mirror of
https://github.com/ysoftdevs/DependencyCheck.git
synced 2026-01-16 08:36:55 +01:00
540 lines
80 KiB
HTML
540 lines
80 KiB
HTML
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
|
|
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html>
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
|
|
<title>Coverage Report</title>
|
|
<link title="Style" type="text/css" rel="stylesheet" href="css/main.css"/>
|
|
<script type="text/javascript" src="js/popup.js"></script>
|
|
</head>
|
|
<body>
|
|
<h5>Coverage Report - org.owasp.dependencycheck.analyzer.RubyBundleAuditAnalyzer</h5>
|
|
<div class="separator"> </div>
|
|
<table class="report">
|
|
<thead><tr> <td class="heading">Classes in this File</td> <td class="heading"><a class="dfn" href="help.html" onclick="popupwindow('help.html'); return false;">Line Coverage</a></td> <td class="heading"><a class="dfn" href="help.html" onclick="popupwindow('help.html'); return false;">Branch Coverage</a></td> <td class="heading"><a class="dfn" href="help.html" onclick="popupwindow('help.html'); return false;">Complexity</a></td></tr></thead>
|
|
<tr><td><a href="org.owasp.dependencycheck.analyzer.RubyBundleAuditAnalyzer.html">RubyBundleAuditAnalyzer</a></td><td><table cellpadding="0px" cellspacing="0px" class="percentgraph"><tr class="percentgraph"><td align="right" class="percentgraph" width="40">16%</td><td class="percentgraph"><div class="percentgraph"><div class="greenbar" style="width:16px"><span class="text">28/169</span></div></div></td></tr></table></td><td><table cellpadding="0px" cellspacing="0px" class="percentgraph"><tr class="percentgraph"><td align="right" class="percentgraph" width="40">4%</td><td class="percentgraph"><div class="percentgraph"><div class="greenbar" style="width:4px"><span class="text">3/68</span></div></div></td></tr></table></td><td class="value"><span class="hidden">4.615384615384615;</span>4.615</td></tr>
|
|
|
|
</table>
|
|
<div class="separator"> </div>
|
|
<table cellspacing="0" cellpadding="0" class="src">
|
|
<tr> <td class="numLine"> 1</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/*</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 2</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * This file is part of dependency-check-core.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 3</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 4</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * Licensed under the Apache License, Version 2.0 (the "License");</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 5</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * you may not use this file except in compliance with the License.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 6</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * You may obtain a copy of the License at</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 7</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 8</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * http://www.apache.org/licenses/LICENSE-2.0</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 9</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 10</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * Unless required by applicable law or agreed to in writing, software</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 11</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * distributed under the License is distributed on an "AS IS" BASIS,</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 12</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 13</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * See the License for the specific language governing permissions and</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 14</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * limitations under the License.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 15</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 16</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * Copyright (c) 2015 Institute for Defense Analyses. All Rights Reserved.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 17</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 18</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">package</span> org.owasp.dependencycheck.analyzer;</pre></td></tr>
|
|
<tr> <td class="numLine"> 19</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 20</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> org.apache.commons.io.FileUtils;</pre></td></tr>
|
|
<tr> <td class="numLine"> 21</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> org.owasp.dependencycheck.Engine;</pre></td></tr>
|
|
<tr> <td class="numLine"> 22</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> org.owasp.dependencycheck.analyzer.exception.AnalysisException;</pre></td></tr>
|
|
<tr> <td class="numLine"> 23</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> org.owasp.dependencycheck.dependency.Confidence;</pre></td></tr>
|
|
<tr> <td class="numLine"> 24</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> org.owasp.dependencycheck.dependency.Dependency;</pre></td></tr>
|
|
<tr> <td class="numLine"> 25</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> org.owasp.dependencycheck.dependency.Reference;</pre></td></tr>
|
|
<tr> <td class="numLine"> 26</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> org.owasp.dependencycheck.dependency.Vulnerability;</pre></td></tr>
|
|
<tr> <td class="numLine"> 27</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> org.owasp.dependencycheck.utils.FileFilterBuilder;</pre></td></tr>
|
|
<tr> <td class="numLine"> 28</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> org.owasp.dependencycheck.utils.Settings;</pre></td></tr>
|
|
<tr> <td class="numLine"> 29</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> org.slf4j.Logger;</pre></td></tr>
|
|
<tr> <td class="numLine"> 30</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> org.slf4j.LoggerFactory;</pre></td></tr>
|
|
<tr> <td class="numLine"> 31</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 32</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> java.io.*;</pre></td></tr>
|
|
<tr> <td class="numLine"> 33</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">import</span> java.util.*;</pre></td></tr>
|
|
<tr> <td class="numLine"> 34</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 35</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 36</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * Used to analyze Ruby Bundler Gemspec.lock files utilizing the 3rd party bundle-audit tool.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 37</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 38</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @author Dale Visser</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 39</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 40</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> <span class="keyword">public</span> <span class="keyword">class</span> RubyBundleAuditAnalyzer <span class="keyword">extends</span> AbstractFileTypeAnalyzer {</pre></td></tr>
|
|
<tr> <td class="numLine"> 41</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLineCover"> 42</td> <td class="nbHitsCovered"> 1</td> <td class="src"><pre class="src"> <span class="keyword">private</span> <span class="keyword">static</span> <span class="keyword">final</span> Logger LOGGER = LoggerFactory.getLogger(RubyBundleAuditAnalyzer.<span class="keyword">class</span>);</pre></td></tr>
|
|
<tr> <td class="numLine"> 43</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 44</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 45</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * The name of the analyzer.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 46</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 47</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">private</span> <span class="keyword">static</span> <span class="keyword">final</span> String ANALYZER_NAME = <span class="string">"Ruby Bundle Audit Analyzer"</span>;</pre></td></tr>
|
|
<tr> <td class="numLine"> 48</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 49</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 50</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * The phase that this analyzer is intended to run in.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 51</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 52</td> <td class="nbHitsCovered"> 1</td> <td class="src"><pre class="src"> <span class="keyword">private</span> <span class="keyword">static</span> <span class="keyword">final</span> AnalysisPhase ANALYSIS_PHASE = AnalysisPhase.PRE_INFORMATION_COLLECTION;</pre></td></tr>
|
|
<tr> <td class="numLine"> 53</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLineCover"> 54</td> <td class="nbHitsCovered"> 1</td> <td class="src"><pre class="src"> <span class="keyword">private</span> <span class="keyword">static</span> <span class="keyword">final</span> FileFilter FILTER</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 55</td> <td class="nbHitsCovered"> 1</td> <td class="src"><pre class="src"> = FileFilterBuilder.newInstance().addFilenames(<span class="string">"Gemfile.lock"</span>).build();</pre></td></tr>
|
|
<tr> <td class="numLine"> 56</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">public</span> <span class="keyword">static</span> <span class="keyword">final</span> String NAME = <span class="string">"Name: "</span>;</pre></td></tr>
|
|
<tr> <td class="numLine"> 57</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">public</span> <span class="keyword">static</span> <span class="keyword">final</span> String VERSION = <span class="string">"Version: "</span>;</pre></td></tr>
|
|
<tr> <td class="numLine"> 58</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">public</span> <span class="keyword">static</span> <span class="keyword">final</span> String ADVISORY = <span class="string">"Advisory: "</span>;</pre></td></tr>
|
|
<tr> <td class="numLine"> 59</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">public</span> <span class="keyword">static</span> <span class="keyword">final</span> String CRITICALITY = <span class="string">"Criticality: "</span>;</pre></td></tr>
|
|
<tr> <td class="numLine"> 60</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 61</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 62</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @return a filter that accepts files named Gemfile.lock</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 63</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 64</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> @Override</pre></td></tr>
|
|
<tr> <td class="numLine"> 65</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">protected</span> FileFilter getFileFilter() {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 66</td> <td class="nbHitsCovered"> 854</td> <td class="src"><pre class="src"> <span class="keyword">return</span> FILTER;</pre></td></tr>
|
|
<tr> <td class="numLine"> 67</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 68</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 69</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 70</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * Launch bundle-audit.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 71</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 72</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @return a handle to the process</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 73</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 74</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">private</span> Process launchBundleAudit(File folder) <span class="keyword">throws</span> AnalysisException {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 75</td> <td class="nbHitsUncovered"><a title="Line 75: Conditional coverage 50% (1/2)."> 2</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 75: Conditional coverage 50% (1/2)."> <span class="keyword">if</span> (!folder.isDirectory()) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 76</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">throw</span> <span class="keyword">new</span> AnalysisException(String.format(<span class="string">"%s should have been a directory."</span>, folder.getAbsolutePath()));</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 77</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 78</td> <td class="nbHitsCovered"> 2</td> <td class="src"><pre class="src"> <span class="keyword">final</span> List<String> args = <span class="keyword">new</span> ArrayList<String>();</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 79</td> <td class="nbHitsCovered"> 2</td> <td class="src"><pre class="src"> <span class="keyword">final</span> String bundleAuditPath = Settings.getString(Settings.KEYS.ANALYZER_BUNDLE_AUDIT_PATH);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 80</td> <td class="nbHitsCovered"><a title="Line 80: Conditional coverage 100% (2/2)."> 2</a></td> <td class="src"><pre class="src"> <a title="Line 80: Conditional coverage 100% (2/2)."> args.add(<span class="keyword">null</span> == bundleAuditPath ? <span class="string">"bundle-audit"</span> : bundleAuditPath);</a></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 81</td> <td class="nbHitsCovered"> 2</td> <td class="src"><pre class="src"> args.add(<span class="string">"check"</span>);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 82</td> <td class="nbHitsCovered"> 2</td> <td class="src"><pre class="src"> args.add(<span class="string">"--verbose"</span>);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 83</td> <td class="nbHitsCovered"> 2</td> <td class="src"><pre class="src"> <span class="keyword">final</span> ProcessBuilder builder = <span class="keyword">new</span> ProcessBuilder(args);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 84</td> <td class="nbHitsCovered"> 2</td> <td class="src"><pre class="src"> builder.directory(folder);</pre></td></tr>
|
|
<tr> <td class="numLine"> 85</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">try</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 86</td> <td class="nbHitsCovered"> 2</td> <td class="src"><pre class="src"> LOGGER.info(<span class="string">"Launching: "</span> + args + <span class="string">" from "</span> + folder);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 87</td> <td class="nbHitsCovered"> 2</td> <td class="src"><pre class="src"> <span class="keyword">return</span> builder.start();</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 88</td> <td class="nbHitsCovered"> 2</td> <td class="src"><pre class="src"> } <span class="keyword">catch</span> (IOException ioe) {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 89</td> <td class="nbHitsCovered"> 2</td> <td class="src"><pre class="src"> <span class="keyword">throw</span> <span class="keyword">new</span> AnalysisException(<span class="string">"bundle-audit failure"</span>, ioe);</pre></td></tr>
|
|
<tr> <td class="numLine"> 90</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 91</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 92</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 93</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 94</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * Initialize the analyzer. In this case, extract GrokAssembly.exe to a temporary location.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 95</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 96</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @throws Exception if anything goes wrong</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 97</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 98</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> @Override</pre></td></tr>
|
|
<tr> <td class="numLine"> 99</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">public</span> <span class="keyword">void</span> initializeFileTypeAnalyzer() <span class="keyword">throws</span> Exception {</pre></td></tr>
|
|
<tr> <td class="numLine"> 100</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">// Now, need to see if bundle-audit actually runs from this location.</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 101</td> <td class="nbHitsCovered"> 2</td> <td class="src"><pre class="src"> Process process = <span class="keyword">null</span>;</pre></td></tr>
|
|
<tr> <td class="numLine"> 102</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">try</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 103</td> <td class="nbHitsCovered"> 2</td> <td class="src"><pre class="src"> process = launchBundleAudit(Settings.getTempDirectory());</pre></td></tr>
|
|
<tr> <td class="numLine"> 104</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 105</td> <td class="nbHitsCovered"> 2</td> <td class="src"><pre class="src"> <span class="keyword">catch</span>(AnalysisException ae) {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 106</td> <td class="nbHitsCovered"> 2</td> <td class="src"><pre class="src"> LOGGER.warn(<span class="string">"Exception from bundle-audit process: {}. Disabling {}"</span>, ae.getCause(), ANALYZER_NAME);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 107</td> <td class="nbHitsCovered"> 2</td> <td class="src"><pre class="src"> setEnabled(<span class="keyword">false</span>);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 108</td> <td class="nbHitsCovered"> 2</td> <td class="src"><pre class="src"> <span class="keyword">throw</span> ae;</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 109</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> }</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 110</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLineCover"> 111</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">int</span> exitValue = process.waitFor();</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 112</td> <td class="nbHitsUncovered"><a title="Line 112: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 112: Conditional coverage 0% (0/2)."> <span class="keyword">if</span> (0 == exitValue) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 113</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> LOGGER.warn(<span class="string">"Unexpected exit code from bundle-audit process. Disabling {}: {}"</span>, ANALYZER_NAME, exitValue);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 114</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> setEnabled(<span class="keyword">false</span>);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 115</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">throw</span> <span class="keyword">new</span> AnalysisException(<span class="string">"Unexpected exit code from bundle-audit process."</span>);</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 116</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> } <span class="keyword">else</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 117</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> BufferedReader reader = <span class="keyword">null</span>;</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 118</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">try</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 119</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> reader = <span class="keyword">new</span> BufferedReader(<span class="keyword">new</span> InputStreamReader(process.getErrorStream(), <span class="string">"UTF-8"</span>));</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 120</td> <td class="nbHitsUncovered"><a title="Line 120: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 120: Conditional coverage 0% (0/2)."> <span class="keyword">if</span> (!reader.ready()) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 121</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> LOGGER.warn(<span class="string">"Bundle-audit error stream unexpectedly not ready. Disabling "</span> + ANALYZER_NAME);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 122</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> setEnabled(<span class="keyword">false</span>);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 123</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">throw</span> <span class="keyword">new</span> AnalysisException(<span class="string">"Bundle-audit error stream unexpectedly not ready."</span>);</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 124</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> } <span class="keyword">else</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 125</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">final</span> String line = reader.readLine();</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 126</td> <td class="nbHitsUncovered"><a title="Line 126: Conditional coverage 0% (0/4) [each condition: 0%, 0%]."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 126: Conditional coverage 0% (0/4) [each condition: 0%, 0%]."> <span class="keyword">if</span> (line == <span class="keyword">null</span> || !line.contains(<span class="string">"Errno::ENOENT"</span>)) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 127</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> LOGGER.warn(<span class="string">"Unexpected bundle-audit output. Disabling {}: {}"</span>, ANALYZER_NAME, line);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 128</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> setEnabled(<span class="keyword">false</span>);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 129</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">throw</span> <span class="keyword">new</span> AnalysisException(<span class="string">"Unexpected bundle-audit output."</span>);</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 130</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 131</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 132</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> } <span class="keyword">finally</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 133</td> <td class="nbHitsUncovered"><a title="Line 133: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 133: Conditional coverage 0% (0/2)."> <span class="keyword">if</span> (<span class="keyword">null</span> != reader) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 134</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> reader.close();</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 135</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 136</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 137</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 138</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLineCover"> 139</td> <td class="nbHitsUncovered"><a title="Line 139: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 139: Conditional coverage 0% (0/2)."> <span class="keyword">if</span> (isEnabled()) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 140</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> LOGGER.info(ANALYZER_NAME + <span class="string">" is enabled. It is necessary to manually run \"bundle-audit update\" "</span></span></pre></td></tr>
|
|
<tr> <td class="numLine"> 141</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> + <span class="string">"occasionally to keep its database up to date."</span>);</pre></td></tr>
|
|
<tr> <td class="numLine"> 142</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 143</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> }</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 144</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 145</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 146</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * Returns the name of the analyzer.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 147</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 148</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @return the name of the analyzer.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 149</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 150</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> @Override</pre></td></tr>
|
|
<tr> <td class="numLine"> 151</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">public</span> String getName() {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 152</td> <td class="nbHitsCovered"> 5</td> <td class="src"><pre class="src"> <span class="keyword">return</span> ANALYZER_NAME;</pre></td></tr>
|
|
<tr> <td class="numLine"> 153</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 154</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 155</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 156</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * Returns the phase that the analyzer is intended to run in.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 157</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 158</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @return the phase that the analyzer is intended to run in.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 159</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 160</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> @Override</pre></td></tr>
|
|
<tr> <td class="numLine"> 161</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">public</span> AnalysisPhase getAnalysisPhase() {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 162</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> <span class="keyword">return</span> ANALYSIS_PHASE;</pre></td></tr>
|
|
<tr> <td class="numLine"> 163</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 164</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 165</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 166</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * Returns the key used in the properties file to reference the analyzer's enabled property.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 167</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 168</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * @return the analyzer's enabled property setting key</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 169</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 170</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> @Override</pre></td></tr>
|
|
<tr> <td class="numLine"> 171</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">protected</span> String getAnalyzerEnabledSettingKey() {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 172</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> <span class="keyword">return</span> Settings.KEYS.ANALYZER_BUNDLE_AUDIT_ENABLED;</pre></td></tr>
|
|
<tr> <td class="numLine"> 173</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 174</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 175</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 176</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * If {@link #analyzeFileType(Dependency, Engine)} is called, then we have successfully initialized, and it will be necessary</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 177</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> * to disable {@link RubyGemspecAnalyzer}.</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 178</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 179</td> <td class="nbHitsCovered"> 8</td> <td class="src"><pre class="src"> <span class="keyword">private</span> <span class="keyword">boolean</span> needToDisableGemspecAnalyzer = <span class="keyword">true</span>;</pre></td></tr>
|
|
<tr> <td class="numLine"> 180</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 181</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> @Override</pre></td></tr>
|
|
<tr> <td class="numLine"> 182</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">protected</span> <span class="keyword">void</span> analyzeFileType(Dependency dependency, Engine engine)</pre></td></tr>
|
|
<tr> <td class="numLine"> 183</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">throws</span> AnalysisException {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 184</td> <td class="nbHitsUncovered"><a title="Line 184: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 184: Conditional coverage 0% (0/2)."> <span class="keyword">if</span> (needToDisableGemspecAnalyzer) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 185</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">boolean</span> failed = <span class="keyword">true</span>;</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 186</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">final</span> String className = RubyGemspecAnalyzer.<span class="keyword">class</span>.getName();</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 187</td> <td class="nbHitsUncovered"><a title="Line 187: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 187: Conditional coverage 0% (0/2)."> <span class="keyword">for</span> (FileTypeAnalyzer analyzer : engine.getFileTypeAnalyzers()) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 188</td> <td class="nbHitsUncovered"><a title="Line 188: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 188: Conditional coverage 0% (0/2)."> <span class="keyword">if</span> (analyzer <span class="keyword">instanceof</span> RubyGemspecAnalyzer) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 189</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> ((RubyGemspecAnalyzer) analyzer).setEnabled(<span class="keyword">false</span>);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 190</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> LOGGER.info(<span class="string">"Disabled "</span> + className + <span class="string">" to avoid noisy duplicate results."</span>);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 191</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> failed = <span class="keyword">false</span>;</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 192</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 193</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> }</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 194</td> <td class="nbHitsUncovered"><a title="Line 194: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 194: Conditional coverage 0% (0/2)."> <span class="keyword">if</span> (failed) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 195</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> LOGGER.warn(<span class="string">"Did not find"</span> + className + <span class="string">'.'</span>);</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 196</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 197</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> needToDisableGemspecAnalyzer = <span class="keyword">false</span>;</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 198</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 199</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">final</span> File parentFile = dependency.getActualFile().getParentFile();</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 200</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">final</span> Process process = launchBundleAudit(parentFile);</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 201</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">try</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 202</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> process.waitFor();</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 203</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> } <span class="keyword">catch</span> (InterruptedException ie) {</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 204</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">throw</span> <span class="keyword">new</span> AnalysisException(<span class="string">"bundle-audit process interrupted"</span>, ie);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 205</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> }</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 206</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> BufferedReader rdr = <span class="keyword">null</span>;</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 207</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">try</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 208</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> BufferedReader errReader = <span class="keyword">new</span> BufferedReader(<span class="keyword">new</span> InputStreamReader(process.getErrorStream(), <span class="string">"UTF-8"</span>));</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 209</td> <td class="nbHitsUncovered"><a title="Line 209: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 209: Conditional coverage 0% (0/2)."> <span class="keyword">while</span>(errReader.ready()) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 210</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> String error = errReader.readLine();</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 211</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> LOGGER.warn(error);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 212</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> }</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 213</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> rdr = <span class="keyword">new</span> BufferedReader(<span class="keyword">new</span> InputStreamReader(process.getInputStream(), <span class="string">"UTF-8"</span>));</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 214</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> processBundlerAuditOutput(dependency, engine, rdr);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 215</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> } <span class="keyword">catch</span> (IOException ioe) {</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 216</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> LOGGER.warn(<span class="string">"bundle-audit failure"</span>, ioe);</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 217</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> } <span class="keyword">finally</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 218</td> <td class="nbHitsUncovered"><a title="Line 218: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 218: Conditional coverage 0% (0/2)."> <span class="keyword">if</span> (<span class="keyword">null</span> != rdr) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLine"> 219</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">try</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 220</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> rdr.close();</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 221</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> } <span class="keyword">catch</span> (IOException ioe) {</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 222</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> LOGGER.warn(<span class="string">"bundle-audit close failure"</span>, ioe);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 223</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> }</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 224</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 225</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 226</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLineCover"> 227</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> }</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 228</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 229</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">private</span> <span class="keyword">void</span> processBundlerAuditOutput(Dependency original, Engine engine, BufferedReader rdr) <span class="keyword">throws</span> IOException {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 230</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">final</span> String parentName = original.getActualFile().getParentFile().getName();</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 231</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">final</span> String fileName = original.getFileName();</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 232</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> Dependency dependency = <span class="keyword">null</span>;</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 233</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> Vulnerability vulnerability = <span class="keyword">null</span>;</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 234</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> String gem = <span class="keyword">null</span>;</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 235</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">final</span> Map<String, Dependency> map = <span class="keyword">new</span> HashMap<String, Dependency>();</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 236</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">boolean</span> appendToDescription = <span class="keyword">false</span>;</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 237</td> <td class="nbHitsUncovered"><a title="Line 237: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 237: Conditional coverage 0% (0/2)."> <span class="keyword">while</span> (rdr.ready()) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 238</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">final</span> String nextLine = rdr.readLine();</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 239</td> <td class="nbHitsUncovered"><a title="Line 239: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 239: Conditional coverage 0% (0/2)."> <span class="keyword">if</span> (<span class="keyword">null</span> == nextLine) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 240</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">break</span>;</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 241</td> <td class="nbHitsUncovered"><a title="Line 241: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 241: Conditional coverage 0% (0/2)."> } <span class="keyword">else</span> <span class="keyword">if</span> (nextLine.startsWith(NAME)) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 242</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> appendToDescription = <span class="keyword">false</span>;</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 243</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> gem = nextLine.substring(NAME.length());</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 244</td> <td class="nbHitsUncovered"><a title="Line 244: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 244: Conditional coverage 0% (0/2)."> <span class="keyword">if</span> (!map.containsKey(gem)) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 245</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> map.put(gem, createDependencyForGem(engine, parentName, fileName, gem));</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 246</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 247</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> dependency = map.get(gem);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 248</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> LOGGER.debug(String.format(<span class="string">"bundle-audit (%s): %s"</span>, parentName, nextLine));</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 249</td> <td class="nbHitsUncovered"><a title="Line 249: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 249: Conditional coverage 0% (0/2)."> } <span class="keyword">else</span> <span class="keyword">if</span> (nextLine.startsWith(VERSION)) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 250</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> vulnerability = createVulnerability(parentName, dependency, vulnerability, gem, nextLine);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 251</td> <td class="nbHitsUncovered"><a title="Line 251: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 251: Conditional coverage 0% (0/2)."> } <span class="keyword">else</span> <span class="keyword">if</span> (nextLine.startsWith(ADVISORY)) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 252</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> setVulnerabilityName(parentName, dependency, vulnerability, nextLine);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 253</td> <td class="nbHitsUncovered"><a title="Line 253: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 253: Conditional coverage 0% (0/2)."> } <span class="keyword">else</span> <span class="keyword">if</span> (nextLine.startsWith(CRITICALITY)) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 254</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> addCriticalityToVulnerability(parentName, vulnerability, nextLine);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 255</td> <td class="nbHitsUncovered"><a title="Line 255: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 255: Conditional coverage 0% (0/2)."> } <span class="keyword">else</span> <span class="keyword">if</span> (nextLine.startsWith(<span class="string">"URL: "</span>)) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 256</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> addReferenceToVulnerability(parentName, vulnerability, nextLine);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 257</td> <td class="nbHitsUncovered"><a title="Line 257: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 257: Conditional coverage 0% (0/2)."> } <span class="keyword">else</span> <span class="keyword">if</span> (nextLine.startsWith(<span class="string">"Description:"</span>)) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 258</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> appendToDescription = <span class="keyword">true</span>;</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 259</td> <td class="nbHitsUncovered"><a title="Line 259: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 259: Conditional coverage 0% (0/2)."> <span class="keyword">if</span> (<span class="keyword">null</span> != vulnerability) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 260</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> vulnerability.setDescription(<span class="string">"*** Vulnerability obtained from bundle-audit verbose report. Title link may not work. CPE below is guessed. CVSS score is estimated (-1.0 indicates unknown). See link below for full details. *** "</span>);</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 261</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 262</td> <td class="nbHitsUncovered"><a title="Line 262: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 262: Conditional coverage 0% (0/2)."> } <span class="keyword">else</span> <span class="keyword">if</span> (appendToDescription) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 263</td> <td class="nbHitsUncovered"><a title="Line 263: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 263: Conditional coverage 0% (0/2)."> <span class="keyword">if</span> (<span class="keyword">null</span> != vulnerability) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 264</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> vulnerability.setDescription(vulnerability.getDescription() + nextLine + <span class="string">"\n"</span>);</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 265</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 266</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 267</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> }</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 268</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> }</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 269</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 270</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">private</span> <span class="keyword">void</span> setVulnerabilityName(String parentName, Dependency dependency, Vulnerability vulnerability, String nextLine) {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 271</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">final</span> String advisory = nextLine.substring((ADVISORY.length()));</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 272</td> <td class="nbHitsUncovered"><a title="Line 272: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 272: Conditional coverage 0% (0/2)."> <span class="keyword">if</span> (<span class="keyword">null</span> != vulnerability) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 273</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> vulnerability.setName(advisory);</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 274</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 275</td> <td class="nbHitsUncovered"><a title="Line 275: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 275: Conditional coverage 0% (0/2)."> <span class="keyword">if</span> (<span class="keyword">null</span> != dependency) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 276</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> dependency.getVulnerabilities().add(vulnerability); <span class="comment">// needed to wait for vulnerability name to avoid NPE</span></span></pre></td></tr>
|
|
<tr> <td class="numLine"> 277</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 278</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> LOGGER.debug(String.format(<span class="string">"bundle-audit (%s): %s"</span>, parentName, nextLine));</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 279</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> }</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 280</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 281</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">private</span> <span class="keyword">void</span> addReferenceToVulnerability(String parentName, Vulnerability vulnerability, String nextLine) {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 282</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">final</span> String url = nextLine.substring((<span class="string">"URL: "</span>).length());</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 283</td> <td class="nbHitsUncovered"><a title="Line 283: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 283: Conditional coverage 0% (0/2)."> <span class="keyword">if</span> (<span class="keyword">null</span> != vulnerability) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 284</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> Reference ref = <span class="keyword">new</span> Reference();</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 285</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> ref.setName(vulnerability.getName());</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 286</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> ref.setSource(<span class="string">"bundle-audit"</span>);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 287</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> ref.setUrl(url);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 288</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> vulnerability.getReferences().add(ref);</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 289</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 290</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> LOGGER.debug(String.format(<span class="string">"bundle-audit (%s): %s"</span>, parentName, nextLine));</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 291</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> }</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 292</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 293</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">private</span> <span class="keyword">void</span> addCriticalityToVulnerability(String parentName, Vulnerability vulnerability, String nextLine) {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 294</td> <td class="nbHitsUncovered"><a title="Line 294: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 294: Conditional coverage 0% (0/2)."> <span class="keyword">if</span> (<span class="keyword">null</span> != vulnerability) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 295</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">final</span> String criticality = nextLine.substring(CRITICALITY.length()).trim();</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 296</td> <td class="nbHitsUncovered"><a title="Line 296: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 296: Conditional coverage 0% (0/2)."> <span class="keyword">if</span> (<span class="string">"High"</span>.equals(criticality)) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 297</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> vulnerability.setCvssScore(8.5f);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 298</td> <td class="nbHitsUncovered"><a title="Line 298: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 298: Conditional coverage 0% (0/2)."> } <span class="keyword">else</span> <span class="keyword">if</span> (<span class="string">"Medium"</span>.equals(criticality)) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 299</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> vulnerability.setCvssScore(5.5f);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 300</td> <td class="nbHitsUncovered"><a title="Line 300: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 300: Conditional coverage 0% (0/2)."> } <span class="keyword">else</span> <span class="keyword">if</span> (<span class="string">"Low"</span>.equals(criticality)) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 301</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> vulnerability.setCvssScore(2.0f);</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 302</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> } <span class="keyword">else</span> {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 303</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> vulnerability.setCvssScore(-1.0f);</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 304</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 305</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 306</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> LOGGER.debug(String.format(<span class="string">"bundle-audit (%s): %s"</span>, parentName, nextLine));</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 307</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> }</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 308</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 309</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">private</span> Vulnerability createVulnerability(String parentName, Dependency dependency, Vulnerability vulnerability, String gem, String nextLine) {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 310</td> <td class="nbHitsUncovered"><a title="Line 310: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 310: Conditional coverage 0% (0/2)."> <span class="keyword">if</span> (<span class="keyword">null</span> != dependency) {</a></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 311</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">final</span> String version = nextLine.substring(VERSION.length());</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 312</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> dependency.getVersionEvidence().addEvidence(</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 313</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="string">"bundler-audit"</span>,</pre></td></tr>
|
|
<tr> <td class="numLine"> 314</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="string">"Version"</span>,</pre></td></tr>
|
|
<tr> <td class="numLine"> 315</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> version,</pre></td></tr>
|
|
<tr> <td class="numLine"> 316</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> Confidence.HIGHEST);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 317</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> vulnerability = <span class="keyword">new</span> Vulnerability(); <span class="comment">// don't add to dependency until we have name set later</span></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 318</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> vulnerability.setMatchedCPE(</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 319</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> String.format(<span class="string">"cpe:/a:%1$s_project:%1$s:%2$s::~~~ruby~~"</span>, gem, version),</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 320</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">null</span>);</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 321</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> vulnerability.setCvssAccessVector(<span class="string">"-"</span>);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 322</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> vulnerability.setCvssAccessComplexity(<span class="string">"-"</span>);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 323</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> vulnerability.setCvssAuthentication(<span class="string">"-"</span>);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 324</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> vulnerability.setCvssAvailabilityImpact(<span class="string">"-"</span>);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 325</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> vulnerability.setCvssConfidentialityImpact(<span class="string">"-"</span>);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 326</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> vulnerability.setCvssIntegrityImpact(<span class="string">"-"</span>);</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 327</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 328</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> LOGGER.debug(String.format(<span class="string">"bundle-audit (%s): %s"</span>, parentName, nextLine));</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 329</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">return</span> vulnerability;</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 330</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 331</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> </pre></td></tr>
|
|
<tr> <td class="numLine"> 332</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> <span class="keyword">private</span> Dependency createDependencyForGem(Engine engine, String parentName, String fileName, String gem) <span class="keyword">throws</span> IOException {</pre></td></tr>
|
|
<tr> <td class="numLineCover"> 333</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">final</span> File tempFile = File.createTempFile(<span class="string">"Gemfile-"</span> + gem, <span class="string">".lock"</span>, Settings.getTempDirectory());</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 334</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">final</span> String displayFileName = String.format(<span class="string">"%s%c%s:%s"</span>, parentName, File.separatorChar, fileName, gem);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 335</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> FileUtils.write(tempFile, displayFileName); <span class="comment">// unique contents to avoid dependency bundling</span></span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 336</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">final</span> Dependency dependency = <span class="keyword">new</span> Dependency(tempFile);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 337</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> dependency.getProductEvidence().addEvidence(<span class="string">"bundler-audit"</span>, <span class="string">"Name"</span>, gem, Confidence.HIGHEST);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 338</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> dependency.setDisplayFileName(displayFileName);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 339</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> engine.getDependencies().add(dependency);</span></pre></td></tr>
|
|
<tr> <td class="numLineCover"> 340</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">return</span> dependency;</span></pre></td></tr>
|
|
<tr> <td class="numLine"> 341</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
<tr> <td class="numLine"> 342</td> <td class="nbHits"> </td>
|
|
<td class="src"><pre class="src"> }</pre></td></tr>
|
|
</table>
|
|
|
|
<div class="footer">Report generated by <a href="http://cobertura.sourceforge.net/" target="_top">Cobertura</a> 2.1.1 on 4/9/16 8:09 PM.</div>
|
|
</body>
|
|
</html>
|