diff --git a/app/com/ysoft/odc/OdcParser.scala b/app/com/ysoft/odc/OdcParser.scala
index 8b254ff..9dd5501 100644
--- a/app/com/ysoft/odc/OdcParser.scala
+++ b/app/com/ysoft/odc/OdcParser.scala
@@ -46,6 +46,7 @@ final case class Dependency(
description: String,
evidenceCollected: Set[Evidence],
identifiers: Seq[Identifier],
+ suppressedIdentifiers: Seq[Identifier],
license: String,
vulnerabilities: Seq[Vulnerability],
suppressedVulnerabilities: Seq[Vulnerability],
@@ -78,6 +79,7 @@ final case class GroupedDependency(dependencies: Map[Dependency, Set[ReportInfo]
def hashes = dependencies.keys.head.hashes // valid since all deps in a group have the same hashes
val sha1 = hashes.sha1
def identifiers: Set[Identifier] = dependencies.keySet.flatMap(_.identifiers)
+ def suppressedIdentifiers: Set[Identifier] = dependencies.keySet.flatMap(_.suppressedIdentifiers)
def mavenIdentifiers = identifiers.filter(_.identifierType == "maven")
def cpeIdentifiers = identifiers.filter(_.identifierType == "cpe")
def vulnerabilities: Set[Vulnerability] = dependencies.keySet.flatMap(_.vulnerabilities)
@@ -244,7 +246,10 @@ object OdcParser {
))
}
- def parseIdentifier(node: Node): Identifier = {
+ def parseIdentifier(node: Node, expectedLabel: String): Identifier = {
+ if(node.label != expectedLabel){
+ sys.error("Unexpected label for identifier: "+node.label)
+ }
checkElements(node, Set("name", "url"))
checkParams(node, Set("type", "confidence"))
val ExtractPattern = """\((.*)\)""".r
@@ -258,14 +263,11 @@ object OdcParser {
))
}
- def parseIdentifiers(seq: Node): Seq[Identifier] = {
- filterWhitespace(seq.head).map(parseIdentifier(_))
- }
-
def parseDependency(node: Node): Dependency = {
checkElements(node, Set("fileName", "filePath", "md5", "sha1", "description", "evidenceCollected", "identifiers", "license", "vulnerabilities", "relatedDependencies"))
checkParams(node, Set())
val (vulnerabilities: Seq[Node], suppressedVulnerabilities: Seq[Node]) = (node \ "vulnerabilities").headOption.map(filterWhitespace).getOrElse(Seq()).partition(_.label == "vulnerability")
+ val (identifiers, suppressedIdentifiers) = (node \ "identifiers").headOption.map(filterWhitespace).getOrElse(Seq()).partition(_.label == "identifier")
dependencyPool(Dependency(
fileName = (node \ "fileName").text,
filePath = (node \ "filePath").text,
@@ -273,7 +275,8 @@ object OdcParser {
sha1 = (node \ "sha1").text,
description = (node \ "description").text,
evidenceCollected = filterWhitespace((node \ "evidenceCollected").head).map(parseEvidence).toSet,
- identifiers = (node \ "identifiers").headOption.map(parseIdentifiers).getOrElse(Seq()),
+ identifiers = identifiers.map(parseIdentifier(_, "identifier")),
+ suppressedIdentifiers = suppressedIdentifiers.map(parseIdentifier(_, "suppressedIdentifier")),
license = (node \ "license").text,
vulnerabilities = vulnerabilities.map(parseVulnerability(_)),
suppressedVulnerabilities = suppressedVulnerabilities.map(parseVulnerability(_, "suppressedVulnerability")),
diff --git a/app/views/libraryIdentification.scala.html b/app/views/libraryIdentification.scala.html
index 8eeac78..b9baf0b 100644
--- a/app/views/libraryIdentification.scala.html
+++ b/app/views/libraryIdentification.scala.html
@@ -14,3 +14,6 @@
@if(addButtons && suppressionXmlIdOption.isDefined){ }
}
+@for(id <- dep.suppressedIdentifiers.toSeq.sortBy(i => (i.confidence, i.identifierType, i.name, i.url)).reverse){
+ @identifier(id, addLink)
+}
diff --git a/app/views/warnings/groupedDependencies.scala.html b/app/views/warnings/groupedDependencies.scala.html
index 3d92709..477a952 100644
--- a/app/views/warnings/groupedDependencies.scala.html
+++ b/app/views/warnings/groupedDependencies.scala.html
@@ -4,6 +4,7 @@
@for(groupedDependency <- items){
@groupedDependency.fileNames.toSeq.sorted
+ @*TODO: Consider using libraryIdentification there in otder to support suppressedIdentifiers properly *@
@identifiers(groupedDependency.identifiers)
@groupedDependency.dependencies.keySet.groupBy(_.evidenceCollected)