Uses of Interface
org.owasp.dependencycheck.analyzer.Analyzer

Packages that use Analyzer

Package	Description
org.owasp.dependencycheck	Includes the main entry point for dependency-check.
org.owasp.dependencycheck.analyzer	Analyzers are used to inspect the identified dependencies, collect Evidence, and process the dependencies.

Uses of Analyzer in org.owasp.dependencycheck

Methods in org.owasp.dependencycheck that return types with arguments of type Analyzer

Modifier and Type	Method	Description
@NotNull java.util.List<Analyzer>	Engine.getAnalyzers()	Returns a full list of all of the analyzers.
java.util.List<Analyzer>	Engine.getAnalyzers(AnalysisPhase phase)	Get the List of the analyzers for a specific phase of analysis.

Methods in org.owasp.dependencycheck with parameters of type Analyzer

Modifier and Type	Method	Description
protected void	Engine.closeAnalyzer(@NotNull Analyzer analyzer)	Closes the given analyzer.
protected void	Engine.executeAnalysisTasks(@NotNull Analyzer analyzer, java.util.List<java.lang.Throwable> exceptions)	Executes executes the analyzer using multiple threads.
protected java.util.List<AnalysisTask>	Engine.getAnalysisTasks(Analyzer analyzer, java.util.List<java.lang.Throwable> exceptions)	Returns the analysis tasks for the dependencies.
protected java.util.concurrent.ExecutorService	Engine.getExecutorService(Analyzer analyzer)	Returns the executor service for a given analyzer.
protected void	Engine.initializeAnalyzer(@NotNull Analyzer analyzer)	Initializes the given analyzer.

Constructors in org.owasp.dependencycheck with parameters of type Analyzer

Constructor	Description
AnalysisTask(Analyzer analyzer, Dependency dependency, Engine engine, java.util.List<java.lang.Throwable> exceptions)	Creates a new analysis task.

Uses of Analyzer in org.owasp.dependencycheck.analyzer

Subinterfaces of Analyzer in org.owasp.dependencycheck.analyzer

Modifier and Type	Interface	Description
interface	FileTypeAnalyzer	An Analyzer that scans specific file types.

Classes in org.owasp.dependencycheck.analyzer that implement Analyzer

Modifier and Type	Class	Description
class	AbstractAnalyzer	Base class for analyzers to avoid code duplication of prepare and close as most analyzers do not need these methods.
class	AbstractDependencyComparingAnalyzer	This analyzer ensures dependencies that should be grouped together, to remove excess noise from the report, are grouped.
class	AbstractFileTypeAnalyzer	The base FileTypeAnalyzer that all analyzers that have specific file types they analyze should extend.
class	AbstractNpmAnalyzer	An abstract NPM analyzer that contains common methods for concrete implementations.
class	AbstractSuppressionAnalyzer	Abstract base suppression analyzer that contains methods for parsing the suppression XML file.
class	ArchiveAnalyzer	An analyzer that extracts files from archives and ensures any supported files contained within the archive are added to the dependency list.
class	ArtifactoryAnalyzer	Analyzer which will attempt to locate a dependency, and the GAV information, by querying Artifactory for the dependency's hashes digest.
class	AssemblyAnalyzer	Analyzer for getting company, product, and version information from a .NET assembly.
class	AutoconfAnalyzer	Used to analyze Autoconf input files named configure.ac or configure.in.
class	CarthageAnalyzer	This analyzer is used to analyze SWIFT and Objective-C packages by collecting information from Cartfile files.
class	CentralAnalyzer	Analyzer which will attempt to locate a dependency, and the GAV information, by querying Central for the dependency's SHA-1 digest.
class	CMakeAnalyzer	Used to analyze CMake build files, and collect information that can be used to determine the associated CPE.
class	CocoaPodsAnalyzer	This analyzer is used to analyze SWIFT and Objective-C packages by collecting information from .podspec files.
class	ComposerLockAnalyzer	Used to analyze a composer.lock file for a composer PHP app.
class	CPEAnalyzer	CPEAnalyzer is a utility class that takes a project dependency and attempts to discern if there is an associated CPE.
class	CpeSuppressionAnalyzer	This is no longer used as a standalone analyzer; rather this is called by the CPE Analyzer directly.
class	DartAnalyzer	This analyzer is used to analyze Dart packages by collecting information from pubspec lock and yaml files.
class	DependencyBundlingAnalyzer	This analyzer ensures dependencies that should be grouped together, to remove excess noise from the report, are grouped.
class	DependencyMergingAnalyzer	This analyzer will merge dependencies, created from different source, into a single dependency.
class	ElixirMixAuditAnalyzer
class	FalsePositiveAnalyzer	This analyzer attempts to remove some well known false positives - specifically regarding the java runtime.
class	FileNameAnalyzer	Takes a dependency and analyzes the filename and determines the hashes.
class	GolangDepAnalyzer	Go lang dependency analyzer.
class	GolangModAnalyzer	Go mod dependency analyzer.
class	HintAnalyzer	This analyzer adds evidence to dependencies to enhance the accuracy of library identification.
class	JarAnalyzer	Used to load a JAR file and collect information that can be used to determine the associated CPE.
class	KnownExploitedVulnerabilityAnalyzer	This analyzer adds information about known exploited vulnerabilities.
class	LibmanAnalyzer	Analyzer which parses a libman.json file to gather module information.
class	MSBuildProjectAnalyzer	Analyzes MS Project files for dependencies.
class	NexusAnalyzer	Analyzer which will attempt to locate a dependency on a Nexus service by SHA-1 digest of the dependency.
class	NodeAuditAnalyzer	Used to analyze Node Package Manager (npm) package-lock.json and npm-shrinkwrap.json files via NPM Audit API.
class	NodePackageAnalyzer	Used to analyze Node Package Manager (npm) package.json files, and collect information that can be used to determine the associated CPE.
class	NpmCPEAnalyzer	NpmCPEAnalyzer takes a project dependency and attempts to discern if there is an associated CPE.
class	NugetconfAnalyzer	Analyzer which parses a Nuget packages.config file to gather module information.
class	NuspecAnalyzer	Analyzer which will parse a Nuspec file to gather module information.
class	NvdCveAnalyzer	NvdCveAnalyzer is a utility class that takes a project dependency and attempts to discern if there is an associated CVEs.
class	OpenSSLAnalyzer	Used to analyze OpenSSL source code present in the file system.
class	OssIndexAnalyzer	Enrich dependency information from Sonatype OSS index.
class	PEAnalyzer	Takes a dependency and analyze the PE header for meta data that can be used to identify the library.
class	PerlCpanfileAnalyzer	Used to analyze Perl CPAN files.
class	PinnedMavenInstallAnalyzer	Used to analyze Maven pinned dependency files named *install*.json, a Java Maven dependency lockfile like Python's requirements.txt.
class	PipAnalyzer	Used to analyze pip dependency files named requirements.txt.
class	PipfileAnalyzer	Used to analyze dependencies defined in Pipfile.
class	PipfilelockAnalyzer	Used to analyze dependencies defined in Pipfile.lock.
class	PnpmAuditAnalyzer
class	PoetryAnalyzer	Poetry dependency analyzer.
class	PythonDistributionAnalyzer	Used to analyze a Wheel or egg distribution files, or their contents in unzipped form, and collect information that can be used to determine the associated CPE.
class	PythonPackageAnalyzer	Used to analyze a Python package, and collect information that can be used to determine the associated CPE.
class	RetireJsAnalyzer	The RetireJS analyzer uses the manually curated list of vulnerabilities from the RetireJS community along with the necessary information to assist in identifying vulnerable components.
class	RubyBundleAuditAnalyzer	Used to analyze Ruby Bundler Gemspec.lock files utilizing the 3rd party bundle-audit tool.
class	RubyBundlerAnalyzer	This analyzer accepts the fully resolved .gemspec created by the Ruby bundler (http://bundler.io) for better evidence results.
class	RubyGemspecAnalyzer	Used to analyze Ruby Gem specifications and collect information that can be used to determine the associated CPE.
class	SwiftPackageManagerAnalyzer	This analyzer is used to analyze the SWIFT Package Manager (https://swift.org/package-manager/).
class	SwiftPackageResolvedAnalyzer	This analyzer is used to analyze the SWIFT Package Resolved (https://swift.org/package-manager/).
class	UnusedSuppressionRuleAnalyzer	Log the unused suppression rules.
class	VersionFilterAnalyzer	This analyzer attempts to filter out erroneous version numbers collected.
class	VulnerabilitySuppressionAnalyzer	The suppression analyzer processes an externally defined XML document that complies with the suppressions.xsd schema.
class	YarnAuditAnalyzer

Methods in org.owasp.dependencycheck.analyzer that return types with arguments of type Analyzer

Modifier and Type	Method	Description
java.util.List<Analyzer>	AnalyzerService.getAnalyzers()	Returns a list of all instances of the Analyzer interface.
java.util.List<Analyzer>	AnalyzerService.getAnalyzers(java.util.List<AnalysisPhase> phases)	Returns a list of all instances of the Analyzer interface that are bound to one of the given phases.
java.util.List<Analyzer>	AnalyzerService.getAnalyzers(AnalysisPhase... phases)	Returns a list of all instances of the Analyzer interface that are bound to one of the given phases.