Issue #730: Add a test for suppression in an Ant task

2026-01-15 08:13:43 +01:00 · 2017-06-11 16:06:32 +01:00
parent 76218da8d1
commit ed214d05fa
4 changed files with 44 additions and 5 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -1,6 +1,7 @@
 */target/**
 # IntelliJ test run side-effects
 dependency-check-core/data/
+dependency-check-ant/data/
 # Intellij project files
 *.iml
 *.ipr
--- a/dependency-check-ant/src/test/java/org/owasp/dependencycheck/taskdefs/DependencyCheckTaskTest.java
+++ b/dependency-check-ant/src/test/java/org/owasp/dependencycheck/taskdefs/DependencyCheckTaskTest.java
@@ -114,4 +114,18 @@ public class DependencyCheckTaskTest {
        expectedException.expect(BuildException.class);
        buildFileRule.executeTarget("failCVSS");
    }
+
+    /**
+     * Test the DependencyCheckTask where a CVE is suppressed.
+     */
+    @Test
+    public void testSuppressingCVE() {
+        // GIVEN an ant task with a vulnerability
+        final String antTaskName = "suppression";
+
+        // WHEN executing the ant task
+        buildFileRule.executeTarget(antTaskName);
+
+        // THEN the ant task executed without error
+    }
 }
--- a/dependency-check-ant/src/test/resources/build.xml
+++ b/dependency-check-ant/src/test/resources/build.xml
@@ -61,11 +61,24 @@

    <target name="failCVSS">
        <dependency-check
-            applicationName="test failCVSS"
-            reportOutputDirectory="${project.build.directory}"
-            reportFormat="XML"
-            autoupdate="false"
-            failBuildOnCVSS="3">
+                applicationName="test failCVSS"
+                reportOutputDirectory="${project.build.directory}"
+                reportFormat="XML"
+                autoupdate="false"
+                failBuildOnCVSS="3">
+            <fileset dir="${project.build.directory}/test-classes/jars">
+                <include name="axis-1.4.jar"/>
+            </fileset>
+        </dependency-check>
+    </target>
+
+    <target name="suppression">
+        <dependency-check
+                applicationName="test suppression"
+                reportOutputDirectory="${project.build.directory}"
+                autoupdate="false"
+                failBuildOnCVSS="3"
+                suppressionFile="${project.build.directory}/test-classes/test-suppression.xml">
            <fileset dir="${project.build.directory}/test-classes/jars">
                <include name="axis-1.4.jar"/>
            </fileset>
--- a/dependency-check-ant/src/test/resources/test-suppression.xml
+++ b/dependency-check-ant/src/test/resources/test-suppression.xml
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- Test suppression file for the DependencyCheckTaskTest#testSuppressingCVE() test -->
+<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.1.xsd">
+    <suppress>
+        <notes><![CDATA[
+      file name: axis-1.4.jar
+      ]]></notes>
+        <gav regex="true">^org\.apache\.axis:axis:.*$</gav>
+        <cpe>cpe:/a:apache:axis</cpe>
+    </suppress>
+</suppressions>