Package org.owasp.dependencycheck.analyzer

Class CocoaPodsAnalyzer

  • All Implemented Interfaces:
    java.io.FileFilter, Analyzer, FileTypeAnalyzer
    @ThreadSafe
public class CocoaPodsAnalyzer
extends AbstractFileTypeAnalyzer
    This analyzer is used to analyze SWIFT and Objective-C packages by collecting information from .podspec files. CocoaPods dependency manager see https://cocoapods.org/.
    Author:
    Bianca Jiang (https://twitter.com/biancajiang)

    • Field Detail

      • DEPENDENCY_ECOSYSTEM

        public static final java.lang.String DEPENDENCY_ECOSYSTEM
        A descriptor for the type of dependencies processed or added by this analyzer.
        See Also:
        Constant Field Values

      • PODSPEC

        public static final java.lang.String PODSPEC
        The file name to scan.
        See Also:
        Constant Field Values

      • PODFILE_LOCK

        public static final java.lang.String PODFILE_LOCK
        The file name to scan.
        See Also:
        Constant Field Values

    • Constructor Detail

      • CocoaPodsAnalyzer

        public CocoaPodsAnalyzer()

    • Method Detail

      • getName

        public java.lang.String getName()
        Returns the name of the analyzer.
        Returns:
        the name of the analyzer.

      • getAnalysisPhase

        public AnalysisPhase getAnalysisPhase()
        Returns the phase that the analyzer is intended to run in.
        Returns:
        the phase that the analyzer is intended to run in.

      • getAnalyzerEnabledSettingKey

        protected java.lang.String getAnalyzerEnabledSettingKey()
        Returns the key used in the properties file to reference the analyzer's enabled property.
        Specified by:
        getAnalyzerEnabledSettingKey in class AbstractAnalyzer
        Returns:
        the analyzer's enabled property setting key

      • analyzeDependency

        protected void analyzeDependency​(Dependency dependency,
                                 Engine engine)
                          throws AnalysisException
        Description copied from class: AbstractAnalyzer
        Analyzes a given dependency. If the dependency is an archive, such as a WAR or EAR, the contents are extracted, scanned, and added to the list of dependencies within the engine.
        Specified by:
        analyzeDependency in class AbstractAnalyzer
        Parameters:
        dependency - the dependency to analyze
        engine - the engine scanning
        Throws:
        AnalysisException - thrown if there is an analysis exception