Class PipfilelockAnalyzer
- java.lang.Object
-
- org.owasp.dependencycheck.analyzer.AbstractAnalyzer
-
- org.owasp.dependencycheck.analyzer.AbstractFileTypeAnalyzer
-
- org.owasp.dependencycheck.analyzer.PipfilelockAnalyzer
-
- All Implemented Interfaces:
java.io.FileFilter,Analyzer,FileTypeAnalyzer
@ThreadSafe public class PipfilelockAnalyzer extends AbstractFileTypeAnalyzer
Used to analyze dependencies defined in Pipfile.lock. This analyzer works in tandem with the `PipfileAnalyzer` - and both analyzers use the same key to enable/disable the analyzers. The PipfileAnalyzer will be skipped if the lock file exists, as the lock will provide more accurate version numbers.- Author:
- jeremy.long
-
-
Constructor Summary
Constructors Constructor Description PipfilelockAnalyzer()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected voidanalyzeDependency(Dependency dependency, Engine engine)Analyzes a given dependency.AnalysisPhasegetAnalysisPhase()Returns the phase that the analyzer is intended to run in.protected java.lang.StringgetAnalyzerEnabledSettingKey()Returns the key used in the properties file to reference the analyzer's enabled property.protected java.io.FileFiltergetFileFilter()Returns the FileFilterjava.lang.StringgetName()Returns the identifiedPackage of the analyzer.protected voidprepareFileTypeAnalyzer(Engine engine)Initializes the file type analyzer.-
Methods inherited from class org.owasp.dependencycheck.analyzer.AbstractFileTypeAnalyzer
accept, getFilesMatched, newHashSet, prepareAnalyzer, setFilesMatched
-
Methods inherited from class org.owasp.dependencycheck.analyzer.AbstractAnalyzer
analyze, close, closeAnalyzer, getSettings, initialize, isEnabled, prepare, setEnabled, supportsParallelProcessing
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.owasp.dependencycheck.analyzer.Analyzer
analyze, close, initialize, isEnabled, prepare, supportsParallelProcessing
-
-
-
-
Method Detail
-
getFileFilter
protected java.io.FileFilter getFileFilter()
Returns the FileFilter- Specified by:
getFileFilterin classAbstractFileTypeAnalyzer- Returns:
- the FileFilter
-
getName
public java.lang.String getName()
Returns the identifiedPackage of the analyzer.- Returns:
- the identifiedPackage of the analyzer.
-
getAnalysisPhase
public AnalysisPhase getAnalysisPhase()
Returns the phase that the analyzer is intended to run in.- Returns:
- the phase that the analyzer is intended to run in.
-
getAnalyzerEnabledSettingKey
protected java.lang.String getAnalyzerEnabledSettingKey()
Returns the key used in the properties file to reference the analyzer's enabled property.- Specified by:
getAnalyzerEnabledSettingKeyin classAbstractAnalyzer- Returns:
- the analyzer's enabled property setting key
-
analyzeDependency
protected void analyzeDependency(Dependency dependency, Engine engine) throws AnalysisException
Description copied from class:AbstractAnalyzerAnalyzes a given dependency. If the dependency is an archive, such as a WAR or EAR, the contents are extracted, scanned, and added to the list of dependencies within the engine.- Specified by:
analyzeDependencyin classAbstractAnalyzer- Parameters:
dependency- the dependency to analyzeengine- the engine scanning- Throws:
AnalysisException- thrown if there is an analysis exception
-
prepareFileTypeAnalyzer
protected void prepareFileTypeAnalyzer(Engine engine) throws InitializationException
Initializes the file type analyzer.- Specified by:
prepareFileTypeAnalyzerin classAbstractFileTypeAnalyzer- Parameters:
engine- a reference to the dependency-check engine- Throws:
InitializationException- thrown if there is an exception during initialization
-
-