github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-03-26 11:01:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

Ruby bundler: tidied up how extracted method is used.

Browse Source
This commit is contained in:
Dale Visser
2015-08-30 14:06:47 -04:00
parent b3a55cc85d
commit ea7bd1f700
1 changed files with 7 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/RubyBundleAuditAnalyzer.java
View File

@@ -194,17 +194,18 @@ public class RubyBundleAuditAnalyzer extends AbstractFileTypeAnalyzer {
Vulnerability vulnerability = null; Vulnerability vulnerability = null;
String gem = null; String gem = null;
final Map<String, Dependency> map = new HashMap<String, Dependency>(); final Map<String, Dependency> map = new HashMap<String, Dependency>();
int i = 0;
boolean appendToDescription = false; boolean appendToDescription = false;
while (rdr.ready()) { while (rdr.ready()) {
final String nextLine = rdr.readLine(); final String nextLine = rdr.readLine();
i++;
if (null == nextLine) { if (null == nextLine) {
break; break;
} else if (nextLine.startsWith(NAME)) { } else if (nextLine.startsWith(NAME)) {
appendToDescription = false; appendToDescription = false;
gem = nextLine.substring(NAME.length()); gem = nextLine.substring(NAME.length());
dependency = map.containsKey(gem) ? map.get(gem) : createDependencyForGem(engine, parentName, fileName, gem, map, i); if (!map.containsKey(gem)){
map.put(gem, createDependencyForGem(engine, parentName, fileName, gem));
}
dependency = map.get(gem);
LOGGER.info(String.format("bundle-audit (%s): %s", parentName, nextLine)); LOGGER.info(String.format("bundle-audit (%s): %s", parentName, nextLine));
} else if (nextLine.startsWith(VERSION)) { } else if (nextLine.startsWith(VERSION)) {
if (null != dependency) { if (null != dependency) {
@@ -272,16 +273,14 @@ public class RubyBundleAuditAnalyzer extends AbstractFileTypeAnalyzer {
} }
} }
private Dependency createDependencyForGem(Engine engine, String parentName, String fileName, String gem, Map<String, Dependency> map, int i) throws IOException { private Dependency createDependencyForGem(Engine engine, String parentName, String fileName, String gem) throws IOException {
Dependency dependency;
final File tempFile = File.createTempFile("Gemfile-" + gem, ".lock", Settings.getTempDirectory()); final File tempFile = File.createTempFile("Gemfile-" + gem, ".lock", Settings.getTempDirectory());
final String displayFileName = String.format("%s%c%s:%s", parentName, File.separatorChar, fileName, gem); final String displayFileName = String.format("%s%c%s:%s", parentName, File.separatorChar, fileName, gem);
FileUtils.write(tempFile, displayFileName + "\n" + i); // unique contents to avoid dependency bundling FileUtils.write(tempFile, displayFileName); // unique contents to avoid dependency bundling
dependency = new Dependency(tempFile); final Dependency dependency = new Dependency(tempFile);
dependency.getProductEvidence().addEvidence("bundler-audit", "Name", gem, Confidence.HIGHEST); dependency.getProductEvidence().addEvidence("bundler-audit", "Name", gem, Confidence.HIGHEST);
dependency.setDisplayFileName(displayFileName); dependency.setDisplayFileName(displayFileName);
engine.getDependencies().add(dependency); engine.getDependencies().add(dependency);
map.put(gem, dependency);
return dependency; return dependency;
} }
} }