mirror of
https://github.com/ysoftdevs/DependencyCheck.git
synced 2026-03-18 07:14:09 +01:00
Merge branch 'master' of github.com:jeremylong/DependencyCheck
This commit is contained in:
Jeremy Long
@@ -192,7 +192,7 @@ public class CentralAnalyzer extends AbstractFileTypeAnalyzer {
|
|||||||
final List<MavenArtifact> mas = searcher.searchSha1(dependency.getSha1sum());
|
final List<MavenArtifact> mas = searcher.searchSha1(dependency.getSha1sum());
|
||||||
final Confidence confidence = mas.size() > 1 ? Confidence.HIGH : Confidence.HIGHEST;
|
final Confidence confidence = mas.size() > 1 ? Confidence.HIGH : Confidence.HIGHEST;
|
||||||
for (MavenArtifact ma : mas) {
|
for (MavenArtifact ma : mas) {
|
||||||
LOGGER.debug("Central analyzer found artifact ({}) for dependency ({})", ma.toString(), dependency.getFileName());
|
LOGGER.debug("Central analyzer found artifact ({}) for dependency ({})", ma, dependency.getFileName());
|
||||||
dependency.addAsEvidence("central", ma, confidence);
|
dependency.addAsEvidence("central", ma, confidence);
|
||||||
boolean pomAnalyzed = false;
|
boolean pomAnalyzed = false;
|
||||||
for (Evidence e : dependency.getVendorEvidence()) {
|
for (Evidence e : dependency.getVendorEvidence()) {
|
||||||
|
|||||||
@@ -126,7 +126,7 @@ public class NuspecAnalyzer extends AbstractFileTypeAnalyzer {
|
|||||||
*/
|
*/
|
||||||
@Override
|
@Override
|
||||||
public void analyzeFileType(Dependency dependency, Engine engine) throws AnalysisException {
|
public void analyzeFileType(Dependency dependency, Engine engine) throws AnalysisException {
|
||||||
LOGGER.debug("Checking Nuspec file {}", dependency.toString());
|
LOGGER.debug("Checking Nuspec file {}", dependency);
|
||||||
try {
|
try {
|
||||||
final NuspecParser parser = new XPathNuspecParser();
|
final NuspecParser parser = new XPathNuspecParser();
|
||||||
NugetPackage np = null;
|
NugetPackage np = null;
|
||||||
|
|||||||
@@ -90,7 +90,7 @@ public class CentralSearch {
|
|||||||
|
|
||||||
final URL url = new URL(rootURL + String.format("?q=1:\"%s\"&wt=xml", sha1));
|
final URL url = new URL(rootURL + String.format("?q=1:\"%s\"&wt=xml", sha1));
|
||||||
|
|
||||||
LOGGER.debug("Searching Central url {}", url.toString());
|
LOGGER.debug("Searching Central url {}", url);
|
||||||
|
|
||||||
// Determine if we need to use a proxy. The rules:
|
// Determine if we need to use a proxy. The rules:
|
||||||
// 1) If the proxy is set, AND the setting is set to true, use the proxy
|
// 1) If the proxy is set, AND the setting is set to true, use the proxy
|
||||||
|
|||||||
@@ -149,7 +149,6 @@ public final class CpeMemoryIndex {
|
|||||||
*
|
*
|
||||||
* @return the CPE Analyzer.
|
* @return the CPE Analyzer.
|
||||||
*/
|
*/
|
||||||
@SuppressWarnings("unchecked")
|
|
||||||
private Analyzer createIndexingAnalyzer() {
|
private Analyzer createIndexingAnalyzer() {
|
||||||
final Map<String, Analyzer> fieldAnalyzers = new HashMap<String, Analyzer>();
|
final Map<String, Analyzer> fieldAnalyzers = new HashMap<String, Analyzer>();
|
||||||
fieldAnalyzers.put(Fields.DOCUMENT_KEY, new KeywordAnalyzer());
|
fieldAnalyzers.put(Fields.DOCUMENT_KEY, new KeywordAnalyzer());
|
||||||
@@ -161,7 +160,6 @@ public final class CpeMemoryIndex {
|
|||||||
*
|
*
|
||||||
* @return the CPE Analyzer.
|
* @return the CPE Analyzer.
|
||||||
*/
|
*/
|
||||||
@SuppressWarnings("unchecked")
|
|
||||||
private Analyzer createSearchingAnalyzer() {
|
private Analyzer createSearchingAnalyzer() {
|
||||||
final Map<String, Analyzer> fieldAnalyzers = new HashMap<String, Analyzer>();
|
final Map<String, Analyzer> fieldAnalyzers = new HashMap<String, Analyzer>();
|
||||||
fieldAnalyzers.put(Fields.DOCUMENT_KEY, new KeywordAnalyzer());
|
fieldAnalyzers.put(Fields.DOCUMENT_KEY, new KeywordAnalyzer());
|
||||||
@@ -173,24 +171,6 @@ public final class CpeMemoryIndex {
|
|||||||
return new PerFieldAnalyzerWrapper(new FieldAnalyzer(LuceneUtils.CURRENT_VERSION), fieldAnalyzers);
|
return new PerFieldAnalyzerWrapper(new FieldAnalyzer(LuceneUtils.CURRENT_VERSION), fieldAnalyzers);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Saves a CPE IndexEntry into the Lucene index.
|
|
||||||
*
|
|
||||||
* @param vendor the vendor to index
|
|
||||||
* @param product the product to index
|
|
||||||
* @param indexWriter the index writer to write the entry into
|
|
||||||
* @throws CorruptIndexException is thrown if the index is corrupt
|
|
||||||
* @throws IOException is thrown if an IOException occurs
|
|
||||||
*/
|
|
||||||
public void saveEntry(String vendor, String product, IndexWriter indexWriter) throws CorruptIndexException, IOException {
|
|
||||||
final Document doc = new Document();
|
|
||||||
final Field v = new TextField(Fields.VENDOR, vendor, Field.Store.YES);
|
|
||||||
final Field p = new TextField(Fields.PRODUCT, product, Field.Store.YES);
|
|
||||||
doc.add(v);
|
|
||||||
doc.add(p);
|
|
||||||
indexWriter.addDocument(doc);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Closes the CPE Index.
|
* Closes the CPE Index.
|
||||||
*/
|
*/
|
||||||
@@ -230,9 +210,20 @@ public final class CpeMemoryIndex {
|
|||||||
final IndexWriterConfig conf = new IndexWriterConfig(LuceneUtils.CURRENT_VERSION, analyzer);
|
final IndexWriterConfig conf = new IndexWriterConfig(LuceneUtils.CURRENT_VERSION, analyzer);
|
||||||
indexWriter = new IndexWriter(index, conf);
|
indexWriter = new IndexWriter(index, conf);
|
||||||
try {
|
try {
|
||||||
|
// Tip: reuse the Document and Fields for performance...
|
||||||
|
// See "Re-use Document and Field instances" from
|
||||||
|
// http://wiki.apache.org/lucene-java/ImproveIndexingSpeed
|
||||||
|
final Document doc = new Document();
|
||||||
|
final Field v = new TextField(Fields.VENDOR, Fields.VENDOR, Field.Store.YES);
|
||||||
|
final Field p = new TextField(Fields.PRODUCT, Fields.PRODUCT, Field.Store.YES);
|
||||||
|
doc.add(v);
|
||||||
|
doc.add(p);
|
||||||
|
|
||||||
final Set<Pair<String, String>> data = cve.getVendorProductList();
|
final Set<Pair<String, String>> data = cve.getVendorProductList();
|
||||||
for (Pair<String, String> pair : data) {
|
for (Pair<String, String> pair : data) {
|
||||||
saveEntry(pair.getLeft(), pair.getRight(), indexWriter);
|
v.setStringValue(pair.getLeft());
|
||||||
|
p.setStringValue(pair.getRight());
|
||||||
|
indexWriter.addDocument(doc);
|
||||||
}
|
}
|
||||||
} catch (DatabaseException ex) {
|
} catch (DatabaseException ex) {
|
||||||
LOGGER.debug("", ex);
|
LOGGER.debug("", ex);
|
||||||
|
|||||||
@@ -341,7 +341,7 @@ public class Dependency implements Serializable, Comparable<Dependency> {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (!found) {
|
if (!found) {
|
||||||
LOGGER.debug("Adding new maven identifier {}", mavenArtifact.toString());
|
LOGGER.debug("Adding new maven identifier {}", mavenArtifact);
|
||||||
this.addIdentifier("maven", mavenArtifact.toString(), mavenArtifact.getArtifactUrl(), Confidence.HIGHEST);
|
this.addIdentifier("maven", mavenArtifact.toString(), mavenArtifact.getArtifactUrl(), Confidence.HIGHEST);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -57,7 +57,6 @@ public final class Checksum {
|
|||||||
* @throws IOException when the file does not exist
|
* @throws IOException when the file does not exist
|
||||||
* @throws NoSuchAlgorithmException when an algorithm is specified that does not exist
|
* @throws NoSuchAlgorithmException when an algorithm is specified that does not exist
|
||||||
*/
|
*/
|
||||||
@SuppressWarnings("empty-statement")
|
|
||||||
public static byte[] getChecksum(String algorithm, File file) throws NoSuchAlgorithmException, IOException {
|
public static byte[] getChecksum(String algorithm, File file) throws NoSuchAlgorithmException, IOException {
|
||||||
MessageDigest digest = MessageDigest.getInstance(algorithm);
|
MessageDigest digest = MessageDigest.getInstance(algorithm);
|
||||||
FileInputStream fis = null;
|
FileInputStream fis = null;
|
||||||
@@ -79,12 +78,6 @@ public final class Checksum {
|
|||||||
digest.update(byteBuffer);
|
digest.update(byteBuffer);
|
||||||
start += amountToRead;
|
start += amountToRead;
|
||||||
}
|
}
|
||||||
|
|
||||||
// BufferedInputStream bis = new BufferedInputStream(fis);
|
|
||||||
// DigestInputStream dis = new DigestInputStream(bis, digest);
|
|
||||||
// //yes, we are reading in a buffer for performance reasons - 1 byte at a time is SLOW
|
|
||||||
// byte[] buffer = new byte[8192];
|
|
||||||
// while (dis.read(buffer) != -1);
|
|
||||||
} finally {
|
} finally {
|
||||||
if (fis != null) {
|
if (fis != null) {
|
||||||
try {
|
try {
|
||||||
|
|||||||
@@ -61,7 +61,7 @@ public final class FileUtils {
|
|||||||
String ret = null;
|
String ret = null;
|
||||||
final int pos = fileName.lastIndexOf(".");
|
final int pos = fileName.lastIndexOf(".");
|
||||||
if (pos >= 0) {
|
if (pos >= 0) {
|
||||||
ret = fileName.substring(pos + 1, fileName.length()).toLowerCase();
|
ret = fileName.substring(pos + 1).toLowerCase();
|
||||||
}
|
}
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -460,12 +460,7 @@ public final class Settings {
|
|||||||
* @param value the value for the property
|
* @param value the value for the property
|
||||||
*/
|
*/
|
||||||
public static void setBoolean(String key, boolean value) {
|
public static void setBoolean(String key, boolean value) {
|
||||||
if (value) {
|
setString(key, Boolean.toString(value));
|
||||||
localSettings.get().props.setProperty(key, Boolean.TRUE.toString());
|
|
||||||
} else {
|
|
||||||
localSettings.get().props.setProperty(key, Boolean.FALSE.toString());
|
|
||||||
}
|
|
||||||
LOGGER.debug("Setting: {}='{}'", key, value);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@@ -664,13 +659,11 @@ public final class Settings {
|
|||||||
* @throws InvalidSettingException is thrown if there is an error retrieving the setting
|
* @throws InvalidSettingException is thrown if there is an error retrieving the setting
|
||||||
*/
|
*/
|
||||||
public static int getInt(String key) throws InvalidSettingException {
|
public static int getInt(String key) throws InvalidSettingException {
|
||||||
int value;
|
|
||||||
try {
|
try {
|
||||||
value = Integer.parseInt(Settings.getString(key));
|
return Integer.parseInt(Settings.getString(key));
|
||||||
} catch (NumberFormatException ex) {
|
} catch (NumberFormatException ex) {
|
||||||
throw new InvalidSettingException("Could not convert property '" + key + "' to an int.", ex);
|
throw new InvalidSettingException("Could not convert property '" + key + "' to an int.", ex);
|
||||||
}
|
}
|
||||||
return value;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@@ -704,13 +697,11 @@ public final class Settings {
|
|||||||
* @throws InvalidSettingException is thrown if there is an error retrieving the setting
|
* @throws InvalidSettingException is thrown if there is an error retrieving the setting
|
||||||
*/
|
*/
|
||||||
public static long getLong(String key) throws InvalidSettingException {
|
public static long getLong(String key) throws InvalidSettingException {
|
||||||
long value;
|
|
||||||
try {
|
try {
|
||||||
value = Long.parseLong(Settings.getString(key));
|
return Long.parseLong(Settings.getString(key));
|
||||||
} catch (NumberFormatException ex) {
|
} catch (NumberFormatException ex) {
|
||||||
throw new InvalidSettingException("Could not convert property '" + key + "' to an int.", ex);
|
throw new InvalidSettingException("Could not convert property '" + key + "' to a long.", ex);
|
||||||
}
|
}
|
||||||
return value;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@@ -723,13 +714,7 @@ public final class Settings {
|
|||||||
* @throws InvalidSettingException is thrown if there is an error retrieving the setting
|
* @throws InvalidSettingException is thrown if there is an error retrieving the setting
|
||||||
*/
|
*/
|
||||||
public static boolean getBoolean(String key) throws InvalidSettingException {
|
public static boolean getBoolean(String key) throws InvalidSettingException {
|
||||||
boolean value;
|
return Boolean.parseBoolean(Settings.getString(key));
|
||||||
try {
|
|
||||||
value = Boolean.parseBoolean(Settings.getString(key));
|
|
||||||
} catch (NumberFormatException ex) {
|
|
||||||
throw new InvalidSettingException("Could not convert property '" + key + "' to an int.", ex);
|
|
||||||
}
|
|
||||||
return value;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@@ -743,17 +728,7 @@ public final class Settings {
|
|||||||
* @throws InvalidSettingException is thrown if there is an error retrieving the setting
|
* @throws InvalidSettingException is thrown if there is an error retrieving the setting
|
||||||
*/
|
*/
|
||||||
public static boolean getBoolean(String key, boolean defaultValue) throws InvalidSettingException {
|
public static boolean getBoolean(String key, boolean defaultValue) throws InvalidSettingException {
|
||||||
boolean value;
|
return Boolean.parseBoolean(Settings.getString(key, Boolean.toString(defaultValue)));
|
||||||
try {
|
|
||||||
final String strValue = Settings.getString(key);
|
|
||||||
if (strValue == null) {
|
|
||||||
return defaultValue;
|
|
||||||
}
|
|
||||||
value = Boolean.parseBoolean(strValue);
|
|
||||||
} catch (NumberFormatException ex) {
|
|
||||||
throw new InvalidSettingException("Could not convert property '" + key + "' to an int.", ex);
|
|
||||||
}
|
|
||||||
return value;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
Reference in New Issue
Block a user