github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-15 16:23:37 +01:00
Code Issues Packages Projects Releases Wiki Activity

change in namespace as this is now an OWASP project

Browse Source 
Former-commit-id: dc00f98a142bef2560d90f3b851844f352fbf262
This commit is contained in:
Jeremy Long
2013-03-03 08:57:38 -05:00
parent f6f68655fb
commit ea1fb191a9
141 changed files with 2729 additions and 2330 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
src/test/java/org/codesecure/dependencycheck/data/cpe/EntryTest.java
View File

@@ -1,47 +0,0 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package org.codesecure.dependencycheck.data.cpe;
import junit.framework.TestCase;
/**
*
* @author Jeremy Long
*/
public class EntryTest extends TestCase {
public EntryTest(String testName) {
super(testName);
}
@Override
protected void setUp() throws Exception {
super.setUp();
}
@Override
protected void tearDown() throws Exception {
super.tearDown();
}
/**
* Test of setName method, of class Entry.
* @throws Exception is thrown when an exception occurs.
*/
public void testSetName() throws Exception {
System.out.println("setName");
String name = "cpe:/a:apache:struts:1.1:rc2";
Entry instance = new Entry();
instance.parseName(name);
assertEquals(name,instance.getName());
assertEquals("apache", instance.getVendor());
assertEquals("struts", instance.getProduct());
assertEquals("1.1", instance.getVersion());
assertEquals("rc2", instance.getRevision());
}
}

48
src/test/java/org/codesecure/dependencycheck/data/nvdcve/xml/DatabaseUpdaterIntegrationTest.java
View File

@@ -1,48 +0,0 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package org.codesecure.dependencycheck.data.nvdcve.xml;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
/**
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class DatabaseUpdaterIntegrationTest {
public DatabaseUpdaterIntegrationTest() {
}
@BeforeClass
public static void setUpClass() throws Exception {
}
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
/**
* Test of update method, of class DatabaseUpdater.
* @throws Exception
*/
@Test
public void testUpdate() throws Exception {
System.out.println("update");
DatabaseUpdater instance = new DatabaseUpdater();
instance.update();
}
}

28
src/test/java/org/codesecure/dependencycheck/EngineIntegrationTest.java → src/test/java/org/owasp/dependencycheck/EngineIntegrationTest.java
View File

@@ -1,10 +1,25 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck;
package org.owasp.dependencycheck;
import org.codesecure.dependencycheck.reporting.ReportGenerator;
import org.owasp.dependencycheck.Engine;
import org.owasp.dependencycheck.reporting.ReportGenerator;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
@@ -19,8 +34,8 @@ import static org.junit.Assert.*;
public class EngineIntegrationTest {
public EngineIntegrationTest() throws Exception {
org.codesecure.dependencycheck.data.nvdcve.BaseDBTestCase.ensureDBExists();
org.codesecure.dependencycheck.data.cpe.BaseIndexTestCase.ensureIndexExists();
org.owasp.dependencycheck.data.nvdcve.BaseDBTestCase.ensureDBExists();
org.owasp.dependencycheck.data.cpe.BaseIndexTestCase.ensureIndexExists();
}
@BeforeClass
@@ -45,7 +60,6 @@ public class EngineIntegrationTest {
*/
@Test
public void testScan() throws Exception {
System.out.println("scan");
String path = "./src/test/resources/";
Engine instance = new Engine();
instance.scan(path);

29
src/test/java/org/codesecure/dependencycheck/analyzer/AbstractAnalyzerTest.java → src/test/java/org/owasp/dependencycheck/analyzer/AbstractAnalyzerTest.java
View File

@@ -1,10 +1,24 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.analyzer;
package org.owasp.dependencycheck.analyzer;
import org.codesecure.dependencycheck.analyzer.AbstractAnalyzer;
import org.owasp.dependencycheck.analyzer.AbstractAnalyzer;
import java.util.Set;
import org.junit.After;
import org.junit.AfterClass;
@@ -18,7 +32,7 @@ import static org.junit.Assert.*;
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class AbstractAnalyzerTest {
public AbstractAnalyzerTest() {
}
@@ -29,11 +43,11 @@ public class AbstractAnalyzerTest {
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
@@ -43,7 +57,6 @@ public class AbstractAnalyzerTest {
*/
@Test
public void testNewHashSet() {
System.out.println("newHashSet");
Set result = AbstractAnalyzer.newHashSet("one","two");
assertEquals(2, result.size());
assertTrue(result.contains("one"));

31
src/test/java/org/codesecure/dependencycheck/analyzer/AnalyzerServiceTest.java → src/test/java/org/owasp/dependencycheck/analyzer/AnalyzerServiceTest.java
View File

@@ -1,11 +1,25 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.analyzer;
package org.owasp.dependencycheck.analyzer;
import org.codesecure.dependencycheck.analyzer.AnalyzerService;
import org.codesecure.dependencycheck.analyzer.Analyzer;
import org.owasp.dependencycheck.analyzer.AnalyzerService;
import org.owasp.dependencycheck.analyzer.Analyzer;
import java.util.Set;
import java.util.Iterator;
import org.junit.After;
@@ -20,7 +34,7 @@ import static org.junit.Assert.*;
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class AnalyzerServiceTest {
public AnalyzerServiceTest() {
}
@@ -31,11 +45,11 @@ public class AnalyzerServiceTest {
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
@@ -45,7 +59,6 @@ public class AnalyzerServiceTest {
*/
@Test
public void testGetAnalyzers() {
System.out.println("getAnalyzers");
AnalyzerService instance = AnalyzerService.getInstance();
Iterator<Analyzer> result = instance.getAnalyzers();

31
src/test/java/org/codesecure/dependencycheck/analyzer/FileNameAnalyzerTest.java → src/test/java/org/owasp/dependencycheck/analyzer/FileNameAnalyzerTest.java
View File

@@ -1,12 +1,28 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.analyzer;
package org.owasp.dependencycheck.analyzer;
import org.owasp.dependencycheck.analyzer.AnalysisPhase;
import org.owasp.dependencycheck.analyzer.FileNameAnalyzer;
import java.io.File;
import java.util.Set;
import org.codesecure.dependencycheck.dependency.Dependency;
import org.owasp.dependencycheck.dependency.Dependency;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
@@ -44,7 +60,6 @@ public class FileNameAnalyzerTest {
*/
@Test
public void testGetSupportedExtensions() {
System.out.println("getSupportedExtensions");
FileNameAnalyzer instance = new FileNameAnalyzer();
Set expResult = null;
Set result = instance.getSupportedExtensions();
@@ -56,7 +71,6 @@ public class FileNameAnalyzerTest {
*/
@Test
public void testGetName() {
System.out.println("getName");
FileNameAnalyzer instance = new FileNameAnalyzer();
String expResult = "File Name Analyzer";
String result = instance.getName();
@@ -68,7 +82,6 @@ public class FileNameAnalyzerTest {
*/
@Test
public void testSupportsExtension() {
System.out.println("supportsExtension");
String extension = "any";
FileNameAnalyzer instance = new FileNameAnalyzer();
boolean expResult = true;
@@ -81,7 +94,6 @@ public class FileNameAnalyzerTest {
*/
@Test
public void testGetAnalysisPhase() {
System.out.println("getAnalysisPhase");
FileNameAnalyzer instance = new FileNameAnalyzer();
AnalysisPhase expResult = AnalysisPhase.INFORMATION_COLLECTION;
AnalysisPhase result = instance.getAnalysisPhase();
@@ -93,7 +105,6 @@ public class FileNameAnalyzerTest {
*/
@Test
public void testAnalyze() throws Exception {
System.out.println("analyze");
File file = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
Dependency result = new Dependency(file);
FileNameAnalyzer instance = new FileNameAnalyzer();
@@ -106,7 +117,6 @@ public class FileNameAnalyzerTest {
*/
@Test
public void testInitialize() {
System.out.println("initialize");
FileNameAnalyzer instance = new FileNameAnalyzer();
instance.initialize();
assertTrue(true); //initialize does nothing.
@@ -117,7 +127,6 @@ public class FileNameAnalyzerTest {
*/
@Test
public void testClose() {
System.out.println("close");
FileNameAnalyzer instance = new FileNameAnalyzer();
instance.close();
assertTrue(true); //close does nothing.

31
src/test/java/org/codesecure/dependencycheck/analyzer/JarAnalyzerTest.java → src/test/java/org/owasp/dependencycheck/analyzer/JarAnalyzerTest.java
View File

@@ -1,13 +1,27 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.analyzer;
package org.owasp.dependencycheck.analyzer;
import java.util.Properties;
import org.codesecure.dependencycheck.analyzer.JarAnalyzer;
import org.codesecure.dependencycheck.dependency.Dependency;
import org.codesecure.dependencycheck.dependency.Evidence;
import org.owasp.dependencycheck.analyzer.JarAnalyzer;
import org.owasp.dependencycheck.dependency.Dependency;
import org.owasp.dependencycheck.dependency.Evidence;
import java.util.HashSet;
import java.io.File;
import java.util.Set;
@@ -49,7 +63,6 @@ public class JarAnalyzerTest {
*/
@Test
public void testAnalyze() throws Exception {
System.out.println("analyze");
File file = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
Dependency result = new Dependency(file);
JarAnalyzer instance = new JarAnalyzer();
@@ -57,7 +70,6 @@ public class JarAnalyzerTest {
assertTrue(result.getVendorEvidence().toString().toLowerCase().contains("apache"));
assertTrue(result.getVendorEvidence().getWeighting().contains("apache"));
file = new File(this.getClass().getClassLoader().getResource("org.mortbay.jetty.jar").getPath());
result = new Dependency(file);
instance.analyze(result, null);
@@ -102,7 +114,6 @@ public class JarAnalyzerTest {
*/
@Test
public void testGetSupportedExtensions() {
System.out.println("getSupportedExtensions");
JarAnalyzer instance = new JarAnalyzer();
Set expResult = new HashSet();
expResult.add("jar");
@@ -115,7 +126,6 @@ public class JarAnalyzerTest {
*/
@Test
public void testGetName() {
System.out.println("getName");
JarAnalyzer instance = new JarAnalyzer();
String expResult = "Jar Analyzer";
String result = instance.getName();
@@ -127,7 +137,6 @@ public class JarAnalyzerTest {
*/
@Test
public void testSupportsExtension() {
System.out.println("supportsExtension");
String extension = "jar";
JarAnalyzer instance = new JarAnalyzer();
boolean expResult = true;

61
src/test/java/org/codesecure/dependencycheck/data/cpe/BaseIndexTestCase.java → src/test/java/org/owasp/dependencycheck/data/cpe/BaseIndexTestCase.java
View File

@@ -1,9 +1,24 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.cpe;
package org.owasp.dependencycheck.data.cpe;
import org.owasp.dependencycheck.data.cpe.Index;
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.File;
@@ -13,25 +28,35 @@ import java.io.IOException;
import java.net.URLDecoder;
import java.util.zip.ZipEntry;
import java.util.zip.ZipInputStream;
import junit.framework.TestCase;
import org.codesecure.dependencycheck.utils.Settings;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
import org.junit.BeforeClass;
import org.owasp.dependencycheck.utils.Settings;
/**
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public abstract class BaseIndexTestCase extends TestCase {
public BaseIndexTestCase(String testName) {
super(testName);
public abstract class BaseIndexTestCase {
@BeforeClass
public static void setUpClass() throws Exception {
}
@Override
protected void setUp() throws Exception {
super.setUp();
ensureIndexExists();
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
public void setUp() throws Exception {
ensureIndexExists();
}
@After
public void tearDown() throws Exception {
}
protected static File getDataDirectory() throws IOException {
String fileName = Settings.getString(Settings.KEYS.CPE_INDEX);
String filePath = Index.class.getProtectionDomain().getCodeSource().getLocation().getPath();
@@ -46,7 +71,7 @@ public abstract class BaseIndexTestCase extends TestCase {
path = new File(path.getCanonicalPath());
return path;
}
public static void ensureIndexExists() throws Exception {
//String indexPath = Settings.getString(Settings.KEYS.CPE_INDEX);
String indexPath = getDataDirectory().getCanonicalPath();
@@ -82,8 +107,8 @@ public abstract class BaseIndexTestCase extends TestCase {
while ((count = zin.read(data, 0, BUFFER)) != -1) {
dest.write(data, 0, count);
}
} catch (Exception ex) {
String ignore = ex.getMessage();
} catch (Exception ex) {
String ignore = ex.getMessage();
} finally {
try {
dest.flush();

44
src/test/java/org/codesecure/dependencycheck/data/cpe/CPEAnalyzerTest.java → src/test/java/org/owasp/dependencycheck/data/cpe/CPEAnalyzerTest.java
View File

@@ -1,9 +1,25 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.cpe;
package org.owasp.dependencycheck.data.cpe;
import org.owasp.dependencycheck.data.cpe.Entry;
import org.owasp.dependencycheck.data.cpe.CPEAnalyzer;
import java.io.File;
import java.io.IOException;
import java.util.HashSet;
@@ -11,26 +27,16 @@ import java.util.List;
import java.util.Set;
import org.apache.lucene.index.CorruptIndexException;
import org.apache.lucene.queryparser.classic.ParseException;
import org.codesecure.dependencycheck.dependency.Dependency;
import org.codesecure.dependencycheck.analyzer.JarAnalyzer;
import org.junit.After;
import org.owasp.dependencycheck.dependency.Dependency;
import org.owasp.dependencycheck.analyzer.JarAnalyzer;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
/**
*
* @author jeremy
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class CPEAnalyzerTest {
@Before
public void setUp() throws Exception {
}
@After
public void tearDown() throws Exception {
}
public class CPEAnalyzerTest extends BaseIndexTestCase {
/**
* Tests of buildSearch of class CPEAnalyzer.
@@ -40,7 +46,6 @@ public class CPEAnalyzerTest {
*/
@Test
public void testBuildSearch() throws IOException, CorruptIndexException, ParseException {
System.out.println("buildSearch");
Set<String> productWeightings = new HashSet<String>(1);
productWeightings.add("struts2");
@@ -75,7 +80,6 @@ public class CPEAnalyzerTest {
*/
@Test
public void testOpen() throws Exception {
System.out.println("open");
CPEAnalyzer instance = new CPEAnalyzer();
Assert.assertFalse(instance.isOpen());
instance.open();
@@ -90,7 +94,6 @@ public class CPEAnalyzerTest {
*/
@Test
public void testDetermineCPE() throws Exception {
System.out.println("determineCPE");
File file = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
JarAnalyzer jarAnalyzer = new JarAnalyzer();
Dependency depends = new Dependency(file);
@@ -128,7 +131,6 @@ public class CPEAnalyzerTest {
*/
@Test
public void testSearchCPE() throws Exception {
System.out.println("searchCPE");
String vendor = "apache software foundation";
String product = "struts 2 core";
String version = "2.1.2";

67
src/test/java/org/owasp/dependencycheck/data/cpe/EntryTest.java Normal file
View File

@@ -0,0 +1,67 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.owasp.dependencycheck.data.cpe;
import org.owasp.dependencycheck.data.cpe.Entry;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import org.junit.Assert;
/**
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class EntryTest {
@BeforeClass
public static void setUpClass() throws Exception {
}
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
/**
* Test of setName method, of class Entry.
* @throws Exception is thrown when an exception occurs.
*/
@Test
public void testSetName() throws Exception {
String name = "cpe:/a:apache:struts:1.1:rc2";
Entry instance = new Entry();
instance.parseName(name);
Assert.assertEquals(name,instance.getName());
Assert.assertEquals("apache", instance.getVendor());
Assert.assertEquals("struts", instance.getProduct());
Assert.assertEquals("1.1", instance.getVersion());
Assert.assertEquals("rc2", instance.getRevision());
}
}

22
src/test/java/org/codesecure/dependencycheck/data/cpe/IndexIntegrationTest.java → src/test/java/org/owasp/dependencycheck/data/cpe/IndexIntegrationTest.java
View File

@@ -1,8 +1,22 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.cpe;
package org.owasp.dependencycheck.data.cpe;
import java.io.File;
import java.io.IOException;
@@ -41,7 +55,6 @@ public class IndexIntegrationTest {
*/
@Test
public void testUpdate() throws Exception {
System.out.println("update");
//deprecated
//Index instance = new Index();
//instance.update();
@@ -52,7 +65,6 @@ public class IndexIntegrationTest {
*/
@Test
public void testUpdateNeeded() throws Exception {
System.out.println("updateNeeded");
//deprecated
//Index instance = new Index();
//instance.updateNeeded();

32
src/test/java/org/codesecure/dependencycheck/data/cpe/IndexTest.java → src/test/java/org/owasp/dependencycheck/data/cpe/IndexTest.java
View File

@@ -1,15 +1,34 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.cpe;
package org.owasp.dependencycheck.data.cpe;
import org.owasp.dependencycheck.data.cpe.Index;
import java.io.File;
import java.io.IOException;
import junit.framework.Assert;
import org.apache.lucene.store.Directory;
import org.junit.*;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import static org.junit.Assert.*;
/**
*
@@ -38,7 +57,6 @@ public class IndexTest {
*/
@Test
public void testOpen() {
System.out.println("open");
Index instance = new Index();
try {
instance.open();
@@ -50,10 +68,10 @@ public class IndexTest {
/**
* Test of getDirectory method, of class Index.
* @throws Exception
*/
@Test
public void testGetDirectory() throws Exception {
System.out.println("getDirectory");
Index index = new Index();
Directory result = index.getDirectory();

28
src/test/java/org/codesecure/dependencycheck/data/cwe/CweDBTest.java → src/test/java/org/owasp/dependencycheck/data/cwe/CweDBTest.java
View File

@@ -1,15 +1,24 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.cwe;
package org.owasp.dependencycheck.data.cwe;
import java.io.ObjectOutputStream;
import java.io.FileOutputStream;
import java.util.Map;
import java.io.File;
import javax.xml.parsers.SAXParser;
import javax.xml.parsers.SAXParserFactory;
import org.owasp.dependencycheck.data.cwe.CweDB;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
@@ -69,7 +78,6 @@ public class CweDBTest {
*/
@Test
public void testGetCweName() {
System.out.println("getCweName");
String cweId = "CWE-16";
String expResult = "Configuration";
String result = CweDB.getCweName(cweId);

26
src/test/java/org/codesecure/dependencycheck/data/lucene/FieldAnalyzerTest.java → src/test/java/org/owasp/dependencycheck/data/lucene/FieldAnalyzerTest.java
View File

@@ -1,4 +1,3 @@
package org.codesecure.dependencycheck.data.lucene;
/*
* This file is part of DependencyCheck.
*
@@ -17,9 +16,11 @@ package org.codesecure.dependencycheck.data.lucene;
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.owasp.dependencycheck.data.lucene;
import org.owasp.dependencycheck.data.lucene.SearchFieldAnalyzer;
import org.owasp.dependencycheck.data.lucene.FieldAnalyzer;
import org.apache.lucene.analysis.miscellaneous.PerFieldAnalyzerWrapper;
import java.util.Map;
import java.util.HashMap;
import org.apache.lucene.queryparser.classic.QueryParser;
import org.apache.lucene.analysis.standard.StandardAnalyzer;
@@ -52,9 +53,6 @@ import static org.junit.Assert.*;
*/
public class FieldAnalyzerTest {
public FieldAnalyzerTest() {
}
@BeforeClass
public static void setUpClass() throws Exception {
}
@@ -73,21 +71,21 @@ public class FieldAnalyzerTest {
@Test
public void testAnalyzers() throws Exception {
Analyzer analyzer = new FieldAnalyzer(Version.LUCENE_40);
Directory index = new RAMDirectory();
String field1 = "product";
String text1 = "springframework";
String field2 = "vendor";
String text2 = "springsource";
createIndex(analyzer, index, field1, text1, field2, text2);
//Analyzer searchingAnalyzer = new SearchFieldAnalyzer(Version.LUCENE_40);
String querystr = "product:\"(Spring Framework Core)\" vendor:(SpringSource)";
SearchFieldAnalyzer searchAnalyzerProduct = new SearchFieldAnalyzer(Version.LUCENE_40);
SearchFieldAnalyzer searchAnalyzerVendor = new SearchFieldAnalyzer(Version.LUCENE_40);
HashMap<String,Analyzer> map = new HashMap<String,Analyzer>();
@@ -95,10 +93,10 @@ public class FieldAnalyzerTest {
map.put(field2, searchAnalyzerVendor);
PerFieldAnalyzerWrapper wrapper = new PerFieldAnalyzerWrapper(new StandardAnalyzer(Version.LUCENE_40), map);
QueryParser parser = new QueryParser(Version.LUCENE_40, field1, wrapper);
Query q = parser.parse(querystr);
//System.out.println(q.toString());
int hitsPerPage = 10;
IndexReader reader = DirectoryReader.open(index);
@@ -106,9 +104,9 @@ public class FieldAnalyzerTest {
TopScoreDocCollector collector = TopScoreDocCollector.create(hitsPerPage, true);
searcher.search(q, collector);
ScoreDoc[] hits = collector.topDocs().scoreDocs;
assertEquals("Did not find 1 document?", 1, hits.length);
searchAnalyzerProduct.clear(); //ensure we don't have anything left over from the previous search.
searchAnalyzerVendor.clear();
querystr = "product:(Apache Struts) vendor:(Apache)";

43
src/test/java/org/codesecure/dependencycheck/data/lucene/LuceneUtilsTest.java → src/test/java/org/owasp/dependencycheck/data/lucene/LuceneUtilsTest.java
View File

@@ -1,10 +1,24 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.lucene;
package org.owasp.dependencycheck.data.lucene;
import org.codesecure.dependencycheck.data.lucene.LuceneUtils;
import org.owasp.dependencycheck.data.lucene.LuceneUtils;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
@@ -17,9 +31,6 @@ import static org.junit.Assert.*;
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class LuceneUtilsTest {
public LuceneUtilsTest() {
}
@BeforeClass
public static void setUpClass() throws Exception {
@@ -28,11 +39,11 @@ public class LuceneUtilsTest {
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
@@ -42,19 +53,17 @@ public class LuceneUtilsTest {
*/
@Test
public void testAppendEscapedLuceneQuery() {
System.out.println("appendEscapedLuceneQuery");
StringBuilder buf = new StringBuilder();
CharSequence text = "test encoding + - & | ! ( ) { } [ ] ^ \" ~ * ? : \\";
String expResult = "test encoding \\+ \\- \\& \\| \\! \\( \\) \\{ \\} \\[ \\] \\^ \\\" \\~ \\* \\? \\: \\\\";
String expResult = "test encoding \\+ \\- \\& \\| \\! \\( \\) \\{ \\} \\[ \\] \\^ \\\" \\~ \\* \\? \\: \\\\";
LuceneUtils.appendEscapedLuceneQuery(buf, text);
assertEquals(expResult, buf.toString());
}
/**
/**
* Test of appendEscapedLuceneQuery method, of class LuceneUtils.
*/
@Test
public void testAppendEscapedLuceneQuery_null() {
System.out.println("appendEscapedLuceneQuery");
StringBuilder buf = new StringBuilder();
CharSequence text = null;
LuceneUtils.appendEscapedLuceneQuery(buf, text);
@@ -65,19 +74,17 @@ public class LuceneUtilsTest {
*/
@Test
public void testEscapeLuceneQuery() {
System.out.println("escapeLuceneQuery");
CharSequence text = "test encoding + - & | ! ( ) { } [ ] ^ \" ~ * ? : \\";
String expResult = "test encoding \\+ \\- \\& \\| \\! \\( \\) \\{ \\} \\[ \\] \\^ \\\" \\~ \\* \\? \\: \\\\";
CharSequence text = "test encoding + - & | ! ( ) { } [ ] ^ \" ~ * ? : \\";
String expResult = "test encoding \\+ \\- \\& \\| \\! \\( \\) \\{ \\} \\[ \\] \\^ \\\" \\~ \\* \\? \\: \\\\";
String result = LuceneUtils.escapeLuceneQuery(text);
assertEquals(expResult, result);
}
/**
* Test of escapeLuceneQuery method, of class LuceneUtils.
*/
@Test
public void testEscapeLuceneQuery_null() {
System.out.println("escapeLuceneQuery");
CharSequence text = null;
String expResult = null;
String result = LuceneUtils.escapeLuceneQuery(text);

24
src/test/java/org/codesecure/dependencycheck/data/nvdcve/BaseDBTestCase.java → src/test/java/org/owasp/dependencycheck/data/nvdcve/BaseDBTestCase.java
View File

@@ -1,10 +1,24 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve;
package org.owasp.dependencycheck.data.nvdcve;
import org.codesecure.dependencycheck.data.cpe.*;
import org.owasp.dependencycheck.data.cpe.*;
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.File;
@@ -15,7 +29,7 @@ import java.net.URLDecoder;
import java.util.zip.ZipEntry;
import java.util.zip.ZipInputStream;
import junit.framework.TestCase;
import org.codesecure.dependencycheck.utils.Settings;
import org.owasp.dependencycheck.utils.Settings;
/**
*

62
src/test/java/org/owasp/dependencycheck/data/nvdcve/xml/DatabaseUpdaterIntegrationTest.java Normal file
View File

@@ -0,0 +1,62 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.owasp.dependencycheck.data.nvdcve.xml;
import org.owasp.dependencycheck.data.nvdcve.xml.DatabaseUpdater;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
/**
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class DatabaseUpdaterIntegrationTest {
public DatabaseUpdaterIntegrationTest() {
}
@BeforeClass
public static void setUpClass() throws Exception {
}
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
/**
* Test of update method, of class DatabaseUpdater.
* @throws Exception
*/
@Test
public void testUpdate() throws Exception {
DatabaseUpdater instance = new DatabaseUpdater();
instance.update();
}
}

23
src/test/java/org/codesecure/dependencycheck/data/nvdcve/xml/NvdCve_1_2_HandlerTest.java → src/test/java/org/owasp/dependencycheck/data/nvdcve/xml/NvdCve_1_2_HandlerTest.java
View File

@@ -1,15 +1,30 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.xml;
package org.owasp.dependencycheck.data.nvdcve.xml;
import org.owasp.dependencycheck.data.nvdcve.xml.NvdCve12Handler;
import java.io.File;
import java.util.List;
import java.util.Map;
import javax.xml.parsers.SAXParser;
import javax.xml.parsers.SAXParserFactory;
import org.codesecure.dependencycheck.dependency.VulnerableSoftware;
import org.owasp.dependencycheck.dependency.VulnerableSoftware;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;

21
src/test/java/org/codesecure/dependencycheck/data/nvdcve/xml/NvdCve_2_0_HandlerTest.java → src/test/java/org/owasp/dependencycheck/data/nvdcve/xml/NvdCve_2_0_HandlerTest.java
View File

@@ -1,9 +1,24 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.xml;
package org.owasp.dependencycheck.data.nvdcve.xml;
import org.owasp.dependencycheck.data.nvdcve.xml.NvdCve20Handler;
import java.io.File;
import javax.xml.parsers.SAXParser;
import javax.xml.parsers.SAXParserFactory;

49
src/test/java/org/codesecure/dependencycheck/dependency/DependencyTest.java → src/test/java/org/owasp/dependencycheck/dependency/DependencyTest.java
View File

@@ -1,9 +1,9 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package org.codesecure.dependencycheck.dependency;
package org.owasp.dependencycheck.dependency;
import org.owasp.dependencycheck.dependency.EvidenceCollection;
import org.owasp.dependencycheck.dependency.Identifier;
import org.owasp.dependencycheck.dependency.Dependency;
import org.owasp.dependencycheck.dependency.Evidence;
import java.io.File;
import java.util.List;
import org.junit.After;
@@ -18,7 +18,7 @@ import static org.junit.Assert.*;
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class DependencyTest {
public DependencyTest() {
}
@@ -29,11 +29,11 @@ public class DependencyTest {
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
@@ -43,12 +43,11 @@ public class DependencyTest {
*/
@Test
public void testContainsUsedString() {
System.out.println("containsUsedString");
String str = "apache";
String str2 = "codesecure";
String str2 = "owasp";
Dependency instance = new Dependency();
instance.vendorEvidence.addEvidence("manifest", "something", "apache", Evidence.Confidence.HIGH);
instance.vendorEvidence.addEvidence("manifest", "something", "codesecure", Evidence.Confidence.MEDIUM);
instance.vendorEvidence.addEvidence("manifest", "something", "owasp", Evidence.Confidence.MEDIUM);
assertFalse(instance.containsUsedString(str));
assertFalse(instance.containsUsedString(str2));
for (Evidence i : instance.vendorEvidence.iterator(Evidence.Confidence.HIGH)) {
@@ -68,7 +67,6 @@ public class DependencyTest {
*/
@Test
public void testGetFileName() {
System.out.println("getFileName");
Dependency instance = new Dependency();
String expResult = "filename";
instance.setFileName(expResult);
@@ -81,7 +79,6 @@ public class DependencyTest {
*/
@Test
public void testSetFileName() {
System.out.println("setFileName");
String fileName = "test.file";
Dependency instance = new Dependency();
instance.setFileName(fileName);
@@ -93,7 +90,6 @@ public class DependencyTest {
*/
@Test
public void testSetActualFilePath() {
System.out.println("setActualFilePath");
String actualFilePath = "test.file";
Dependency instance = new Dependency();
instance.setActualFilePath(actualFilePath);
@@ -105,7 +101,6 @@ public class DependencyTest {
*/
@Test
public void testGetActualFilePath() {
System.out.println("getActualFilePath");
Dependency instance = new Dependency();
String expResult = "test.file";
instance.setActualFilePath(expResult);
@@ -118,7 +113,6 @@ public class DependencyTest {
*/
@Test
public void testSetFilePath() {
System.out.println("setFilePath");
String filePath = "test.file";
Dependency instance = new Dependency();
instance.setFilePath(filePath);
@@ -130,7 +124,6 @@ public class DependencyTest {
*/
@Test
public void testGetFilePath() {
System.out.println("getFilePath");
Dependency instance = new Dependency();
String expResult = "path/test.file";
instance.setFilePath(expResult);
@@ -143,7 +136,6 @@ public class DependencyTest {
*/
@Test
public void testSetFileExtension() {
System.out.println("setFileExtension");
String fileExtension = "jar";
Dependency instance = new Dependency();
instance.setFileExtension(fileExtension);
@@ -155,7 +147,6 @@ public class DependencyTest {
*/
@Test
public void testGetFileExtension() {
System.out.println("getFileExtension");
Dependency instance = new Dependency();
String expResult = "jar";
instance.setFileExtension(expResult);
@@ -168,7 +159,6 @@ public class DependencyTest {
*/
@Test
public void testGetMd5sum() {
System.out.println("getMd5sum");
File file = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
Dependency instance = new Dependency(file);
// assertEquals("89CE9E36AA9A9E03F1450936D2F4F8DD0F961F8B", result.getSha1sum());
@@ -182,7 +172,6 @@ public class DependencyTest {
*/
@Test
public void testSetMd5sum() {
System.out.println("setMd5sum");
String md5sum = "test";
Dependency instance = new Dependency();
instance.setMd5sum(md5sum);
@@ -194,7 +183,6 @@ public class DependencyTest {
*/
@Test
public void testGetSha1sum() {
System.out.println("getSha1sum");
File file = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
Dependency instance = new Dependency(file);
String expResult = "89CE9E36AA9A9E03F1450936D2F4F8DD0F961F8B";
@@ -207,7 +195,6 @@ public class DependencyTest {
*/
@Test
public void testSetSha1sum() {
System.out.println("setSha1sum");
String sha1sum = "test";
Dependency instance = new Dependency();
instance.setSha1sum(sha1sum);
@@ -219,11 +206,10 @@ public class DependencyTest {
*/
@Test
public void testGetIdentifiers() {
System.out.println("getIdentifiers");
Dependency instance = new Dependency();
List expResult = null;
List result = instance.getIdentifiers();
assertTrue(true); //this is just a getter setter pair.
}
@@ -232,7 +218,6 @@ public class DependencyTest {
*/
@Test
public void testSetIdentifiers() {
System.out.println("setIdentifiers");
List<Identifier> identifiers = null;
Dependency instance = new Dependency();
instance.setIdentifiers(identifiers);
@@ -244,7 +229,6 @@ public class DependencyTest {
*/
@Test
public void testAddIdentifier() {
System.out.println("addIdentifier");
String type = "cpe";
String value = "cpe:/a:apache:struts:2.1.2";
String url = "http://somewhere";
@@ -262,7 +246,6 @@ public class DependencyTest {
*/
@Test
public void testGetEvidence() {
System.out.println("getEvidence");
Dependency instance = new Dependency();
EvidenceCollection expResult = null;
EvidenceCollection result = instance.getEvidence();
@@ -274,18 +257,17 @@ public class DependencyTest {
*/
@Test
public void testGetEvidenceUsed() {
System.out.println("getEvidenceUsed");
Dependency instance = new Dependency();
String expResult = "used";
instance.getProductEvidence().addEvidence("used", "used", "used", Evidence.Confidence.HIGH);
instance.getProductEvidence().addEvidence("not", "not", "not", Evidence.Confidence.MEDIUM);
for (Evidence e : instance.getProductEvidence().iterator(Evidence.Confidence.HIGH)) {
String use = e.getValue();
}
EvidenceCollection result = instance.getEvidenceUsed();
assertEquals(1, result.size());
assertTrue(result.containsUsedString(expResult));
}
@@ -295,7 +277,6 @@ public class DependencyTest {
*/
@Test
public void testGetVendorEvidence() {
System.out.println("getVendorEvidence");
Dependency instance = new Dependency();
EvidenceCollection expResult = null;
EvidenceCollection result = instance.getVendorEvidence();
@@ -307,7 +288,6 @@ public class DependencyTest {
*/
@Test
public void testGetProductEvidence() {
System.out.println("getProductEvidence");
Dependency instance = new Dependency();
EvidenceCollection expResult = null;
EvidenceCollection result = instance.getProductEvidence();
@@ -319,7 +299,6 @@ public class DependencyTest {
*/
@Test
public void testGetVersionEvidence() {
System.out.println("getVersionEvidence");
Dependency instance = new Dependency();
EvidenceCollection expResult = null;
EvidenceCollection result = instance.getVersionEvidence();

23
src/test/java/org/codesecure/dependencycheck/reporting/ReportGeneratorTest.java → src/test/java/org/owasp/dependencycheck/reporting/ReportGeneratorTest.java
View File

@@ -1,10 +1,24 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.reporting;
package org.owasp.dependencycheck.reporting;
import org.codesecure.dependencycheck.data.cpe.BaseIndexTestCase;
import org.owasp.dependencycheck.data.cpe.BaseIndexTestCase;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
@@ -39,7 +53,6 @@ public class ReportGeneratorTest {
*/
@Test
public void testGenerateReport() throws Exception {
System.out.println("generateReport");
String templateName = "HtmlReport";
// File f = new File("target/test-reports");
// if (!f.exists()) {

40
src/test/java/org/codesecure/dependencycheck/utils/ChecksumTest.java → src/test/java/org/owasp/dependencycheck/utils/ChecksumTest.java
View File

@@ -1,24 +1,48 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.utils;
package org.owasp.dependencycheck.utils;
import org.owasp.dependencycheck.utils.Checksum;
import java.io.File;
import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import junit.framework.TestCase;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
/**
*
* @author jeremy
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class ChecksumTest {
@BeforeClass
public static void setUpClass() throws Exception {
}
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
public void setUp() throws Exception {
}
@@ -33,7 +57,6 @@ public class ChecksumTest {
*/
@Test
public void testGetChecksum() throws Exception {
System.out.println("getChecksum (md5)");
String algorithm = "MD5";
File file = new File(this.getClass().getClassLoader().getResource("checkSumTest.file").getPath());
byte[] expResult = {-16, -111, 92, 95, 70, -72, -49, -94, -125, -27, -83, 103, -96, -101, 55, -109};
@@ -57,7 +80,6 @@ public class ChecksumTest {
*/
@Test
public void testGetChecksum_FileNotFound() throws Exception {
System.out.println("getChecksum (invalid path)");
String algorithm = "MD5";
File file = new File("not a valid file");
boolean exceptionThrown = false;
@@ -77,7 +99,6 @@ public class ChecksumTest {
*/
@Test
public void testGetChecksum_NoSuchAlgorithm() throws Exception {
System.out.println("getChecksum (invalid algorithm)");
String algorithm = "some unknown algorithm";
File file = new File(this.getClass().getClassLoader().getResource("checkSumTest.file").getPath());
boolean exceptionThrown = false;
@@ -95,7 +116,6 @@ public class ChecksumTest {
*/
@Test
public void testGetMD5Checksum() throws Exception {
System.out.println("getMD5Checksum");
File file = new File(this.getClass().getClassLoader().getResource("checkSumTest.file").getPath());
String expResult = "F0915C5F46B8CFA283E5AD67A09B3793";
String result = Checksum.getMD5Checksum(file);
@@ -108,7 +128,6 @@ public class ChecksumTest {
*/
@Test
public void testGetSHA1Checksum() throws Exception {
System.out.println("getSHA1Checksum");
File file = new File(this.getClass().getClassLoader().getResource("checkSumTest.file").getPath());
String expResult = "B8A9FF28B21BCB1D0B50E24A5243D8B51766851A";
String result = Checksum.getSHA1Checksum(file);
@@ -120,7 +139,6 @@ public class ChecksumTest {
*/
@Test
public void testGetHex() {
System.out.println("getHex");
byte[] raw = {0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16};
String expResult = "000102030405060708090A0B0C0D0E0F10";
String result = Checksum.getHex(raw);

43
src/test/java/org/codesecure/dependencycheck/utils/CliParserTest.java → src/test/java/org/owasp/dependencycheck/utils/CliParserTest.java
View File

@@ -1,27 +1,51 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.utils;
package org.owasp.dependencycheck.utils;
import org.owasp.dependencycheck.utils.CliParser;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.PrintStream;
import junit.framework.TestCase;
import org.apache.commons.cli.ParseException;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
/**
*
* @author jeremy
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class CliParserTest {
@BeforeClass
public static void setUpClass() throws Exception {
}
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
public void setUp() throws Exception {
}
@@ -36,7 +60,6 @@ public class CliParserTest {
*/
@Test
public void testParse() throws Exception {
System.out.println("parse");
String[] args = {};
PrintStream out = System.out;
@@ -58,7 +81,6 @@ public class CliParserTest {
*/
@Test
public void testParse_help() throws Exception {
System.out.println("parse -help");
String[] args = {"-help"};
PrintStream out = System.out;
@@ -77,7 +99,6 @@ public class CliParserTest {
*/
@Test
public void testParse_version() throws Exception {
System.out.println("parse -ver");
String[] args = {"-version"};
@@ -95,7 +116,6 @@ public class CliParserTest {
*/
@Test
public void testParse_unknown() throws Exception {
System.out.println("parse -unknown");
String[] args = {"-unknown"};
@@ -124,7 +144,6 @@ public class CliParserTest {
*/
@Test
public void testParse_scan() throws Exception {
System.out.println("parse -scan");
String[] args = {"-scan"};
@@ -147,7 +166,6 @@ public class CliParserTest {
*/
@Test
public void testParse_scan_unknownFile() throws Exception {
System.out.println("parse -scan jar.that.does.not.exist");
String[] args = {"-scan", "jar.that.does.not.exist", "-app", "test"};
@@ -169,7 +187,6 @@ public class CliParserTest {
*/
@Test
public void testParse_scan_withFileExists() throws Exception {
System.out.println("parse -scan checkSumTest.file");
File path = new File(this.getClass().getClassLoader().getResource("checkSumTest.file").getPath());
String[] args = {"-scan", path.getCanonicalPath(), "-out", "./", "-app", "test"};
@@ -189,7 +206,6 @@ public class CliParserTest {
*/
@Test
public void testParse_printVersionInfo() throws Exception {
System.out.println("printVersionInfo");
PrintStream out = System.out;
ByteArrayOutputStream baos = new ByteArrayOutputStream();
@@ -218,7 +234,6 @@ public class CliParserTest {
*/
@Test
public void testParse_printHelp() throws Exception {
System.out.println("printHelp");
PrintStream out = System.out;
ByteArrayOutputStream baos = new ByteArrayOutputStream();

29
src/test/java/org/codesecure/dependencycheck/utils/DownloaderIntegrationTest.java → src/test/java/org/owasp/dependencycheck/utils/DownloaderIntegrationTest.java
View File

@@ -1,9 +1,25 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.utils;
package org.owasp.dependencycheck.utils;
import org.owasp.dependencycheck.utils.Settings;
import org.owasp.dependencycheck.utils.Downloader;
import java.net.URL;
import org.junit.After;
import org.junit.AfterClass;
@@ -18,9 +34,6 @@ import static org.junit.Assert.*;
*/
public class DownloaderIntegrationTest {
public DownloaderIntegrationTest() {
}
@BeforeClass
public static void setUpClass() throws Exception {
}
@@ -43,7 +56,6 @@ public class DownloaderIntegrationTest {
*/
@Test
public void testFetchFile() throws Exception {
System.out.println("fetchFile");
// Settings.setString(Settings.KEYS.CONNECTION_TIMEOUT, "1000");
@@ -59,10 +71,9 @@ public class DownloaderIntegrationTest {
Downloader.fetchFile(url, outputPath, false);
}
@Test
public void testGetLastModified() throws Exception {
System.out.println("getLastModified");
URL url = new URL("http://nvd.nist.gov/download/nvdcve-2012.xml");
long timestamp = Downloader.getLastModified(url);
assertTrue("timestamp equal to zero?", timestamp>0);

23
src/test/java/org/codesecure/dependencycheck/utils/FilterTest.java → src/test/java/org/owasp/dependencycheck/utils/FilterTest.java
View File

@@ -1,9 +1,24 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.utils;
package org.owasp.dependencycheck.utils;
import org.owasp.dependencycheck.utils.Filter;
import java.util.List;
import java.util.ArrayList;
import org.junit.After;
@@ -43,7 +58,6 @@ public class FilterTest {
*/
@Test
public void testPasses() {
System.out.println("passes");
String keep = "keep";
String fail = "fail";
@@ -56,7 +70,6 @@ public class FilterTest {
*/
@Test
public void testFilter_Iterable() {
System.out.println("filter");
List<String> testData = new ArrayList<String>();
testData.add("keep");
testData.add("remove");

43
src/test/java/org/codesecure/dependencycheck/utils/SettingsTest.java → src/test/java/org/owasp/dependencycheck/utils/SettingsTest.java
View File

@@ -1,24 +1,49 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.utils;
package org.owasp.dependencycheck.utils;
import org.owasp.dependencycheck.utils.InvalidSettingException;
import org.owasp.dependencycheck.utils.Settings;
import java.io.File;
import java.io.IOException;
import java.net.URISyntaxException;
import junit.framework.TestCase;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
/**
*
* @author jeremy
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class SettingsTest {
@BeforeClass
public static void setUpClass() throws Exception {
}
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
public void setUp() throws Exception {
}
@@ -32,7 +57,6 @@ public class SettingsTest {
*/
@Test
public void testGetString() {
System.out.println("getString");
String key = Settings.KEYS.CPE_INDEX;
String expResult = "target/data/cpe";
String result = Settings.getString(key);
@@ -44,7 +68,6 @@ public class SettingsTest {
*/
@Test
public void testMergeProperties_String() throws IOException, URISyntaxException {
System.out.println("getString");
String key = Settings.KEYS.PROXY_PORT;
String expResult = Settings.getString(key);
File f = new File(this.getClass().getClassLoader().getResource("test.properties").toURI());
@@ -59,7 +82,6 @@ public class SettingsTest {
*/
@Test
public void testSetString() {
System.out.println("setString");
String key = "newProperty";
String value = "someValue";
Settings.setString(key, value);
@@ -72,7 +94,6 @@ public class SettingsTest {
*/
@Test
public void testGetString_String_String() {
System.out.println("getString");
String key = "key That Doesn't Exist";
String defaultValue = "blue bunny";
String expResult = "blue bunny";
@@ -87,7 +108,6 @@ public class SettingsTest {
*/
@Test
public void testGetString_String() {
System.out.println("getString");
String key = Settings.KEYS.CONNECTION_TIMEOUT;
String result = Settings.getString(key);
Assert.assertTrue(result == null);
@@ -98,7 +118,6 @@ public class SettingsTest {
*/
@Test
public void testGetInt() throws InvalidSettingException {
System.out.println("getInt");
String key = "SomeNumber";
int expResult = 85;
Settings.setString(key, "85");
@@ -111,7 +130,6 @@ public class SettingsTest {
*/
@Test
public void testGetLong() throws InvalidSettingException {
System.out.println("getLong");
String key = "SomeNumber";
long expResult = 300L;
Settings.setString(key, "300");
@@ -124,7 +142,6 @@ public class SettingsTest {
*/
@Test
public void testGetBoolean() throws InvalidSettingException {
System.out.println("getBoolean");
String key = "SomeBoolean";
Settings.setString(key, "false");
boolean expResult = false;