Examples of org.owasp.dependencycheck.data.nexus.MavenArtifact

Package org.owasp.dependencycheck.data.nexus

Examples of org.owasp.dependencycheck.data.nexus.MavenArtifact

org.owasp.dependencycheck.data.nexus.MavenArtifact
Simple bean representing a Maven Artifact. @author colezlaw

     * Test of addAsEvidence method, of class Dependency.
     */
    @Test
    public void testAddAsEvidence() {
        Dependency instance = new Dependency();
        MavenArtifact mavenArtifact = new MavenArtifact("group", "artifact", "version", "url");
        instance.addAsEvidence("pom", mavenArtifact, Confidence.HIGH);
        assertTrue(instance.getEvidence().contains(Confidence.HIGH));
        assertFalse(instance.getEvidence().getEvidence("pom", "groupid").isEmpty());
        assertFalse(instance.getEvidence().getEvidence("pom", "artifactid").isEmpty());
        assertFalse(instance.getEvidence().getEvidence("pom", "version").isEmpty());

View Full Code Here

     * Test of addAsEvidence method, of class Dependency.
     */
    @Test
    public void testAddAsEvidenceWithEmptyArtefact() {
        Dependency instance = new Dependency();
        MavenArtifact mavenArtifact = new MavenArtifact(null, null, null, null);
        instance.addAsEvidence("pom", mavenArtifact, Confidence.HIGH);
        assertFalse(instance.getEvidence().contains(Confidence.HIGH));
        assertTrue(instance.getEvidence().getEvidence("pom", "groupid").isEmpty());
        assertTrue(instance.getEvidence().getEvidence("pom", "artifactid").isEmpty());
        assertTrue(instance.getEvidence().getEvidence("pom", "version").isEmpty());

View Full Code Here

    public void analyzeFileType(Dependency dependency, Engine engine) throws AnalysisException {
        if (!isEnabled()) {
            return;
        }
        try {
            final MavenArtifact ma = searcher.searchSha1(dependency.getSha1sum());
            dependency.addAsEvidence("nexus", ma, Confidence.HIGH);
        } catch (IllegalArgumentException iae) {
            //dependency.addAnalysisException(new AnalysisException("Invalid SHA-1"));
            LOGGER.info(String.format("invalid sha-1 hash on %s", dependency.getFileName()));
        } catch (FileNotFoundException fnfe) {

View Full Code Here

                        LOGGER.finest(String.format("GroupId: %s", g));
                        final String a = xpath.evaluate("./str[@name='a']", docs.item(i));
                        LOGGER.finest(String.format("ArtifactId: %s", a));
                        final String v = xpath.evaluate("./str[@name='v']", docs.item(i));
                        LOGGER.finest(String.format("Version: %s", v));
                        result.add(new MavenArtifact(g, a, v, url.toString()));
                    }


                    return result;
                }
            } catch (Throwable e) {

View Full Code Here

            final List<Dependency> deps = localEngine.scan(a.getFile().getAbsoluteFile());
            if (deps != null) {
                if (deps.size() == 1) {
                    final Dependency d = deps.get(0);
                    if (d != null) {
                        final MavenArtifact ma = new MavenArtifact(a.getGroupId(), a.getArtifactId(), a.getVersion());
                        d.addAsEvidence("pom", ma, Confidence.HIGHEST);
                    }
                } else {
                    final String msg = String.format("More then 1 dependency was identified in first pass scan of '%s:%s:%s'",
                            a.getGroupId(), a.getArtifactId(), a.getVersion());

View Full Code Here

TOP

Related Classes of org.owasp.dependencycheck.data.nexus.MavenArtifact

org.owasp.dependencycheck.analyzer.NexusAnalyzer

org.owasp.dependencycheck.data.central.CentralSearch

org.owasp.dependencycheck.dependency.DependencyTest

org.owasp.dependencycheck.maven.DependencyCheckMojo

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.