Package org.owasp.dependencycheck.analyzer

Class RetireJsAnalyzer

  • All Implemented Interfaces:
    java.io.FileFilter, Analyzer, FileTypeAnalyzer
    @ThreadSafe
public class RetireJsAnalyzer
extends AbstractFileTypeAnalyzer
    The RetireJS analyzer uses the manually curated list of vulnerabilities from the RetireJS community along with the necessary information to assist in identifying vulnerable components. Vulnerabilities documented by the RetireJS community usually originate from other sources such as the NVD, OSVDB, NSP, and various issue trackers.
    Author:
    Steve Springett

    • Field Detail

      • DEPENDENCY_ECOSYSTEM

        public static final java.lang.String DEPENDENCY_ECOSYSTEM
        A descriptor for the type of dependencies processed or added by this analyzer.
        See Also:
        Constant Field Values

    • Constructor Detail

      • RetireJsAnalyzer

        public RetireJsAnalyzer()

    • Method Detail

      • accept

        public boolean accept​(java.io.File pathname)
        Determines if the file can be analyzed by the analyzer.
        Specified by:
        accept in interface java.io.FileFilter
        Overrides:
        accept in class AbstractFileTypeAnalyzer
        Parameters:
        pathname - the path to the file
        Returns:
        true if the file can be analyzed by the given analyzer; otherwise false

      • initialize

        public void initialize​(Settings settings)
        Initializes the analyzer with the configured settings.
        Specified by:
        initialize in interface Analyzer
        Overrides:
        initialize in class AbstractAnalyzer
        Parameters:
        settings - the configured settings to use

      • getName

        public java.lang.String getName()
        Returns the name of the analyzer.
        Returns:
        the name of the analyzer.

      • getAnalysisPhase

        public AnalysisPhase getAnalysisPhase()
        Returns the phase that the analyzer is intended to run in.
        Returns:
        the phase that the analyzer is intended to run in.

      • getAnalyzerEnabledSettingKey

        protected java.lang.String getAnalyzerEnabledSettingKey()
        Returns the key used in the properties file to reference the analyzer's enabled property.
        Specified by:
        getAnalyzerEnabledSettingKey in class AbstractAnalyzer
        Returns:
        the analyzer's enabled property setting key

      • closeAnalyzer

        protected void closeAnalyzer()
                      throws java.lang.Exception
        Description copied from class: AbstractAnalyzer
        Closes a given Analyzer. This will be skipped if the analyzer is disabled.
        Overrides:
        closeAnalyzer in class AbstractAnalyzer
        Throws:
        java.lang.Exception - thrown if there is an exception