Coverage Report

Coverage Report - org.owasp.dependencycheck.utils.DependencyVersion

Classes in this File

Line Coverage

Branch Coverage

Complexity

DependencyVersion

87%

67/77

70%

44/62

5.091

 /*
  * This file is part of dependency-check-core.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
  * Copyright (c) 2013 Jeremy Long. All Rights Reserved.
  */
 package org.owasp.dependencycheck.utils;
 
 import java.util.ArrayList;
 import java.util.Iterator;
 import java.util.List;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 import org.apache.commons.lang.StringUtils;
 
 /**
  * <p>
  * Simple object to track the parts of a version number. The parts are contained in a List such that version 1.2.3 will
  * be stored as:  <code>versionParts[0] = 1;
  * versionParts[1] = 2;
  * versionParts[2] = 3;
  * </code></p>
  * <p>
  * Note, the parser contained in this class expects the version numbers to be separated by periods. If a different
  * separator is used the parser will likely fail.</p>
  *
  * @author Jeremy Long <jeremy.long@owasp.org>
  */
 public class DependencyVersion implements Iterable, Comparable<DependencyVersion> {
 
     /**
      * Constructor for a empty DependencyVersion.
      */
     public DependencyVersion() {
     }
 
     /**
      * Constructor for a DependencyVersion that will parse a version string.
      * <b>Note</b>, this should only be used when the version passed in is already known to be a well formatted version
      * number. Otherwise, DependencyVersionUtil.parseVersion() should be used instead.
      *
      * @param version the well formatted version number to parse
      */
     public DependencyVersion(String version) {
         parseVersion(version);
     }
 
     /**
      * Parses a version string into its sub parts: major, minor, revision, build, etc. <b>Note</b>, this should only be
      * used to parse something that is already known to be a version number.
      *
      * @param version the version string to parse
      */
     public final void parseVersion(String version) {
         versionParts = new ArrayList<String>();
         if (version != null) {
             final Pattern rx = Pattern.compile("(\\d+|[a-z]+\\d+|(release|beta|alpha)$)");
             final Matcher matcher = rx.matcher(version.toLowerCase());
             while (matcher.find()) {
                 versionParts.add(matcher.group());
             }
             if (versionParts.isEmpty()) {
                 versionParts.add(version);
             }
         }
     }
     /**
      * A list of the version parts.
      */
     private List<String> versionParts;
 
     /**
      * Get the value of versionParts.
      *
      * @return the value of versionParts
      */
     public List<String> getVersionParts() {
         return versionParts;
     }
 
     /**
      * Set the value of versionParts.
      *
      * @param versionParts new value of versionParts
      */
     public void setVersionParts(List<String> versionParts) {
         this.versionParts = versionParts;
     }
 
     /**
      * Retrieves an iterator for the version parts.
      *
      * @return an iterator for the version parts
      */
     public Iterator iterator() {
         return versionParts.iterator();
     }
 
     /**
      * Reconstructs the version string from the split version parts.
      *
      * @return a string representing the version.
      */
     @Override
     public String toString() {
         return StringUtils.join(versionParts.toArray(), ".");
     }
 
     /**
      * Compares the equality of this object to the one passed in as a parameter.
      *
      * @param obj the object to compare equality
      * @return returns true only if the two objects are equal, otherwise false
      */
     @Override
     public boolean equals(Object obj) {
         if (obj == null) {
             return false;
         }
         if (getClass() != obj.getClass()) {
             return false;
         }
         final DependencyVersion other = (DependencyVersion) obj;
         final int max = (this.versionParts.size() < other.versionParts.size())
                 ? this.versionParts.size() : other.versionParts.size();
         //TODO steal better version of code from compareTo
         for (int i = 0; i < max; i++) {
             final String thisPart = this.versionParts.get(i);
             final String otherPart = other.versionParts.get(i);
             if (!thisPart.equals(otherPart)) {
                 return false;
             }
         }
         if (this.versionParts.size() > max) {
             for (int i = max; i < this.versionParts.size(); i++) {
                 if (!"0".equals(this.versionParts.get(i))) {
                     return false;
                 }
             }
         }
 
         if (other.versionParts.size() > max) {
             for (int i = max; i < other.versionParts.size(); i++) {
                 if (!"0".equals(other.versionParts.get(i))) {
                     return false;
                 }
             }
         }
 
         /*
          *  if (this.versionParts != other.versionParts && (this.versionParts == null || !this.versionParts.equals(other.versionParts))) {
          *      return false;
          *  }
          */
         return true;
     }
 
     /**
      * Calculates the hashCode for this object.
      *
      * @return the hashCode
      */
     @Override
     public int hashCode() {
         int hash = 5;
         hash = 71 * hash + (this.versionParts != null ? this.versionParts.hashCode() : 0);
         return hash;
     }
 
     /**
      * Determines if the three most major major version parts are identical. For instances, if version 1.2.3.4 was
      * compared to 1.2.3 this function would return true.
      *
      * @param version the version number to compare
      * @return true if the first three major parts of the version are identical
      */
     public boolean matchesAtLeastThreeLevels(DependencyVersion version) {
         if (version == null) {
             return false;
         }
 
         boolean ret = true;
         int max = (this.versionParts.size() < version.versionParts.size())
                 ? this.versionParts.size() : version.versionParts.size();
 
         if (max > 3) {
             max = 3;
         }
 
         for (int i = 0; i < max; i++) {
             if (this.versionParts.get(i) == null || !this.versionParts.get(i).equals(version.versionParts.get(i))) {
                 ret = false;
                 break;
             }
         }
 
         return ret;
     }
 
     @Override
     public int compareTo(DependencyVersion version) {
         if (version == null) {
             return 1;
         }
         final List<String> left = this.getVersionParts();
         final List<String> right = version.getVersionParts();
         final int max = left.size() < right.size() ? left.size() : right.size();
 
         for (int i = 0; i < max; i++) {
             final String lStr = left.get(i);
             final String rStr = right.get(i);
             if (lStr.equals(rStr)) {
                 continue;
             }
             try {
                 final int l = Integer.parseInt(lStr);
                 final int r = Integer.parseInt(rStr);
                 if (l < r) {
                     return -1;
                 } else if (l > r) {
                     return 1;
                 }
             } catch (NumberFormatException ex) {
                 final int comp = left.get(i).compareTo(right.get(i));
                 if (comp < 0) {
                     return -1;
                 } else if (comp > 0) {
                     return 1;
                 }
             }
         }
         if (left.size() < right.size()) {
             return -1;
         } else if (left.size() > right.size()) {
             return 1;
         } else {
             return 0;
         }
     }
 }

1		/*
2		* This file is part of dependency-check-core.
3		*
4		* Licensed under the Apache License, Version 2.0 (the "License");
5		* you may not use this file except in compliance with the License.
6		* You may obtain a copy of the License at
7		*
8		* http://www.apache.org/licenses/LICENSE-2.0
9		*
10		* Unless required by applicable law or agreed to in writing, software
11		* distributed under the License is distributed on an "AS IS" BASIS,
12		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13		* See the License for the specific language governing permissions and
14		* limitations under the License.
15		*
16		* Copyright (c) 2013 Jeremy Long. All Rights Reserved.
17		*/
18		package org.owasp.dependencycheck.utils;
19
20		import java.util.ArrayList;
21		import java.util.Iterator;
22		import java.util.List;
23		import java.util.regex.Matcher;
24		import java.util.regex.Pattern;
25		import org.apache.commons.lang.StringUtils;
26
27		/**
28		* <p>
29		* Simple object to track the parts of a version number. The parts are contained in a List such that version 1.2.3 will
30		* be stored as: <code>versionParts[0] = 1;
31		* versionParts[1] = 2;
32		* versionParts[2] = 3;
33		* </code></p>
34		* <p>
35		* Note, the parser contained in this class expects the version numbers to be separated by periods. If a different
36		* separator is used the parser will likely fail.</p>
37		*
38		* @author Jeremy Long <jeremy.long@owasp.org>
39		*/
40	14	public class DependencyVersion implements Iterable, Comparable<DependencyVersion> {
41
42		/**
43		* Constructor for a empty DependencyVersion.
44		*/
45		public DependencyVersion() {
46		}
47
48		/**
49		* Constructor for a DependencyVersion that will parse a version string.
50		* <b>Note</b>, this should only be used when the version passed in is already known to be a well formatted version
51		* number. Otherwise, DependencyVersionUtil.parseVersion() should be used instead.
52		*
53		* @param version the well formatted version number to parse
54		*/
55	724	public DependencyVersion(String version) {
56	724	parseVersion(version);
57	724	}
58
59		/**
60		* Parses a version string into its sub parts: major, minor, revision, build, etc. <b>Note</b>, this should only be
61		* used to parse something that is already known to be a version number.
62		*
63		* @param version the version string to parse
64		*/
65		public final void parseVersion(String version) {
66	726	versionParts = new ArrayList<String>();
67	726	if (version != null) {
68	726	final Pattern rx = Pattern.compile("(\\d+\|[a-z]+\\d+\|(release\|beta\|alpha)$)");
69	726	final Matcher matcher = rx.matcher(version.toLowerCase());
70	3053	while (matcher.find()) {
71	2327	versionParts.add(matcher.group());
72		}
73	726	if (versionParts.isEmpty()) {
74	6	versionParts.add(version);
75		}
76		}
77	726	}
78		/**
79		* A list of the version parts.
80		*/
81		private List<String> versionParts;
82
83		/**
84		* Get the value of versionParts.
85		*
86		* @return the value of versionParts
87		*/
88		public List<String> getVersionParts() {
89		return versionParts;
90		}
91
92		/**
93		* Set the value of versionParts.
94		*
95		* @param versionParts new value of versionParts
96		*/
97		public void setVersionParts(List<String> versionParts) {
98		this.versionParts = versionParts;
99		}
100
101		/**
102		* Retrieves an iterator for the version parts.
103		*
104		* @return an iterator for the version parts
105		*/
106		public Iterator iterator() {
107	1	return versionParts.iterator();
108		}
109
110		/**
111		* Reconstructs the version string from the split version parts.
112		*
113		* @return a string representing the version.
114		*/
115		@Override
116		public String toString() {
117	85	return StringUtils.join(versionParts.toArray(), ".");
118		}
119
120		/**
121		* Compares the equality of this object to the one passed in as a parameter.
122		*
123		* @param obj the object to compare equality
124		* @return returns true only if the two objects are equal, otherwise false
125		*/
126		@Override
127		public boolean equals(Object obj) {
128	665	if (obj == null) {
129	0	return false;
130		}
131	665	if (getClass() != obj.getClass()) {
132	0	return false;
133		}
134	665	final DependencyVersion other = (DependencyVersion) obj;
135	665	final int max = (this.versionParts.size() < other.versionParts.size())
136		? this.versionParts.size() : other.versionParts.size();
137		//TODO steal better version of code from compareTo
138	1443	for (int i = 0; i < max; i++) {
139	1282	final String thisPart = this.versionParts.get(i);
140	1282	final String otherPart = other.versionParts.get(i);
141	1282	if (!thisPart.equals(otherPart)) {
142	504	return false;
143		}
144		}
145	161	if (this.versionParts.size() > max) {
146	0	for (int i = max; i < this.versionParts.size(); i++) {
147	0	if (!"0".equals(this.versionParts.get(i))) {
148	0	return false;
149		}
150		}
151		}
152
153	161	if (other.versionParts.size() > max) {
154	129	for (int i = max; i < other.versionParts.size(); i++) {
155	129	if (!"0".equals(other.versionParts.get(i))) {
156	129	return false;
157		}
158		}
159		}
160
161		/*
162		* if (this.versionParts != other.versionParts && (this.versionParts == null \|\| !this.versionParts.equals(other.versionParts))) {
163		* return false;
164		* }
165		*/
166	32	return true;
167		}
168
169		/**
170		* Calculates the hashCode for this object.
171		*
172		* @return the hashCode
173		*/
174		@Override
175		public int hashCode() {
176	1	int hash = 5;
177	1	hash = 71 * hash + (this.versionParts != null ? this.versionParts.hashCode() : 0);
178	1	return hash;
179		}
180
181		/**
182		* Determines if the three most major major version parts are identical. For instances, if version 1.2.3.4 was
183		* compared to 1.2.3 this function would return true.
184		*
185		* @param version the version number to compare
186		* @return true if the first three major parts of the version are identical
187		*/
188		public boolean matchesAtLeastThreeLevels(DependencyVersion version) {
189	604	if (version == null) {
190	0	return false;
191		}
192
193	604	boolean ret = true;
194	604	int max = (this.versionParts.size() < version.versionParts.size())
195		? this.versionParts.size() : version.versionParts.size();
196
197	604	if (max > 3) {
198	2	max = 3;
199		}
200
201	1291	for (int i = 0; i < max; i++) {
202	1161	if (this.versionParts.get(i) == null \|\| !this.versionParts.get(i).equals(version.versionParts.get(i))) {
203	474	ret = false;
204	474	break;
205		}
206		}
207
208	604	return ret;
209		}
210
211		@Override
212		public int compareTo(DependencyVersion version) {
213	19	if (version == null) {
214	0	return 1;
215		}
216	19	final List<String> left = this.getVersionParts();
217	19	final List<String> right = version.getVersionParts();
218	19	final int max = left.size() < right.size() ? left.size() : right.size();
219
220	45	for (int i = 0; i < max; i++) {
221	38	final String lStr = left.get(i);
222	38	final String rStr = right.get(i);
223	38	if (lStr.equals(rStr)) {
224	26	continue;
225		}
226		try {
227	12	final int l = Integer.parseInt(lStr);
228	7	final int r = Integer.parseInt(rStr);
229	7	if (l < r) {
230	5	return -1;
231	2	} else if (l > r) {
232	2	return 1;
233		}
234	5	} catch (NumberFormatException ex) {
235	5	final int comp = left.get(i).compareTo(right.get(i));
236	5	if (comp < 0) {
237	5	return -1;
238	0	} else if (comp > 0) {
239	0	return 1;
240		}
241	0	}
242		}
243	7	if (left.size() < right.size()) {
244	3	return -1;
245	4	} else if (left.size() > right.size()) {
246	3	return 1;
247		} else {
248	1	return 0;
249		}
250		}
251		}