github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-14 07:43:40 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add test for project url from pom.xml

Browse Source
This commit is contained in:
bjiang
2016-04-15 12:30:14 -04:00
parent 48af120db8
commit da82f975e4
3 changed files with 23 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java
View File

@@ -568,7 +568,7 @@ public class JarAnalyzer extends AbstractFileTypeAnalyzer {
String projectURL = pom.getProjectURL();
if(projectURL != null && !projectURL.trim().isEmpty()) {
dependency.getVersionEvidence().addEvidence("pom", "url", projectURL, Confidence.HIGHEST);
dependency.getVendorEvidence().addEvidence("pom", "url", projectURL, Confidence.HIGHEST);
}
extractLicense(pom, dependency);

29
dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/JarAnalyzerTest.java
View File

@@ -17,23 +17,25 @@
*/
package org.owasp.dependencycheck.analyzer;
import org.junit.Test;
import org.owasp.dependencycheck.BaseTest;
import org.owasp.dependencycheck.dependency.Dependency;
import org.owasp.dependencycheck.dependency.Evidence;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
import java.io.File;
import java.util.ArrayList;
import java.util.List;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
import org.junit.Test;
import org.owasp.dependencycheck.BaseTest;
import org.owasp.dependencycheck.dependency.Dependency;
import org.owasp.dependencycheck.dependency.Evidence;
/**
* @author Jeremy Long
*/
public class JarAnalyzerTest extends BaseTest {
// private static final Logger LOGGER = LoggerFactory.getLogger(JarAnalyzerTest.class);
/**
* Test of inspect method, of class JarAnalyzer.
*
@@ -48,12 +50,25 @@ public class JarAnalyzerTest extends BaseTest {
instance.analyze(result, null);
assertTrue(result.getVendorEvidence().toString().toLowerCase().contains("apache"));
assertTrue(result.getVendorEvidence().getWeighting().contains("apache"));
file = BaseTest.getResourceAsFile(this, "dwr.jar");
result = new Dependency(file);
instance.analyze(result, null);
boolean found = false;
for (Evidence e : result.getVendorEvidence()) {
if (e.getName().equals("url")) {
assertEquals("Project url was not as expected in dwr.jar", e.getValue(), "http://getahead.ltd.uk/dwr");
found = true;
break;
}
}
assertTrue("Project url was not found in dwr.jar", found);
//file = new File(this.getClass().getClassLoader().getResource("org.mortbay.jetty.jar").getPath());
file = BaseTest.getResourceAsFile(this, "org.mortbay.jetty.jar");
result = new Dependency(file);
instance.analyze(result, null);
boolean found = false;
found = false;
for (Evidence e : result.getProductEvidence()) {
if (e.getName().equalsIgnoreCase("package-title")
&& e.getValue().equalsIgnoreCase("org.mortbay.http")) {

BIN
dependency-check-core/src/test/resources/dwr.jar Normal file
View File

Binary file not shown.