diff --git a/src/main/java/org/owasp/dependencycheck/dependency/Dependency.java b/src/main/java/org/owasp/dependencycheck/dependency/Dependency.java index 0af4f2524..6c6374a57 100644 --- a/src/main/java/org/owasp/dependencycheck/dependency/Dependency.java +++ b/src/main/java/org/owasp/dependencycheck/dependency/Dependency.java @@ -401,7 +401,7 @@ public class Dependency { * * @return the list of vulnerabilities */ - public Set getVulnerabilities() { + public SortedSet getVulnerabilities() { return vulnerabilities; } diff --git a/src/main/java/org/owasp/dependencycheck/dependency/Vulnerability.java b/src/main/java/org/owasp/dependencycheck/dependency/Vulnerability.java index 859308bde..058df3f38 100644 --- a/src/main/java/org/owasp/dependencycheck/dependency/Vulnerability.java +++ b/src/main/java/org/owasp/dependencycheck/dependency/Vulnerability.java @@ -21,6 +21,8 @@ package org.owasp.dependencycheck.dependency; import java.io.Serializable; import java.util.HashSet; import java.util.Set; +import java.util.SortedSet; +import java.util.TreeSet; /** * Contains the information about a vulnerability. @@ -126,14 +128,14 @@ public class Vulnerability implements Serializable, Comparable { /** * A set of vulnerable software. */ - private Set vulnerableSoftware = new HashSet(); + private SortedSet vulnerableSoftware = new TreeSet(); /** * Get the value of vulnerableSoftware. * * @return the value of vulnerableSoftware */ - public Set getVulnerableSoftware() { + public SortedSet getVulnerableSoftware() { return vulnerableSoftware; } @@ -142,7 +144,7 @@ public class Vulnerability implements Serializable, Comparable { * * @param vulnerableSoftware new value of vulnerableSoftware */ - public void setVulnerableSoftware(Set vulnerableSoftware) { + public void setVulnerableSoftware(SortedSet vulnerableSoftware) { this.vulnerableSoftware = vulnerableSoftware; }