github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-14 15:53:36 +01:00
Code Issues Packages Projects Releases Wiki Activity

include checking for maven scope COMPILE_PLUS_RUNTIME on artifact omission predicate

Browse Source
This commit is contained in:
Josh Cain
2017-06-02 10:57:38 -05:00
parent 69f39d4dfe
commit ed09242cb7
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/ArtifactScopeExcluded.java
View File

@@ -19,6 +19,8 @@ package org.owasp.dependencycheck.maven;
import org.owasp.dependencycheck.utils.Filter;
import static org.apache.maven.artifact.Artifact.SCOPE_RUNTIME_PLUS_SYSTEM;
/**
* Tests is the artifact should be included in the scan (i.e. is the
* dependency in a scope that is being scanned).
@@ -55,6 +57,9 @@ public class ArtifactScopeExcluded extends Filter<String> {
if (skipRuntimeScope && org.apache.maven.artifact.Artifact.SCOPE_RUNTIME.equals(scope)) {
return true;
}
if (skipRuntimeScope && skipSystemScope && org.apache.maven.artifact.Artifact.SCOPE_COMPILE_PLUS_RUNTIME.equals(SCOPE_RUNTIME_PLUS_SYSTEM)) {
return true;
}
return false;
}