github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-14 15:53:36 +01:00
Code Issues Packages Projects Releases Wiki Activity

re-arranged code and improved documentation (some)

Browse Source 
Former-commit-id: 24b983d81673b2055bef970e04a040c334a716bb
This commit is contained in:
Jeremy Long
2013-06-07 22:04:35 -04:00
parent 8eb373a612
commit fb0f4dd2cf
6 changed files with 51 additions and 61 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
src/main/java/org/owasp/dependencycheck/analyzer/DependencyBundlingAnalyzer.java
View File

@@ -43,6 +43,18 @@ import org.owasp.dependencycheck.utils.DependencyVersionUtil;
*/
public class DependencyBundlingAnalyzer extends AbstractAnalyzer implements Analyzer {
//<editor-fold defaultstate="collapsed" desc="Constants and Member Variables">
/**
* A pattern for obtaining the first part of a filename.
*/
private static final Pattern STARTING_TEXT_PATTERN = Pattern.compile("^[a-zA-Z]*");
/**
* a flag indicating if this analyzer has run. This analyzer only runs once.
*/
private boolean analyzed = false;
//</editor-fold>
//<editor-fold defaultstate="collapsed" desc="All standard implmentation details of Analyzer">
/**
* The set of file extensions supported by this analyzer.
*/
@@ -55,14 +67,8 @@ public class DependencyBundlingAnalyzer extends AbstractAnalyzer implements Anal
* The phase that this analyzer is intended to run in.
*/
private static final AnalysisPhase ANALYSIS_PHASE = AnalysisPhase.PRE_FINDING_ANALYSIS;
/**
* A pattern for obtaining the first part of a filename.
*/
private static final Pattern STARTING_TEXT_PATTERN = Pattern.compile("^[a-zA-Z]*");
/**
* Returns a list of file EXTENSIONS supported by this analyzer.
*
* @return a list of file EXTENSIONS supported by this analyzer.
*/
public Set<String> getSupportedExtensions() {
@@ -71,7 +77,6 @@ public class DependencyBundlingAnalyzer extends AbstractAnalyzer implements Anal
/**
* Returns the name of the analyzer.
*
* @return the name of the analyzer.
*/
public String getName() {
@@ -80,7 +85,6 @@ public class DependencyBundlingAnalyzer extends AbstractAnalyzer implements Anal
/**
* Returns whether or not this analyzer can process the given extension.
*
* @param extension the file extension to test for support
* @return whether or not the specified file extension is supported by this
* analyzer.
@@ -91,16 +95,12 @@ public class DependencyBundlingAnalyzer extends AbstractAnalyzer implements Anal
/**
* Returns the phase that the analyzer is intended to run in.
*
* @return the phase that the analyzer is intended to run in.
*/
public AnalysisPhase getAnalysisPhase() {
return ANALYSIS_PHASE;
}
/**
* a flag indicating if this analyzer has run. This analyzer only runs once.
*/
private boolean analyzed = false;
//</editor-fold>
/**
* Analyzes a set of dependencies. If they have been found to have the same

13
src/main/java/org/owasp/dependencycheck/analyzer/FalsePositiveAnalyzer.java
View File

@@ -41,6 +41,7 @@ import org.owasp.dependencycheck.utils.Settings;
*/
public class FalsePositiveAnalyzer extends AbstractAnalyzer {
//<editor-fold defaultstate="collapsed" desc="All standard implmentation details of Analyzer">
/**
* The set of file extensions supported by this analyzer.
*/
@@ -56,7 +57,6 @@ public class FalsePositiveAnalyzer extends AbstractAnalyzer {
/**
* Returns a list of file EXTENSIONS supported by this analyzer.
*
* @return a list of file EXTENSIONS supported by this analyzer.
*/
public Set<String> getSupportedExtensions() {
@@ -65,7 +65,6 @@ public class FalsePositiveAnalyzer extends AbstractAnalyzer {
/**
* Returns the name of the analyzer.
*
* @return the name of the analyzer.
*/
public String getName() {
@@ -74,27 +73,26 @@ public class FalsePositiveAnalyzer extends AbstractAnalyzer {
/**
* Returns whether or not this analyzer can process the given extension.
*
* @param extension the file extension to test for support
* @return whether or not the specified file extension is supported by this
* analyzer.
*/
public boolean supportsExtension(String extension) {
return true; //EXTENSIONS.contains(extension);
return true;
}
/**
* Returns the phase that the analyzer is intended to run in.
*
* @return the phase that the analyzer is intended to run in.
*/
public AnalysisPhase getAnalysisPhase() {
return ANALYSIS_PHASE;
}
//</editor-fold>
/**
*
*
* Analyzes the dependencies and removes bad/incorrect CPE associations
* based on various heuristics.
* @param dependency the dependency to analyze.
* @param engine the engine that is scanning the dependencies
* @throws AnalysisException is thrown if there is an error reading the JAR
@@ -232,6 +230,5 @@ public class FalsePositiveAnalyzer extends AbstractAnalyzer {
itr.remove();
}
}
}
}

6
src/main/java/org/owasp/dependencycheck/analyzer/FileNameAnalyzer.java
View File

@@ -31,6 +31,7 @@ import org.owasp.dependencycheck.Engine;
*/
public class FileNameAnalyzer extends AbstractAnalyzer implements Analyzer {
//<editor-fold defaultstate="collapsed" desc="All standard implmentation details of Analyzer">
/**
* The name of the analyzer.
*/
@@ -46,7 +47,6 @@ public class FileNameAnalyzer extends AbstractAnalyzer implements Analyzer {
/**
* Returns a list of file EXTENSIONS supported by this analyzer.
*
* @return a list of file EXTENSIONS supported by this analyzer.
*/
public Set<String> getSupportedExtensions() {
@@ -55,7 +55,6 @@ public class FileNameAnalyzer extends AbstractAnalyzer implements Analyzer {
/**
* Returns the name of the analyzer.
*
* @return the name of the analyzer.
*/
public String getName() {
@@ -64,7 +63,6 @@ public class FileNameAnalyzer extends AbstractAnalyzer implements Analyzer {
/**
* Returns whether or not this analyzer can process the given extension.
*
* @param extension the file extension to test for support.
* @return whether or not the specified file extension is supported by this
* analyzer.
@@ -75,12 +73,12 @@ public class FileNameAnalyzer extends AbstractAnalyzer implements Analyzer {
/**
* Returns the phase that the analyzer is intended to run in.
*
* @return the phase that the analyzer is intended to run in.
*/
public AnalysisPhase getAnalysisPhase() {
return ANALYSIS_PHASE;
}
//</editor-fold>
/**
* Collects information about the file name.

7
src/main/java/org/owasp/dependencycheck/analyzer/HintAnalyzer.java
View File

@@ -29,6 +29,7 @@ import org.owasp.dependencycheck.dependency.Evidence;
*/
public class HintAnalyzer extends AbstractAnalyzer implements Analyzer {
//<editor-fold defaultstate="collapsed" desc="All standard implmentation details of Analyzer">
/**
* The name of the analyzer.
*/
@@ -41,10 +42,8 @@ public class HintAnalyzer extends AbstractAnalyzer implements Analyzer {
* The set of file extensions supported by this analyzer.
*/
private static final Set<String> EXTENSIONS = null;
/**
* Returns a list of file EXTENSIONS supported by this analyzer.
*
* @return a list of file EXTENSIONS supported by this analyzer.
*/
public Set<String> getSupportedExtensions() {
@@ -53,7 +52,6 @@ public class HintAnalyzer extends AbstractAnalyzer implements Analyzer {
/**
* Returns the name of the analyzer.
*
* @return the name of the analyzer.
*/
public String getName() {
@@ -62,7 +60,6 @@ public class HintAnalyzer extends AbstractAnalyzer implements Analyzer {
/**
* Returns whether or not this analyzer can process the given extension.
*
* @param extension the file extension to test for support.
* @return whether or not the specified file extension is supported by this
* analyzer.
@@ -73,12 +70,12 @@ public class HintAnalyzer extends AbstractAnalyzer implements Analyzer {
/**
* Returns the phase that the analyzer is intended to run in.
*
* @return the phase that the analyzer is intended to run in.
*/
public AnalysisPhase getAnalysisPhase() {
return ANALYSIS_PHASE;
}
//</editor-fold>
/**
* The HintAnalyzer uses knowledge about a dependency to add additional information

43
src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java
View File

@@ -71,18 +71,11 @@ import org.xml.sax.XMLReader;
*/
public class JarAnalyzer extends AbstractAnalyzer implements Analyzer {
//<editor-fold defaultstate="collapsed" desc="Constants and Member Variables">
/**
* The system independent newline character.
*/
private static final String NEWLINE = System.getProperty("line.separator");
/**
* The name of the analyzer.
*/
private static final String ANALYZER_NAME = "Jar Analyzer";
/**
* The phase that this analyzer is intended to run in.
*/
private static final AnalysisPhase ANALYSIS_PHASE = AnalysisPhase.INFORMATION_COLLECTION;
/**
* A list of elements in the manifest to ignore.
*/
@@ -110,10 +103,7 @@ public class JarAnalyzer extends AbstractAnalyzer implements Analyzer {
"bundle-manifestversion",
"bundlemanifestversion",
"include-resource");
/**
* The set of file extensions supported by this analyzer.
*/
private static final Set<String> EXTENSIONS = newHashSet("jar");
/**
* item in some manifest, should be considered medium confidence.
*/
@@ -130,10 +120,15 @@ public class JarAnalyzer extends AbstractAnalyzer implements Analyzer {
* item in some manifest, should be considered medium confidence.
*/
private static final String BUNDLE_VENDOR = "Bundle-Vendor"; //: Apache Software Foundation
/**
* A pattern to detect HTML within text.
*/
private static final Pattern HTML_DETECTION_PATTERN = Pattern.compile("\\<[a-z]+.*/?\\>", Pattern.CASE_INSENSITIVE);
/**
* The unmarshaller used to parse the pom.xml from a JAR file.
*/
private Unmarshaller pomUnmarshaller;
//</editor-fold>
/**
* Constructs a new JarAnalyzer.
@@ -147,27 +142,35 @@ public class JarAnalyzer extends AbstractAnalyzer implements Analyzer {
}
}
//<editor-fold defaultstate="collapsed" desc="All standard implmentation details of Analyzer">
/**
* The name of the analyzer.
*/
private static final String ANALYZER_NAME = "Jar Analyzer";
/**
* The phase that this analyzer is intended to run in.
*/
private static final AnalysisPhase ANALYSIS_PHASE = AnalysisPhase.INFORMATION_COLLECTION;
/**
* The set of file extensions supported by this analyzer.
*/
private static final Set<String> EXTENSIONS = newHashSet("jar");
/**
* Returns a list of file EXTENSIONS supported by this analyzer.
*
* @return a list of file EXTENSIONS supported by this analyzer.
*/
public Set<String> getSupportedExtensions() {
return EXTENSIONS;
}
/**
* Returns the name of the analyzer.
*
* @return the name of the analyzer.
*/
public String getName() {
return ANALYZER_NAME;
}
/**
* Returns whether or not this analyzer can process the given extension.
*
* @param extension the file extension to test for support.
* @return whether or not the specified file extension is supported by this
* analyzer.
@@ -175,7 +178,6 @@ public class JarAnalyzer extends AbstractAnalyzer implements Analyzer {
public boolean supportsExtension(String extension) {
return EXTENSIONS.contains(extension);
}
/**
* Returns the phase that the analyzer is intended to run in.
*
@@ -184,6 +186,7 @@ public class JarAnalyzer extends AbstractAnalyzer implements Analyzer {
public AnalysisPhase getAnalysisPhase() {
return ANALYSIS_PHASE;
}
//</editor-fold>
/**
* Loads a specified JAR file and collects information from the manifest and
@@ -217,10 +220,6 @@ public class JarAnalyzer extends AbstractAnalyzer implements Analyzer {
throw new AnalysisException("Exception occurred reading the JAR file.", ex);
}
}
/**
* A pattern to detect HTML within text.
*/
private static final Pattern HTML_DETECTION_PATTERN = Pattern.compile("\\<[a-z]+.*/?\\>", Pattern.CASE_INSENSITIVE);
/**
* Attempts to find a pom.xml within the JAR file. If found it extracts

17
src/main/java/org/owasp/dependencycheck/analyzer/JavaScriptAnalyzer.java
View File

@@ -31,11 +31,8 @@ import java.util.regex.Pattern;
* @author Jeremy Long (jeremy.long@owasp.org)
*/
public class JavaScriptAnalyzer extends AbstractAnalyzer implements Analyzer {
/**
* The system independent newline character.
*/
private static final String NEWLINE = System.getProperty("line.separator");
//<editor-fold defaultstate="collapsed" desc="All standard implmentation details of Analyzer">
/**
* The name of the analyzer.
*/
@@ -51,7 +48,6 @@ public class JavaScriptAnalyzer extends AbstractAnalyzer implements Analyzer {
/**
* Returns a list of file EXTENSIONS supported by this analyzer.
*
* @return a list of file EXTENSIONS supported by this analyzer.
*/
public Set<String> getSupportedExtensions() {
@@ -60,7 +56,6 @@ public class JavaScriptAnalyzer extends AbstractAnalyzer implements Analyzer {
/**
* Returns the name of the analyzer.
*
* @return the name of the analyzer.
*/
public String getName() {
@@ -69,7 +64,6 @@ public class JavaScriptAnalyzer extends AbstractAnalyzer implements Analyzer {
/**
* Returns whether or not this analyzer can process the given extension.
*
* @param extension the file extension to test for support.
* @return whether or not the specified file extension is supported by this
* analyzer.
@@ -80,12 +74,17 @@ public class JavaScriptAnalyzer extends AbstractAnalyzer implements Analyzer {
/**
* Returns the phase that the analyzer is intended to run in.
*
* @return the phase that the analyzer is intended to run in.
*/
public AnalysisPhase getAnalysisPhase() {
return ANALYSIS_PHASE;
}
//</editor-fold>
/**
* The system independent newline character.
*/
private static final String NEWLINE = System.getProperty("line.separator");
/**
* Loads a specified JAR file and collects information from the manifest and