Coverage Report

Coverage Report - org.owasp.dependencycheck.utils.DependencyVersion

Classes in this File

Line Coverage

Branch Coverage

Complexity

DependencyVersion

94%

89/94

87%

61/70

5.636

 /*
  * This file is part of dependency-check-core.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
  * Copyright (c) 2013 Jeremy Long. All Rights Reserved.
  */
 package org.owasp.dependencycheck.utils;
 
 import java.util.ArrayList;
 import java.util.Iterator;
 import java.util.List;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 import org.apache.commons.lang3.StringUtils;
 
 /**
  * <p>
  * Simple object to track the parts of a version number. The parts are contained
  * in a List such that version 1.2.3 will be stored as:  <code>versionParts[0] = 1;
  * versionParts[1] = 2;
  * versionParts[2] = 3;
  * </code></p>
  * <p>
  * Note, the parser contained in this class expects the version numbers to be
  * separated by periods. If a different separator is used the parser will likely
  * fail.</p>
  *
  * @author Jeremy Long
  */
 public class DependencyVersion implements Iterable<String>, Comparable<DependencyVersion> {
 
     /**
      * Constructor for a empty DependencyVersion.
      */
     public DependencyVersion() {
     }
 
     /**
      * Constructor for a DependencyVersion that will parse a version string.
      * <b>Note</b>, this should only be used when the version passed in is
      * already known to be a well formatted version number. Otherwise,
      * DependencyVersionUtil.parseVersion() should be used instead.
      *
      * @param version the well formatted version number to parse
      */
     public DependencyVersion(String version) {
         parseVersion(version);
     }
 
     /**
      * Parses a version string into its sub parts: major, minor, revision,
      * build, etc. <b>Note</b>, this should only be used to parse something that
      * is already known to be a version number.
      *
      * @param version the version string to parse
      */
     public final void parseVersion(String version) {
         versionParts = new ArrayList<String>();
         if (version != null) {
             final Pattern rx = Pattern.compile("(\\d+[a-z]{1,3}$|[a-z]+\\d+|\\d+|(release|beta|alpha)$)");
             final Matcher matcher = rx.matcher(version.toLowerCase());
             while (matcher.find()) {
                 versionParts.add(matcher.group());
             }
             if (versionParts.isEmpty()) {
                 versionParts.add(version);
             }
         }
     }
     /**
      * A list of the version parts.
      */
     private List<String> versionParts;
 
     /**
      * Get the value of versionParts.
      *
      * @return the value of versionParts
      */
     public List<String> getVersionParts() {
         return versionParts;
     }
 
     /**
      * Set the value of versionParts.
      *
      * @param versionParts new value of versionParts
      */
     public void setVersionParts(List<String> versionParts) {
         this.versionParts = versionParts;
     }
 
     /**
      * Retrieves an iterator for the version parts.
      *
      * @return an iterator for the version parts
      */
     @Override
     public Iterator<String> iterator() {
         return versionParts.iterator();
     }
 
     /**
      * Reconstructs the version string from the split version parts.
      *
      * @return a string representing the version.
      */
     @Override
     public String toString() {
         return StringUtils.join(versionParts, '.');
     }
 
     /**
      * Compares the equality of this object to the one passed in as a parameter.
      *
      * @param obj the object to compare equality
      * @return returns true only if the two objects are equal, otherwise false
      */
     @Override
     public boolean equals(Object obj) {
         if (obj == null) {
             return false;
         }
         if (getClass() != obj.getClass()) {
             return false;
         }
         final DependencyVersion other = (DependencyVersion) obj;
         final int minVersionMatchLength = (this.versionParts.size() < other.versionParts.size())
                 ? this.versionParts.size() : other.versionParts.size();
         final int maxVersionMatchLength = (this.versionParts.size() > other.versionParts.size())
                 ? this.versionParts.size() : other.versionParts.size();
 
         if (minVersionMatchLength == 1 && maxVersionMatchLength >= 3) {
             return false;
         }
 
         //TODO steal better version of code from compareTo
         for (int i = 0; i < minVersionMatchLength; i++) {
             final String thisPart = this.versionParts.get(i);
             final String otherPart = other.versionParts.get(i);
             if (!thisPart.equals(otherPart)) {
                 return false;
             }
         }
         if (this.versionParts.size() > minVersionMatchLength) {
             for (int i = minVersionMatchLength; i < this.versionParts.size(); i++) {
                 if (!"0".equals(this.versionParts.get(i))) {
                     return false;
                 }
             }
         }
 
         if (other.versionParts.size() > minVersionMatchLength) {
             for (int i = minVersionMatchLength; i < other.versionParts.size(); i++) {
                 if (!"0".equals(other.versionParts.get(i))) {
                     return false;
                 }
             }
         }
 
         /*
          *  if (this.versionParts != other.versionParts && (this.versionParts == null || !this.versionParts.equals(other.versionParts))) {
          *      return false;
          *  }
          */
         return true;
     }
 
     /**
      * Calculates the hashCode for this object.
      *
      * @return the hashCode
      */
     @Override
     public int hashCode() {
         int hash = 5;
         hash = 71 * hash + (this.versionParts != null ? this.versionParts.hashCode() : 0);
         return hash;
     }
 
     /**
      * Determines if the three most major major version parts are identical. For
      * instances, if version 1.2.3.4 was compared to 1.2.3 this function would
      * return true.
      *
      * @param version the version number to compare
      * @return true if the first three major parts of the version are identical
      */
     public boolean matchesAtLeastThreeLevels(DependencyVersion version) {
         if (version == null) {
             return false;
         }
         if (Math.abs(this.versionParts.size() - version.versionParts.size()) >= 3) {
             return false;
         }
 
         final int max = (this.versionParts.size() < version.versionParts.size())
                 ? this.versionParts.size() : version.versionParts.size();
 
         boolean ret = true;
         for (int i = 0; i < max; i++) {
             final String thisVersion = this.versionParts.get(i);
             final String otherVersion = version.getVersionParts().get(i);
             if (i >= 3) {
                 if (thisVersion.compareToIgnoreCase(otherVersion) >= 0) {
                     ret = false;
                     break;
                 }
             } else if (!thisVersion.equals(otherVersion)) {
                 ret = false;
                 break;
             }
         }
 
         return ret;
     }
 
     @Override
     public int compareTo(DependencyVersion version) {
         if (version == null) {
             return 1;
         }
         final List<String> left = this.getVersionParts();
         final List<String> right = version.getVersionParts();
         final int max = left.size() < right.size() ? left.size() : right.size();
 
         for (int i = 0; i < max; i++) {
             final String lStr = left.get(i);
             final String rStr = right.get(i);
             if (lStr.equals(rStr)) {
                 continue;
             }
             try {
                 final int l = Integer.parseInt(lStr);
                 final int r = Integer.parseInt(rStr);
                 if (l < r) {
                     return -1;
                 } else if (l > r) {
                     return 1;
                 }
             } catch (NumberFormatException ex) {
                 final int comp = left.get(i).compareTo(right.get(i));
                 if (comp < 0) {
                     return -1;
                 } else if (comp > 0) {
                     return 1;
                 }
             }
         }
         if (left.size() < right.size()) {
             return -1;
         } else if (left.size() > right.size()) {
             return 1;
         } else {
             return 0;
         }
     }
 }

1		/*
2		* This file is part of dependency-check-core.
3		*
4		* Licensed under the Apache License, Version 2.0 (the "License");
5		* you may not use this file except in compliance with the License.
6		* You may obtain a copy of the License at
7		*
8		* http://www.apache.org/licenses/LICENSE-2.0
9		*
10		* Unless required by applicable law or agreed to in writing, software
11		* distributed under the License is distributed on an "AS IS" BASIS,
12		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13		* See the License for the specific language governing permissions and
14		* limitations under the License.
15		*
16		* Copyright (c) 2013 Jeremy Long. All Rights Reserved.
17		*/
18		package org.owasp.dependencycheck.utils;
19
20		import java.util.ArrayList;
21		import java.util.Iterator;
22		import java.util.List;
23		import java.util.regex.Matcher;
24		import java.util.regex.Pattern;
25		import org.apache.commons.lang3.StringUtils;
26
27		/**
28		* <p>
29		* Simple object to track the parts of a version number. The parts are contained
30		* in a List such that version 1.2.3 will be stored as: <code>versionParts[0] = 1;
31		* versionParts[1] = 2;
32		* versionParts[2] = 3;
33		* </code></p>
34		* <p>
35		* Note, the parser contained in this class expects the version numbers to be
36		* separated by periods. If a different separator is used the parser will likely
37		* fail.</p>
38		*
39		* @author Jeremy Long
40		*/
41	14	public class DependencyVersion implements Iterable<String>, Comparable<DependencyVersion> {
42
43		/**
44		* Constructor for a empty DependencyVersion.
45		*/
46	4	public DependencyVersion() {
47	4	}
48
49		/**
50		* Constructor for a DependencyVersion that will parse a version string.
51		* <b>Note</b>, this should only be used when the version passed in is
52		* already known to be a well formatted version number. Otherwise,
53		* DependencyVersionUtil.parseVersion() should be used instead.
54		*
55		* @param version the well formatted version number to parse
56		*/
57	1208	public DependencyVersion(String version) {
58	1208	parseVersion(version);
59	1208	}
60
61		/**
62		* Parses a version string into its sub parts: major, minor, revision,
63		* build, etc. <b>Note</b>, this should only be used to parse something that
64		* is already known to be a version number.
65		*
66		* @param version the version string to parse
67		*/
68		public final void parseVersion(String version) {
69	1210	versionParts = new ArrayList<String>();
70	1210	if (version != null) {
71	1201	final Pattern rx = Pattern.compile("(\\d+[a-z]{1,3}$\|[a-z]+\\d+\|\\d+\|(release\|beta\|alpha)$)");
72	1200	final Matcher matcher = rx.matcher(version.toLowerCase());
73	4941	while (matcher.find()) {
74	3741	versionParts.add(matcher.group());
75		}
76	1201	if (versionParts.isEmpty()) {
77	7	versionParts.add(version);
78		}
79		}
80	1210	}
81		/**
82		* A list of the version parts.
83		*/
84		private List<String> versionParts;
85
86		/**
87		* Get the value of versionParts.
88		*
89		* @return the value of versionParts
90		*/
91		public List<String> getVersionParts() {
92	1814	return versionParts;
93		}
94
95		/**
96		* Set the value of versionParts.
97		*
98		* @param versionParts new value of versionParts
99		*/
100		public void setVersionParts(List<String> versionParts) {
101	3	this.versionParts = versionParts;
102	3	}
103
104		/**
105		* Retrieves an iterator for the version parts.
106		*
107		* @return an iterator for the version parts
108		*/
109		@Override
110		public Iterator<String> iterator() {
111	1	return versionParts.iterator();
112		}
113
114		/**
115		* Reconstructs the version string from the split version parts.
116		*
117		* @return a string representing the version.
118		*/
119		@Override
120		public String toString() {
121	380	return StringUtils.join(versionParts, '.');
122		}
123
124		/**
125		* Compares the equality of this object to the one passed in as a parameter.
126		*
127		* @param obj the object to compare equality
128		* @return returns true only if the two objects are equal, otherwise false
129		*/
130		@Override
131		public boolean equals(Object obj) {
132	785	if (obj == null) {
133	0	return false;
134		}
135	785	if (getClass() != obj.getClass()) {
136	0	return false;
137		}
138	785	final DependencyVersion other = (DependencyVersion) obj;
139	785	final int minVersionMatchLength = (this.versionParts.size() < other.versionParts.size())
140	124	? this.versionParts.size() : other.versionParts.size();
141	785	final int maxVersionMatchLength = (this.versionParts.size() > other.versionParts.size())
142	18	? this.versionParts.size() : other.versionParts.size();
143
144	785	if (minVersionMatchLength == 1 && maxVersionMatchLength >= 3) {
145	1	return false;
146		}
147
148		//TODO steal better version of code from compareTo
149	1620	for (int i = 0; i < minVersionMatchLength; i++) {
150	1468	final String thisPart = this.versionParts.get(i);
151	1468	final String otherPart = other.versionParts.get(i);
152	1468	if (!thisPart.equals(otherPart)) {
153	632	return false;
154		}
155		}
156	152	if (this.versionParts.size() > minVersionMatchLength) {
157	10	for (int i = minVersionMatchLength; i < this.versionParts.size(); i++) {
158	9	if (!"0".equals(this.versionParts.get(i))) {
159	8	return false;
160		}
161		}
162		}
163
164	144	if (other.versionParts.size() > minVersionMatchLength) {
165	96	for (int i = minVersionMatchLength; i < other.versionParts.size(); i++) {
166	96	if (!"0".equals(other.versionParts.get(i))) {
167	96	return false;
168		}
169		}
170		}
171
172		/*
173		* if (this.versionParts != other.versionParts && (this.versionParts == null \|\| !this.versionParts.equals(other.versionParts))) {
174		* return false;
175		* }
176		*/
177	48	return true;
178		}
179
180		/**
181		* Calculates the hashCode for this object.
182		*
183		* @return the hashCode
184		*/
185		@Override
186		public int hashCode() {
187	1	int hash = 5;
188	1	hash = 71 * hash + (this.versionParts != null ? this.versionParts.hashCode() : 0);
189	1	return hash;
190		}
191
192		/**
193		* Determines if the three most major major version parts are identical. For
194		* instances, if version 1.2.3.4 was compared to 1.2.3 this function would
195		* return true.
196		*
197		* @param version the version number to compare
198		* @return true if the first three major parts of the version are identical
199		*/
200		public boolean matchesAtLeastThreeLevels(DependencyVersion version) {
201	436	if (version == null) {
202	0	return false;
203		}
204	436	if (Math.abs(this.versionParts.size() - version.versionParts.size()) >= 3) {
205	1	return false;
206		}
207
208	435	final int max = (this.versionParts.size() < version.versionParts.size())
209	66	? this.versionParts.size() : version.versionParts.size();
210
211	435	boolean ret = true;
212	828	for (int i = 0; i < max; i++) {
213	778	final String thisVersion = this.versionParts.get(i);
214	778	final String otherVersion = version.getVersionParts().get(i);
215	778	if (i >= 3) {
216	2	if (thisVersion.compareToIgnoreCase(otherVersion) >= 0) {
217	1	ret = false;
218	1	break;
219		}
220	776	} else if (!thisVersion.equals(otherVersion)) {
221	384	ret = false;
222	384	break;
223		}
224		}
225
226	435	return ret;
227		}
228
229		@Override
230		public int compareTo(DependencyVersion version) {
231	33	if (version == null) {
232	0	return 1;
233		}
234	33	final List<String> left = this.getVersionParts();
235	33	final List<String> right = version.getVersionParts();
236	33	final int max = left.size() < right.size() ? left.size() : right.size();
237
238	84	for (int i = 0; i < max; i++) {
239	72	final String lStr = left.get(i);
240	72	final String rStr = right.get(i);
241	72	if (lStr.equals(rStr)) {
242	51	continue;
243		}
244		try {
245	21	final int l = Integer.parseInt(lStr);
246	14	final int r = Integer.parseInt(rStr);
247	13	if (l < r) {
248	10	return -1;
249	3	} else if (l > r) {
250	3	return 1;
251		}
252	8	} catch (NumberFormatException ex) {
253	8	final int comp = left.get(i).compareTo(right.get(i));
254	8	if (comp < 0) {
255	6	return -1;
256	2	} else if (comp > 0) {
257	2	return 1;
258		}
259	0	}
260		}
261	12	if (left.size() < right.size()) {
262	3	return -1;
263	9	} else if (left.size() > right.size()) {
264	3	return 1;
265		} else {
266	6	return 0;
267		}
268		}
269		}