public class CMakeAnalyzer extends AbstractFileTypeAnalyzer
Used to analyze CMake build files, and collect information that can be used to determine the associated CPE.
Note: This analyzer catches straightforward invocations of the project command, plus some other observed patterns of version inclusion in real CMake projects. Many projects make use of older versions of CMake and/or use custom "homebrew" ways to insert version information. Hopefully as the newer CMake call pattern grows in usage, this analyzer allow more CPEs to be identified.
Modifier and Type | Field and Description |
---|---|
static java.lang.String |
DEPENDENCY_ECOSYSTEM
A descriptor for the type of dependencies processed or added by this
analyzer.
|
Constructor and Description |
---|
CMakeAnalyzer() |
Modifier and Type | Method and Description |
---|---|
protected void |
analyzeDependency(Dependency dependency,
Engine engine)
Analyzes python packages and adds evidence to the dependency.
|
AnalysisPhase |
getAnalysisPhase()
Tell that we are used for information collection.
|
protected java.lang.String |
getAnalyzerEnabledSettingKey()
Returns the setting key to determine if the analyzer is enabled.
|
protected java.io.FileFilter |
getFileFilter()
Returns the set of supported file extensions.
|
java.lang.String |
getName()
Returns the name of the CMake analyzer.
|
protected void |
prepareFileTypeAnalyzer(Engine engine)
Initializes the analyzer.
|
accept, getFilesMatched, newHashSet, prepareAnalyzer, setFilesMatched
analyze, close, closeAnalyzer, getSettings, initialize, isEnabled, prepare, setEnabled, supportsParallelProcessing
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
analyze, close, initialize, isEnabled, prepare, supportsParallelProcessing
public static final java.lang.String DEPENDENCY_ECOSYSTEM
public java.lang.String getName()
public AnalysisPhase getAnalysisPhase()
protected java.io.FileFilter getFileFilter()
getFileFilter
in class AbstractFileTypeAnalyzer
protected void prepareFileTypeAnalyzer(Engine engine) throws InitializationException
prepareFileTypeAnalyzer
in class AbstractFileTypeAnalyzer
engine
- a reference to the dependency-check engineInitializationException
- thrown if an exception occurs getting an
instance of SHA1protected void analyzeDependency(Dependency dependency, Engine engine) throws AnalysisException
analyzeDependency
in class AbstractAnalyzer
dependency
- the dependency being analyzedengine
- the engine being used to perform the scanAnalysisException
- thrown if there is an unrecoverable error
analyzing the dependencyprotected java.lang.String getAnalyzerEnabledSettingKey()
AbstractAnalyzer
Returns the setting key to determine if the analyzer is enabled.
getAnalyzerEnabledSettingKey
in class AbstractAnalyzer
Copyright© 2012-21 Jeremy Long. All Rights Reserved.