View Javadoc
1   /*
2    * This file is part of dependency-check-maven.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *     http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   *
16   * Copyright (c) 2015 Jeremy Long. All Rights Reserved.
17   */
18  package org.owasp.dependencycheck.maven;
19  
20  import java.io.File;
21  import java.io.IOException;
22  import java.util.Locale;
23  import org.apache.maven.plugin.MojoExecutionException;
24  import org.apache.maven.plugin.MojoFailureException;
25  import org.apache.maven.plugins.annotations.LifecyclePhase;
26  import org.apache.maven.plugins.annotations.Mojo;
27  import org.apache.maven.plugins.annotations.ResolutionScope;
28  import org.owasp.dependencycheck.utils.Settings;
29  
30  /**
31   * Maven Plugin that purges the local copy of the NVD data.
32   *
33   * @author Jeremy Long
34   */
35  @Mojo(
36          name = "purge",
37          defaultPhase = LifecyclePhase.GENERATE_RESOURCES,
38          threadSafe = false,
39          requiresDependencyResolution = ResolutionScope.NONE,
40          requiresOnline = true
41  )
42  public class PurgeMojo extends BaseDependencyCheckMojo {
43  
44      /**
45       * Returns false; this mojo cannot generate a report.
46       *
47       * @return <code>false</code>
48       */
49      @Override
50      public boolean canGenerateReport() {
51          return false;
52      }
53  
54      /**
55       * Purges the local copy of the NVD.
56       *
57       * @throws MojoExecutionException thrown if there is an exception executing
58       * the goal
59       * @throws MojoFailureException thrown if dependency-check is configured to
60       * fail the build
61       */
62      @Override
63      public void runCheck() throws MojoExecutionException, MojoFailureException {
64  
65          if (getConnectionString() != null && !getConnectionString().isEmpty()) {
66              final String msg = "Unable to purge the local NVD when using a non-default connection string";
67              if (this.isFailOnError()) {
68                  throw new MojoFailureException(msg);
69              }
70              getLog().error(msg);
71          } else {
72              populateSettings();
73              File db;
74              try {
75                  db = new File(Settings.getDataDirectory(), "dc.h2.db");
76                  if (db.exists()) {
77                      if (db.delete()) {
78                          getLog().info("Database file purged; local copy of the NVD has been removed");
79                      } else {
80                          final String msg = String.format("Unable to delete '%s'; please delete the file manually", db.getAbsolutePath());
81                          if (this.isFailOnError()) {
82                              throw new MojoFailureException(msg);
83                          }
84                          getLog().error(msg);
85                      }
86                  } else {
87                      final String msg = String.format("Unable to purge database; the database file does not exists: %s", db.getAbsolutePath());
88                      if (this.isFailOnError()) {
89                          throw new MojoFailureException(msg);
90                      }
91                      getLog().error(msg);
92                  }
93              } catch (IOException ex) {
94                  final String msg = "Unable to delete the database";
95                  if (this.isFailOnError()) {
96                      throw new MojoExecutionException(msg, ex);
97                  }
98                  getLog().error(msg);
99              }
100             Settings.cleanup();
101         }
102     }
103 
104     /**
105      * Returns the report name.
106      *
107      * @param locale the location
108      * @return the report name
109      */
110     @Override
111     public String getName(Locale locale) {
112         return "dependency-check-purge";
113     }
114 
115     /**
116      * Gets the description of the Dependency-Check report to be displayed in
117      * the Maven Generated Reports page.
118      *
119      * @param locale The Locale to get the description for
120      * @return the description
121      */
122     @Override
123     public String getDescription(Locale locale) {
124         return "Purges the local cache of the NVD dataT.";
125     }
126 
127 }