@ThreadSafe public class YarnAuditAnalyzer extends AbstractNpmAnalyzer
Modifier and Type | Field and Description |
---|---|
static java.lang.String |
YARN_PACKAGE_LOCK
The file name to scan.
|
NPM_DEPENDENCY_ECOSYSTEM
Constructor and Description |
---|
YarnAuditAnalyzer() |
Modifier and Type | Method and Description |
---|---|
protected void |
analyzeDependency(Dependency dependency,
Engine engine)
Analyzes the yarn lock file to determine vulnerable dependencies.
|
AnalysisPhase |
getAnalysisPhase()
Returns the phase that the analyzer is intended to run in.
|
protected java.lang.String |
getAnalyzerEnabledSettingKey()
Returns the setting key to determine if the analyzer is enabled.
|
protected java.io.FileFilter |
getFileFilter()
Returns the
FileFilter used to determine which files are
to be analyzed. |
java.lang.String |
getName()
Returns the name of the analyzer.
|
protected void |
prepareFileTypeAnalyzer(Engine engine)
Initializes the analyzer once before any analysis is performed.
|
accept, createDependency, determineVersionFromMap, findDependency, gatherEvidence, getSearcher, processPackage, processPackage, processResults, replaceOrAddVulnerability, shouldProcess
getFilesMatched, newHashSet, prepareAnalyzer, setFilesMatched
analyze, close, closeAnalyzer, getSettings, initialize, isEnabled, prepare, setEnabled, supportsParallelProcessing
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
analyze, close, initialize, isEnabled, prepare, supportsParallelProcessing
public static final java.lang.String YARN_PACKAGE_LOCK
protected void analyzeDependency(Dependency dependency, Engine engine) throws AnalysisException
analyzeDependency
in class AbstractAnalyzer
dependency
- the yarn lock fileengine
- the analysis engineAnalysisException
- thrown if there is an error analyzing the fileprotected java.lang.String getAnalyzerEnabledSettingKey()
AbstractAnalyzer
Returns the setting key to determine if the analyzer is enabled.
getAnalyzerEnabledSettingKey
in class AbstractAnalyzer
protected java.io.FileFilter getFileFilter()
AbstractFileTypeAnalyzer
Returns the FileFilter
used to determine which files are
to be analyzed. An example would be an analyzer that inspected Java jar
files. Implementors may use
FileFilterBuilder
.
If the analyzer returns null it will not cause additional files to be analyzed, but will be executed against every file loaded.
getFileFilter
in class AbstractFileTypeAnalyzer
public java.lang.String getName()
Analyzer
public AnalysisPhase getAnalysisPhase()
Analyzer
protected void prepareFileTypeAnalyzer(Engine engine) throws InitializationException
prepareFileTypeAnalyzer
in class AbstractNpmAnalyzer
engine
- a reference to the dependency-check engineInitializationException
- if there's an error during initializationCopyright© 2012-21 Jeremy Long. All Rights Reserved.