Package org.owasp.dependencycheck.analyzer

Class VulnerabilitySuppressionAnalyzer

  • All Implemented Interfaces:
    Analyzer
    @ThreadSafe
public class VulnerabilitySuppressionAnalyzer
extends AbstractSuppressionAnalyzer
    The suppression analyzer processes an externally defined XML document that complies with the suppressions.xsd schema. Any identified Vulnerability entries within the dependencies that match will be removed.
    Author:
    Jeremy Long

    • Constructor Detail

      • VulnerabilitySuppressionAnalyzer

        public VulnerabilitySuppressionAnalyzer()

    • Method Detail

      • getName

        public java.lang.String getName()
        Returns the name of the analyzer.
        Returns:
        the name of the analyzer.

      • getAnalysisPhase

        public AnalysisPhase getAnalysisPhase()
        Returns the phase that the analyzer is intended to run in.
        Returns:
        the phase that the analyzer is intended to run in.

      • getAnalyzerEnabledSettingKey

        protected java.lang.String getAnalyzerEnabledSettingKey()

        Returns the setting key to determine if the analyzer is enabled.

        Specified by:
        getAnalyzerEnabledSettingKey in class AbstractAnalyzer
        Returns:
        the key for the analyzer's enabled property

      • analyzeDependency

        protected void analyzeDependency​(Dependency dependency,
                                 Engine engine)
                          throws AnalysisException
        Description copied from class: AbstractAnalyzer
        Analyzes a given dependency. If the dependency is an archive, such as a WAR or EAR, the contents are extracted, scanned, and added to the list of dependencies within the engine.
        Overrides:
        analyzeDependency in class AbstractSuppressionAnalyzer
        Parameters:
        dependency - the dependency to analyze
        engine - the engine scanning
        Throws:
        AnalysisException - thrown if there is an analysis exception