@ThreadSafe
public class Dependency
extends java.lang.Object
implements java.io.Serializable
Modifier and Type | Field and Description |
---|---|
static java.util.Comparator<Dependency> |
NAME_COMPARATOR
Simple sorting by display file name and actual file path.
|
Constructor and Description |
---|
Dependency()
Constructs a new Dependency object.
|
Dependency(boolean isVirtual)
Constructs a new Dependency object.
|
Dependency(java.io.File file)
Constructs a new Dependency object.
|
Dependency(java.io.File file,
boolean isVirtual)
Constructs a new Dependency object.
|
Modifier and Type | Method and Description |
---|---|
void |
addAllIncludedBy(java.util.Set<IncludedByReference> includedBy)
Adds a set of project references.
|
void |
addAllProjectReferences(java.util.Set<java.lang.String> projectReferences)
Add a collection of project reference.
|
void |
addAsEvidence(java.lang.String source,
MavenArtifact mavenArtifact,
Confidence confidence)
Adds the Maven artifact as evidence.
|
void |
addAvailableVersion(java.lang.String version)
Adds a version to the available version list.
|
void |
addEvidence(EvidenceType type,
Evidence e)
Adds evidence to the collection.
|
void |
addEvidence(EvidenceType type,
java.lang.String source,
java.lang.String name,
java.lang.String value,
Confidence confidence)
Creates an Evidence object from the parameters and adds the resulting
object to the evidence collection.
|
void |
addIncludedBy(java.lang.String includedBy)
Adds the parent or root of the transitive dependency chain (i.e., this
was included by the parent dependency X).
|
void |
addIncludedBy(java.lang.String includedBy,
java.lang.String type)
Adds the parent or root of the transitive dependency chain (i.e., this
was included by the parent dependency X).
|
void |
addProductWeighting(java.lang.String str)
Adds term to the product weighting collection.
|
void |
addProjectReference(java.lang.String projectReference)
Adds a project reference.
|
void |
addRelatedDependency(Dependency dependency)
Adds a related dependency.
|
void |
addSoftwareIdentifier(Identifier identifier)
Adds an entry to the list of detected Identifiers for the dependency
file.
|
protected void |
addSoftwareIdentifiers(java.util.Set<Identifier> identifiers)
Adds a set of Identifiers to the current list of software identifiers.
|
void |
addSuppressedIdentifier(Identifier identifier)
Adds an identifier to the list of suppressed identifiers.
|
void |
addSuppressedVulnerabilities(java.util.List<Vulnerability> vulns)
Add a list of suppressed vulnerabilities to the collection.
|
void |
addSuppressedVulnerability(Vulnerability vulnerability)
Adds a vulnerability to the set of suppressed vulnerabilities.
|
void |
addVendorWeighting(java.lang.String str)
Adds term to the vendor weighting collection.
|
void |
addVulnerabilities(java.util.List<Vulnerability> vulnerabilities)
Adds a list of vulnerabilities to the dependency.
|
void |
addVulnerability(Vulnerability vulnerability)
Adds a vulnerability to the dependency.
|
void |
addVulnerableSoftwareIdentifier(Identifier identifier)
Adds an entry to the list of detected vulnerable software identifiers for
the dependency file.
|
protected void |
addVulnerableSoftwareIdentifiers(java.util.Set<Identifier> identifiers)
Adds a set of Identifiers to the current list of vulnerable software
identifiers.
|
void |
clearRelatedDependencies()
Clears the
relatedDependencies . |
boolean |
contains(EvidenceType type,
Confidence confidence)
Returns whether or not the collection contains evidence of a specified
type and confidence.
|
boolean |
contains(EvidenceType type,
Evidence e)
Tests if the evidence collection contains the given evidence.
|
boolean |
equals(java.lang.Object obj)
Implementation of the equals method.
|
java.io.File |
getActualFile()
Gets a reference to the File object.
|
java.lang.String |
getActualFilePath()
Gets the file path of the dependency.
|
java.util.List<java.lang.String> |
getAvailableVersions()
Get the value of availableVersions.
|
java.lang.String |
getDescription()
Get the value of description.
|
java.lang.String |
getDisplayFileName()
Returns the file name to display in reports; if no display file name has
been set it will default to constructing a name based on the name and
version fields, otherwise it will return the actual file name.
|
java.lang.String |
getEcosystem() |
java.util.Set<Evidence> |
getEvidence()
Returns the unmodifiable set of evidence.
|
java.util.Set<Evidence> |
getEvidence(EvidenceType type)
Returns the unmodifiable set of evidence of the given type.
|
java.lang.String |
getFileName()
Returns the file name of the dependency.
|
java.lang.String |
getFilePath()
Gets the file path of the dependency.
|
java.util.Set<IncludedByReference> |
getIncludedBy()
Get the unmodifiable set of includedBy (the list of parents of this
transitive dependency).
|
java.lang.Iterable<Evidence> |
getIterator(EvidenceType type,
Confidence confidence)
Used to iterate over evidence of the specified type and confidence.
|
java.lang.String |
getLicense()
Get the value of license.
|
java.lang.String |
getMd5sum()
Returns the MD5 Checksum of the dependency file.
|
java.lang.String |
getName() |
java.lang.String |
getPackagePath()
Returns the package path.
|
java.util.Set<java.lang.String> |
getProductWeightings()
Returns an unmodifiable set of product Weightings - a list of terms that
are believed to be of higher confidence when also found in another
location.
|
java.util.Set<java.lang.String> |
getProjectReferences()
Get the unmodifiable set of projectReferences.
|
java.util.Set<Dependency> |
getRelatedDependencies()
Get the unmodifiable set of
relatedDependencies . |
java.lang.String |
getSha1sum()
Returns the SHA1 Checksum of the dependency.
|
java.lang.String |
getSha256sum()
Returns the SHA256 Checksum of the dependency.
|
java.util.Set<Identifier> |
getSoftwareIdentifiers()
Returns an unmodifiable set of software identifiers.
|
java.util.Set<Identifier> |
getSuppressedIdentifiers()
Get the unmodifiable set of suppressedIdentifiers.
|
java.util.Set<Vulnerability> |
getSuppressedVulnerabilities()
Get an unmodifiable set of suppressedVulnerabilities.
|
java.util.Set<Vulnerability> |
getSuppressedVulnerabilities(boolean sorted)
Get an unmodifiable, optionally sorted.
|
java.util.Set<java.lang.String> |
getVendorWeightings()
Returns an unmodifiable set of vendor Weightings - a list of terms that
are believed to be of higher confidence when also found in another
location.
|
java.lang.String |
getVersion() |
java.util.Set<Vulnerability> |
getVulnerabilities()
Get the unmodifiable sorted set of vulnerabilities.
|
java.util.Set<Vulnerability> |
getVulnerabilities(boolean sorted)
Get the unmodifiable list of vulnerabilities; optionally sorted.
|
int |
getVulnerabilitiesCount()
Get vulnerability count.
|
java.util.Set<Identifier> |
getVulnerableSoftwareIdentifiers()
Returns an unmodifiable set of vulnerability identifiers.
|
int |
getVulnerableSoftwareIdentifiersCount()
Returns the count of vulnerability identifiers.
|
int |
hashCode()
Generates the HashCode.
|
boolean |
hasKnownExploitedVulnerability()
Returns true if the dependency has a known exploited vulnerability.
|
boolean |
isVirtual()
Returns whether or not this dependency is virtual or not.
|
void |
removeEvidence(EvidenceType type,
Evidence e)
Removes evidence from the collection.
|
void |
removeRelatedDependencies(Dependency dependency)
Removes a related dependency.
|
void |
removeVulnerability(Vulnerability v)
Removes the given vulnerability from the list.
|
void |
removeVulnerableSoftwareIdentifier(Identifier i)
Removes a vulnerable software identifier from the set of identifiers.
|
void |
setActualFilePath(java.lang.String actualFilePath)
Sets the actual file path of the dependency on disk.
|
void |
setDescription(java.lang.String description)
Set the value of description.
|
void |
setDisplayFileName(java.lang.String displayName)
Sets the file name to display in reports.
|
void |
setEcosystem(java.lang.String ecosystem) |
void |
setFileName(java.lang.String fileName)
Sets the file name of the dependency.
|
void |
setFilePath(java.lang.String filePath)
Sets the file path of the dependency.
|
void |
setLicense(java.lang.String license)
Set the value of license.
|
void |
setMd5sum(java.lang.String md5sum)
Sets the MD5 Checksum of the dependency.
|
void |
setName(java.lang.String name) |
void |
setPackagePath(java.lang.String packagePath)
Sets the package path.
|
void |
setSha1sum(java.lang.String sha1sum)
Sets the SHA1 Checksum of the dependency.
|
void |
setSha256sum(java.lang.String sha256sum) |
void |
setVersion(java.lang.String version) |
int |
size()
Returns the number of elements in the EvidenceCollection.
|
java.lang.String |
toString()
Standard toString() implementation showing the filename, actualFilePath,
and filePath.
|
public static final java.util.Comparator<Dependency> NAME_COMPARATOR
public Dependency()
public Dependency(java.io.File file)
file
- the File to create the dependency object from.public Dependency(java.io.File file, boolean isVirtual)
file
- the File to create the dependency object from.isVirtual
- specifies if the dependency is virtual indicating the
file doesn't actually exist.public Dependency(boolean isVirtual)
isVirtual
- specifies if the dependency is virtual indicating the
file doesn't actually exist.public java.lang.String getPackagePath()
public void setPackagePath(java.lang.String packagePath)
packagePath
- the package pathpublic java.lang.String getFileName()
public void setFileName(java.lang.String fileName)
fileName
- the file name of the dependencypublic java.lang.String getActualFilePath()
public void setActualFilePath(java.lang.String actualFilePath)
actualFilePath
- the file path of the dependencypublic java.io.File getActualFile()
public java.lang.String getDisplayFileName()
public void setDisplayFileName(java.lang.String displayName)
displayName
- the name to displaypublic java.lang.String getFilePath()
Gets the file path of the dependency.
NOTE: This may not be the actual path of the file on disk. The actual path of the file on disk can be obtained via the getActualFilePath().
public void setFilePath(java.lang.String filePath)
filePath
- the file path of the dependencypublic java.lang.String getMd5sum()
public void setMd5sum(java.lang.String md5sum)
md5sum
- the MD5 Checksumpublic java.lang.String getSha1sum()
public void setSha1sum(java.lang.String sha1sum)
sha1sum
- the SHA1 Checksumpublic java.lang.String getSha256sum()
public void setSha256sum(java.lang.String sha256sum)
public java.util.Set<Identifier> getSoftwareIdentifiers()
public java.util.Set<Identifier> getVulnerableSoftwareIdentifiers()
public int getVulnerableSoftwareIdentifiersCount()
public boolean hasKnownExploitedVulnerability()
protected void addSoftwareIdentifiers(java.util.Set<Identifier> identifiers)
identifiers
- A set of Identifiersprotected void addVulnerableSoftwareIdentifiers(java.util.Set<Identifier> identifiers)
identifiers
- A set of Identifierspublic void addSoftwareIdentifier(Identifier identifier)
identifier
- a reference to the identifier to addpublic void addVulnerableSoftwareIdentifier(Identifier identifier)
identifier
- a reference to the identifier to addpublic void removeVulnerableSoftwareIdentifier(Identifier i)
i
- the identifier to removepublic void addAsEvidence(java.lang.String source, MavenArtifact mavenArtifact, Confidence confidence)
source
- The source of the evidencemavenArtifact
- The Maven artifactconfidence
- The confidence level of this evidencepublic java.util.Set<Identifier> getSuppressedIdentifiers()
public void addSuppressedIdentifier(Identifier identifier)
identifier
- an identifier that was suppressed.public java.util.Set<Vulnerability> getVulnerabilities()
public java.util.Set<Vulnerability> getVulnerabilities(boolean sorted)
sorted
- if true the list will be sortedpublic int getVulnerabilitiesCount()
public java.util.Set<Vulnerability> getSuppressedVulnerabilities()
public java.util.Set<Vulnerability> getSuppressedVulnerabilities(boolean sorted)
sorted
- whether or not the set is sortedpublic void addSuppressedVulnerability(Vulnerability vulnerability)
vulnerability
- the vulnerability that was suppressedpublic java.lang.String getDescription()
public void setDescription(java.lang.String description)
description
- new value of descriptionpublic java.lang.String getLicense()
public void setLicense(java.lang.String license)
license
- new value of licensepublic java.lang.String getName()
public void setName(java.lang.String name)
name
- the name to setpublic void addVulnerability(Vulnerability vulnerability)
vulnerability
- a vulnerabilitypublic void addVulnerabilities(java.util.List<Vulnerability> vulnerabilities)
vulnerabilities
- a list of vulnerabilitiespublic void removeVulnerability(Vulnerability v)
v
- the vulnerability to removepublic java.util.Set<Dependency> getRelatedDependencies()
relatedDependencies
. This field is
used to collect other dependencies which really represent the same
dependency, and may be presented as one item in reports.public void clearRelatedDependencies()
relatedDependencies
.public java.util.Set<IncludedByReference> getIncludedBy()
public void addIncludedBy(java.lang.String includedBy)
includedBy
- a project referencepublic void addIncludedBy(java.lang.String includedBy, java.lang.String type)
includedBy
- a project referencetype
- the type of project reference (i.e. 'plugins', 'buildEnv')public void addAllIncludedBy(java.util.Set<IncludedByReference> includedBy)
includedBy
- a set of project referencespublic java.util.Set<java.lang.String> getProjectReferences()
public void addProjectReference(java.lang.String projectReference)
projectReference
- a project referencepublic void addAllProjectReferences(java.util.Set<java.lang.String> projectReferences)
projectReferences
- a set of project referencespublic void addRelatedDependency(Dependency dependency)
dependency
- a reference to the related dependencypublic void removeRelatedDependencies(Dependency dependency)
dependency
- the dependency to removepublic java.util.List<java.lang.String> getAvailableVersions()
public void addAvailableVersion(java.lang.String version)
version
- the version to add to the listpublic boolean isVirtual()
public boolean equals(java.lang.Object obj)
obj
- the object to comparepublic int hashCode()
public java.lang.String toString()
public void addSuppressedVulnerabilities(java.util.List<Vulnerability> vulns)
vulns
- the list of suppressed vulnerabilities to addpublic java.lang.String getVersion()
public void setVersion(java.lang.String version)
version
- the version to setpublic java.lang.String getEcosystem()
public void setEcosystem(java.lang.String ecosystem)
ecosystem
- the ecosystem to setpublic java.lang.Iterable<Evidence> getIterator(EvidenceType type, Confidence confidence)
type
- the evidence type to iterate overconfidence
- the confidence level for the evidence to be iterated
over.public void addEvidence(EvidenceType type, Evidence e)
type
- the type of evidence (vendor, product, version)e
- Evidencepublic void removeEvidence(EvidenceType type, Evidence e)
type
- the type of evidence (vendor, product, version)e
- Evidence.public void addEvidence(EvidenceType type, java.lang.String source, java.lang.String name, java.lang.String value, Confidence confidence)
type
- the type of evidence (vendor, product, version)source
- the source of the Evidence.name
- the name of the Evidence.value
- the value of the Evidence.confidence
- the confidence of the Evidence.public void addVendorWeighting(java.lang.String str)
str
- to add to the weighting collection.public void addProductWeighting(java.lang.String str)
str
- to add to the weighting collection.public java.util.Set<java.lang.String> getVendorWeightings()
public java.util.Set<java.lang.String> getProductWeightings()
public java.util.Set<Evidence> getEvidence(EvidenceType type)
type
- the type of evidence (vendor, product, version)public java.util.Set<Evidence> getEvidence()
public boolean contains(EvidenceType type, Evidence e)
type
- the type of evidence (vendor, product, version)e
- the evidence to searchpublic boolean contains(EvidenceType type, Confidence confidence)
type
- the type of evidence (vendor, product, version)confidence
- A Confidence value.public int size()
Copyright© 2012-21 Jeremy Long. All Rights Reserved.