(Dependency dependency, Engine engine) throws AnalysisException {
engine.removeDependency(dependency); engine.removeDependency(dependency);
final File dependencyFile = dependency.getActualFile(); final File dependencyFile = dependency.getActualFile();
if (!dependencyFile.isFile() || dependencyFile.length() == 0) { if (!dependencyFile.isFile() || dependencyFile.length() == 0 || !shouldProcess(dependencyFile)) {
return; return;
} }
try {
// Do not scan the node_modules directory
if (dependencyFile.getCanonicalPath().contains(File.separator + "node_modules" + File.separator)) {
LOGGER.debug("Skipping analysis of node module: " + dependencyFile.getCanonicalPath());
return;
}
} catch (IOException ex) {
throw new AnalysisException("Unable to process dependency", ex);
}
final File baseDir = dependencyFile.getParentFile(); final File baseDir = dependencyFile.getParentFile();
if (PACKAGE_LOCK_JSON.equals(dependency.getFileName())) { if (PACKAGE_LOCK_JSON.equals(dependency.getFileName())) {
final File shrinkwrap = new File(baseDir, SHRINKWRAP_JSON); final File shrinkwrap = new File(baseDir, SHRINKWRAP_JSON);

12
dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/NspAnalyzer.java
View File

@@ -158,20 +158,10 @@ public class NspAnalyzer extends AbstractNpmAnalyzer {
protected void analyzeDependency(Dependency dependency, Engine engine) throws AnalysisException { protected void analyzeDependency(Dependency dependency, Engine engine) throws AnalysisException {
engine.removeDependency(dependency); engine.removeDependency(dependency);
final File file = dependency.getActualFile(); final File file = dependency.getActualFile();
if (!file.isFile() || file.length() == 0) { if (!file.isFile() || file.length() == 0 || !shouldProcess(file)) {
return; return;
} }
try {
// Do not scan the node_modules directory
if (file.getCanonicalPath().contains(File.separator + "node_modules" + File.separator)) {
LOGGER.debug("Skipping analysis of node module: " + file.getCanonicalPath());
return;
}
} catch (IOException ex) {
throw new AnalysisException("Unable to process dependency", ex);
}
try (JsonReader jsonReader = Json.createReader(FileUtils.openInputStream(file))) { try (JsonReader jsonReader = Json.createReader(FileUtils.openInputStream(file))) {
// Retrieves the contents of package.json from the Dependency // Retrieves the contents of package.json from the Dependency