@NotThreadSafe
public class Engine
extends java.lang.Object
implements java.io.FileFilter, java.lang.AutoCloseable
Modifier and Type | Class and Description |
---|---|
static class |
Engine.Mode
Engine execution modes. |
Constructor and Description |
---|
Engine(@NotNull java.lang.ClassLoader serviceClassLoader,
@NotNull Engine.Mode mode,
@NotNull Settings settings)
Creates a new Engine.
|
Engine(@NotNull java.lang.ClassLoader serviceClassLoader,
@NotNull Settings settings)
Creates a new
Engine.Mode.STANDALONE Engine. |
Engine(@NotNull Engine.Mode mode,
@NotNull Settings settings)
Creates a new Engine.
|
Engine(@NotNull Settings settings)
Creates a new
Engine.Mode.STANDALONE Engine. |
Modifier and Type | Method and Description |
---|---|
boolean |
accept(@Nullable java.io.File file)
Checks all analyzers to see if an extension is supported.
|
void |
addDependency(Dependency dependency)
Adds a dependency.
|
protected void |
addFileTypeAnalyzer(@NotNull FileTypeAnalyzer fta)
Adds a file type analyzer.
|
void |
analyzeDependencies()
Runs the analyzers against all of the dependencies.
|
void |
close()
Properly cleans up resources allocated during analysis.
|
protected void |
closeAnalyzer(@NotNull Analyzer analyzer)
Closes the given analyzer.
|
boolean |
doUpdates()
Cycles through the cached web data sources and calls update on all of
them.
|
boolean |
doUpdates(boolean remainOpen)
Cycles through the cached web data sources and calls update on all of
them.
|
protected void |
executeAnalysisTasks(@NotNull Analyzer analyzer,
java.util.List<java.lang.Throwable> exceptions)
Executes executes the analyzer using multiple threads.
|
protected java.util.List<AnalysisTask> |
getAnalysisTasks(Analyzer analyzer,
java.util.List<java.lang.Throwable> exceptions)
Returns the analysis tasks for the dependencies.
|
@NotNull java.util.List<Analyzer> |
getAnalyzers()
Returns a full list of all of the analyzers.
|
java.util.List<Analyzer> |
getAnalyzers(AnalysisPhase phase)
Get the List of the analyzers for a specific phase of analysis.
|
CveDB |
getDatabase()
Returns a reference to the database.
|
Dependency[] |
getDependencies()
Returns a copy of the dependencies as an array.
|
protected java.util.concurrent.ExecutorService |
getExecutorService(Analyzer analyzer)
Returns the executor service for a given analyzer.
|
java.util.Set<FileTypeAnalyzer> |
getFileTypeAnalyzers()
Returns the set of file type analyzers.
|
Engine.Mode |
getMode()
Returns the mode of the engine.
|
java.lang.Object |
getObject(java.lang.String key)
Retrieve an object from the objects collection.
|
Settings |
getSettings()
Returns the configured settings.
|
boolean |
hasObject(java.lang.String key)
Verifies if the object exists in the object store.
|
protected void |
initializeAnalyzer(@NotNull Analyzer analyzer)
Initializes the given analyzer.
|
protected void |
initializeEngine()
Creates a new Engine using the specified classloader to dynamically load
Analyzer and Update services.
|
void |
openDatabase()
This method is only public for unit/integration testing.
|
void |
openDatabase(boolean readOnly,
boolean lockRequired)
This method is only public for unit/integration testing.
|
boolean |
purge()
Purges the cached web data sources.
|
void |
putObject(java.lang.String key,
java.lang.Object object)
Put an object in the object collection.
|
void |
removeDependency(@NotNull Dependency dependency)
Removes the dependency.
|
void |
removeObject(java.lang.String key)
Removes an object from the object store.
|
java.util.List<Dependency> |
scan(java.util.Collection<java.io.File> files)
Scans a collection of files or directories.
|
java.util.List<Dependency> |
scan(java.util.Collection<java.io.File> files,
java.lang.String projectReference)
Scans a collection of files or directories.
|
java.util.List<Dependency> |
scan(java.io.File file)
Scans a given file or directory.
|
java.util.List<Dependency> |
scan(java.io.File[] files)
Scans an array of files or directories.
|
java.util.List<Dependency> |
scan(java.io.File[] files,
java.lang.String projectReference)
Scans an array of files or directories.
|
@Nullable java.util.List<Dependency> |
scan(@NotNull java.io.File file,
java.lang.String projectReference)
Scans a given file or directory.
|
java.util.List<Dependency> |
scan(@NotNull java.lang.String path)
Scans a given file or directory.
|
java.util.List<Dependency> |
scan(@NotNull java.lang.String[] paths)
Scans an array of files or directories.
|
java.util.List<Dependency> |
scan(@NotNull java.lang.String[] paths,
@Nullable java.lang.String projectReference)
Scans an array of files or directories.
|
java.util.List<Dependency> |
scan(@NotNull java.lang.String path,
java.lang.String projectReference)
Scans a given file or directory.
|
protected java.util.List<Dependency> |
scanDirectory(java.io.File dir)
Recursively scans files and directories.
|
protected java.util.List<Dependency> |
scanDirectory(@NotNull java.io.File dir,
@Nullable java.lang.String projectReference)
Recursively scans files and directories.
|
protected Dependency |
scanFile(@NotNull java.io.File file)
Scans a specified file.
|
protected Dependency |
scanFile(@NotNull java.io.File file,
@Nullable java.lang.String projectReference)
Scans a specified file.
|
void |
setDependencies(@NotNull java.util.List<Dependency> dependencies)
Sets the dependencies.
|
void |
sortDependencies()
Sorts the dependency list.
|
void |
writeReports(java.lang.String applicationName,
java.io.File outputDir,
java.lang.String format)
|
void |
writeReports(java.lang.String applicationName,
java.io.File outputDir,
java.lang.String format,
ExceptionCollection exceptions)
Writes the report to the given output directory.
|
void |
writeReports(java.lang.String applicationName,
@Nullable java.lang.String groupId,
@Nullable java.lang.String artifactId,
@Nullable java.lang.String version,
@NotNull java.io.File outputDir,
java.lang.String format)
|
void |
writeReports(java.lang.String applicationName,
@Nullable java.lang.String groupId,
@Nullable java.lang.String artifactId,
@Nullable java.lang.String version,
@NotNull java.io.File outputDir,
java.lang.String format,
ExceptionCollection exceptions)
Writes the report to the given output directory.
|
public Engine(@NotNull @NotNull Settings settings)
Engine.Mode.STANDALONE
Engine.settings
- reference to the configured settingspublic Engine(@NotNull @NotNull Engine.Mode mode, @NotNull @NotNull Settings settings)
mode
- the mode of operationsettings
- reference to the configured settingspublic Engine(@NotNull @NotNull java.lang.ClassLoader serviceClassLoader, @NotNull @NotNull Settings settings)
Engine.Mode.STANDALONE
Engine.serviceClassLoader
- a reference the class loader being usedsettings
- reference to the configured settingspublic Engine(@NotNull @NotNull java.lang.ClassLoader serviceClassLoader, @NotNull @NotNull Engine.Mode mode, @NotNull @NotNull Settings settings)
serviceClassLoader
- a reference the class loader being usedmode
- the mode of the enginesettings
- reference to the configured settingsprotected final void initializeEngine()
DatabaseException
- thrown if there is an error connecting to the
databasepublic void close()
close
in interface java.lang.AutoCloseable
public java.util.List<Analyzer> getAnalyzers(AnalysisPhase phase)
phase
- the phase to get the configured analyzers.public void addDependency(Dependency dependency)
dependency
- the dependency to addpublic void sortDependencies()
public void removeDependency(@NotNull @NotNull Dependency dependency)
dependency
- the dependency to remove.public Dependency[] getDependencies()
public void setDependencies(@NotNull @NotNull java.util.List<Dependency> dependencies)
dependencies
- the dependenciespublic java.util.List<Dependency> scan(@NotNull @NotNull java.lang.String[] paths)
paths
- an array of paths to files or directories to be analyzedpublic java.util.List<Dependency> scan(@NotNull @NotNull java.lang.String[] paths, @Nullable @Nullable java.lang.String projectReference)
paths
- an array of paths to files or directories to be analyzedprojectReference
- the name of the project or scope in which the
dependency was identifiedpublic java.util.List<Dependency> scan(@NotNull @NotNull java.lang.String path)
path
- the path to a file or directory to be analyzedpublic java.util.List<Dependency> scan(@NotNull @NotNull java.lang.String path, java.lang.String projectReference)
path
- the path to a file or directory to be analyzedprojectReference
- the name of the project or scope in which the
dependency was identifiedpublic java.util.List<Dependency> scan(java.io.File[] files)
files
- an array of paths to files or directories to be analyzed.public java.util.List<Dependency> scan(java.io.File[] files, java.lang.String projectReference)
files
- an array of paths to files or directories to be analyzed.projectReference
- the name of the project or scope in which the
dependency was identifiedpublic java.util.List<Dependency> scan(java.util.Collection<java.io.File> files)
files
- a set of paths to files or directories to be analyzedpublic java.util.List<Dependency> scan(java.util.Collection<java.io.File> files, java.lang.String projectReference)
files
- a set of paths to files or directories to be analyzedprojectReference
- the name of the project or scope in which the
dependency was identifiedpublic java.util.List<Dependency> scan(java.io.File file)
file
- the path to a file or directory to be analyzed@Nullable public @Nullable java.util.List<Dependency> scan(@NotNull @NotNull java.io.File file, java.lang.String projectReference)
file
- the path to a file or directory to be analyzedprojectReference
- the name of the project or scope in which the
dependency was identifiedprotected java.util.List<Dependency> scanDirectory(java.io.File dir)
dir
- the directory to scanprotected java.util.List<Dependency> scanDirectory(@NotNull @NotNull java.io.File dir, @Nullable @Nullable java.lang.String projectReference)
dir
- the directory to scanprojectReference
- the name of the project or scope in which the
dependency was identifiedprotected Dependency scanFile(@NotNull @NotNull java.io.File file)
file
- The file to scanprotected Dependency scanFile(@NotNull @NotNull java.io.File file, @Nullable @Nullable java.lang.String projectReference)
file
- The file to scanprojectReference
- the name of the project or scope in which the
dependency was identifiedpublic void analyzeDependencies() throws ExceptionCollection
getDependencies()
, this method
iterates over a copy of the dependencies list. Thus, the potential for
ConcurrentModificationException
s is avoided, and
analyzers may safely add or remove entries from the dependencies list.
Every effort is made to complete analysis on the dependencies. In some cases an exception will occur with part of the analysis being performed which may not affect the entire analysis. If an exception occurs it will be included in the thrown exception collection.
ExceptionCollection
- a collections of any exceptions that occurred
during analysisprotected void executeAnalysisTasks(@NotNull @NotNull Analyzer analyzer, java.util.List<java.lang.Throwable> exceptions) throws ExceptionCollection
exceptions
- a collection of exceptions that occurred during
analysisanalyzer
- the analyzer to executeExceptionCollection
- thrown if exceptions occurred during analysisprotected java.util.List<AnalysisTask> getAnalysisTasks(Analyzer analyzer, java.util.List<java.lang.Throwable> exceptions)
analyzer
- the analyzer to create tasks forexceptions
- the collection of exceptions to collectprotected java.util.concurrent.ExecutorService getExecutorService(Analyzer analyzer)
analyzer
- the analyzer to obtain an executorprotected void initializeAnalyzer(@NotNull @NotNull Analyzer analyzer) throws InitializationException
analyzer
- the analyzer to prepareInitializationException
- thrown when there is a problem
initializing the analyzerprotected void closeAnalyzer(@NotNull @NotNull Analyzer analyzer)
analyzer
- the analyzer to closepublic boolean doUpdates() throws UpdateException, DatabaseException
UpdateException
- thrown if the operation failsDatabaseException
- if the operation fails due to a local database
failurepublic boolean doUpdates(boolean remainOpen) throws UpdateException, DatabaseException
remainOpen
- whether or not the database connection should remain
openUpdateException
- thrown if the operation failsDatabaseException
- if the operation fails due to a local database
failurepublic boolean purge()
true
if the purge was successful; otherwise
false
public void openDatabase() throws DatabaseException
This method is only public for unit/integration testing. This method should not be called by any integration that uses dependency-check-core.
Opens the database connection.
DatabaseException
- if the database connection could not be createdpublic void openDatabase(boolean readOnly, boolean lockRequired) throws DatabaseException
This method is only public for unit/integration testing. This method should not be called by any integration that uses dependency-check-core.
Opens the database connection; if readOnly is true a copy of the database will be made.
readOnly
- whether or not the database connection should be readonlylockRequired
- whether or not a lock needs to be acquired when
opening the databaseDatabaseException
- if the database connection could not be createdpublic CveDB getDatabase()
@NotNull public @NotNull java.util.List<Analyzer> getAnalyzers()
public boolean accept(@Nullable @Nullable java.io.File file)
accept
in interface java.io.FileFilter
file
- a file extensionpublic java.util.Set<FileTypeAnalyzer> getFileTypeAnalyzers()
public Settings getSettings()
public java.lang.Object getObject(java.lang.String key)
key
- the key to retrieve the objectpublic void putObject(java.lang.String key, java.lang.Object object)
key
- the key to store the objectobject
- the object to storepublic boolean hasObject(java.lang.String key)
key
- the key to retrieve the objecttrue
if the object exists; otherwise
false
public void removeObject(java.lang.String key)
key
- the key to the objectpublic Engine.Mode getMode()
protected void addFileTypeAnalyzer(@NotNull @NotNull FileTypeAnalyzer fta)
fta
- the file type analyzer to add@Deprecated public void writeReports(java.lang.String applicationName, java.io.File outputDir, java.lang.String format) throws ReportException
writeReports(java.lang.String, java.io.File, java.lang.String, org.owasp.dependencycheck.exception.ExceptionCollection)
applicationName
- the name of the application/projectoutputDir
- the path to the output directory (can include the full
file name if the format is not ALL)format
- the report format (see ReportGenerator.Format
)ReportException
- thrown if there is an error generating the reportpublic void writeReports(java.lang.String applicationName, java.io.File outputDir, java.lang.String format, ExceptionCollection exceptions) throws ReportException
applicationName
- the name of the application/projectoutputDir
- the path to the output directory (can include the full
file name if the format is not ALL)format
- the report format (see ReportGenerator.Format
)exceptions
- a collection of exceptions that may have occurred
during the analysisReportException
- thrown if there is an error generating the report@Deprecated public void writeReports(java.lang.String applicationName, @Nullable @Nullable java.lang.String groupId, @Nullable @Nullable java.lang.String artifactId, @Nullable @Nullable java.lang.String version, @NotNull @NotNull java.io.File outputDir, java.lang.String format) throws ReportException
applicationName
- the name of the application/projectgroupId
- the Maven groupIdartifactId
- the Maven artifactIdversion
- the Maven versionoutputDir
- the path to the output directory (can include the full
file name if the format is not ALL)format
- the report format (see ReportGenerator.Format
)ReportException
- thrown if there is an error generating the reportpublic void writeReports(java.lang.String applicationName, @Nullable @Nullable java.lang.String groupId, @Nullable @Nullable java.lang.String artifactId, @Nullable @Nullable java.lang.String version, @NotNull @NotNull java.io.File outputDir, java.lang.String format, ExceptionCollection exceptions) throws ReportException
applicationName
- the name of the application/projectgroupId
- the Maven groupIdartifactId
- the Maven artifactIdversion
- the Maven versionoutputDir
- the path to the output directory (can include the full
file name if the format is not ALL)format
- the report format (see ReportGenerator.Format
)exceptions
- a collection of exceptions that may have occurred
during the analysisReportException
- thrown if there is an error generating the reportCopyright© 2012-21 Jeremy Long. All Rights Reserved.