Package org.owasp.dependencycheck.xml.suppression

Class SuppressionRule

  • @NotThreadSafe
public class SuppressionRule
extends java.lang.Object
    Author:
    Jeremy Long

    • Constructor Summary

      Constructors 
      Constructor Description
      SuppressionRule()  

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      void addCpe​(PropertyType cpe)
      Adds the CPE to the CPE list.
      void addCve​(java.lang.String cve)
      Adds the CVE to the CVE list.
      void addCvssBelow​(java.lang.Double cvss)
      Adds the CVSS to the cvssBelow list.
      void addCwe​(java.lang.String cwe)
      Adds the CWE to the CWE list.
      void addVulnerabilityName​(PropertyType name)
      Adds the CPE to the CPE list.
      protected boolean cpeHasNoVersion​(PropertyType c)
      Identifies if the cpe specified by the cpe suppression rule does not specify a version.
      java.util.List<PropertyType> getCpe()
      Get the value of CPE.
      java.util.List<java.lang.String> getCve()
      Get the value of CVE.
      java.util.List<java.lang.Double> getCvssBelow()
      Get the value of cvssBelow.
      java.util.List<java.lang.String> getCwe()
      Get the value of CWE.
      PropertyType getFilePath()
      Get the value of filePath.
      PropertyType getGav()
      Get the value of Maven GAV.
      java.lang.String getNotes()
      Get the value of notes.
      java.lang.String getSha1()
      Get the value of sha1.
      java.util.Calendar getUntil()
      Get the (@code{nullable}) value of until.
      boolean hasCpe()
      Returns whether or not this suppression rule as CPE entries.
      boolean hasCve()
      Returns whether this suppression rule has CVE entries.
      boolean hasCvssBelow()
      Returns whether or not this suppression rule has CVSS suppression criteria.
      boolean hasCwe()
      Returns whether this suppression rule has CWE entries.
      boolean hasGav()
      Returns whether or not this suppression rule as GAV entries.
      boolean hasNotes()
      Returns whether this suppression rule has notes entries.
      boolean hasPackageUrl()
      Returns whether or not this suppression rule as packageUrl entries.
      boolean hasVulnerabilityName()
      Returns whether this suppression rule has vulnerabilityName entries.
      protected boolean identifierMatches​(PropertyType suppressionEntry, Identifier identifier)
      Determines if the cpeEntry specified as a PropertyType matches the given Identifier.
      boolean isBase()
      Get the value of base.
      boolean isMatched()
      Get the value of matched.
      void process​(Dependency dependency)
      Processes a given dependency to determine if any CPE, CVE, CWE, or CVSS scores should be suppressed.
      protected boolean purlMatches​(PropertyType suppressionEntry, Identifier identifier)
      Determines if the cpeEntry specified as a PropertyType matches the given Identifier.
      void setBase​(boolean base)
      Set the value of base.
      void setCpe​(java.util.List<PropertyType> cpe)
      Set the value of CPE.
      void setCve​(java.util.List<java.lang.String> cve)
      Set the value of CVE.
      void setCvssBelow​(java.util.List<java.lang.Double> cvssBelow)
      Set the value of cvssBelow.
      void setCwe​(java.util.List<java.lang.String> cwe)
      Set the value of CWE.
      void setFilePath​(PropertyType filePath)
      Set the value of filePath.
      void setGav​(PropertyType gav)
      Set the value of Maven GAV.
      void setMatched​(boolean matched)
      Set the value of matched.
      void setNotes​(java.lang.String notes)
      Set the value of notes.
      void setPackageUrl​(PropertyType purl)
      Set the value of Package URL.
      void setSha1​(java.lang.String sha1)
      Set the value of SHA1.
      void setUntil​(java.util.Calendar until)
      Set the value of until.
      java.lang.String toString()
      Standard toString implementation.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

    • Constructor Detail

      • SuppressionRule

        public SuppressionRule()

    • Method Detail

      • isMatched

        public boolean isMatched()
        Get the value of matched.
        Returns:
        the value of matched

      • setMatched

        public void setMatched​(boolean matched)
        Set the value of matched.
        Parameters:
        matched - new value of matched

      • getUntil

        public java.util.Calendar getUntil()
        Get the (@code{nullable}) value of until.
        Returns:
        the value of until

      • setUntil

        public void setUntil​(java.util.Calendar until)
        Set the value of until.
        Parameters:
        until - new value of until

      • getFilePath

        public PropertyType getFilePath()
        Get the value of filePath.
        Returns:
        the value of filePath

      • setFilePath

        public void setFilePath​(PropertyType filePath)
        Set the value of filePath.
        Parameters:
        filePath - new value of filePath

      • getSha1

        public java.lang.String getSha1()
        Get the value of sha1.
        Returns:
        the value of sha1

      • setSha1

        public void setSha1​(java.lang.String sha1)
        Set the value of SHA1.
        Parameters:
        sha1 - new value of SHA1

      • getCpe

        public java.util.List<PropertyType> getCpe()
        Get the value of CPE.
        Returns:
        the value of CPE

      • setCpe

        public void setCpe​(java.util.List<PropertyType> cpe)
        Set the value of CPE.
        Parameters:
        cpe - new value of CPE

      • addCpe

        public void addCpe​(PropertyType cpe)
        Adds the CPE to the CPE list.
        Parameters:
        cpe - the CPE to add

      • addVulnerabilityName

        public void addVulnerabilityName​(PropertyType name)
        Adds the CPE to the CPE list.
        Parameters:
        name - the vulnerability name to add

      • hasCpe

        public boolean hasCpe()
        Returns whether or not this suppression rule as CPE entries.
        Returns:
        whether or not this suppression rule as CPE entries

      • getCvssBelow

        public java.util.List<java.lang.Double> getCvssBelow()
        Get the value of cvssBelow.
        Returns:
        the value of cvssBelow

      • setCvssBelow

        public void setCvssBelow​(java.util.List<java.lang.Double> cvssBelow)
        Set the value of cvssBelow.
        Parameters:
        cvssBelow - new value of cvssBelow

      • addCvssBelow

        public void addCvssBelow​(java.lang.Double cvss)
        Adds the CVSS to the cvssBelow list.
        Parameters:
        cvss - the CVSS to add

      • hasCvssBelow

        public boolean hasCvssBelow()
        Returns whether or not this suppression rule has CVSS suppression criteria.
        Returns:
        whether or not this suppression rule has CVSS suppression criteria.

      • getNotes

        public java.lang.String getNotes()
        Get the value of notes.
        Returns:
        the value of notes

      • setNotes

        public void setNotes​(java.lang.String notes)
        Set the value of notes.
        Parameters:
        notes - new value of notes

      • hasNotes

        public boolean hasNotes()
        Returns whether this suppression rule has notes entries.
        Returns:
        whether this suppression rule has notes entries

      • getCwe

        public java.util.List<java.lang.String> getCwe()
        Get the value of CWE.
        Returns:
        the value of CWE

      • setCwe

        public void setCwe​(java.util.List<java.lang.String> cwe)
        Set the value of CWE.
        Parameters:
        cwe - new value of CWE

      • addCwe

        public void addCwe​(java.lang.String cwe)
        Adds the CWE to the CWE list.
        Parameters:
        cwe - the CWE to add

      • hasCwe

        public boolean hasCwe()
        Returns whether this suppression rule has CWE entries.
        Returns:
        whether this suppression rule has CWE entries

      • getCve

        public java.util.List<java.lang.String> getCve()
        Get the value of CVE.
        Returns:
        the value of CVE

      • setCve

        public void setCve​(java.util.List<java.lang.String> cve)
        Set the value of CVE.
        Parameters:
        cve - new value of CVE

      • addCve

        public void addCve​(java.lang.String cve)
        Adds the CVE to the CVE list.
        Parameters:
        cve - the CVE to add

      • hasCve

        public boolean hasCve()
        Returns whether this suppression rule has CVE entries.
        Returns:
        whether this suppression rule has CVE entries

      • hasVulnerabilityName

        public boolean hasVulnerabilityName()
        Returns whether this suppression rule has vulnerabilityName entries.
        Returns:
        whether this suppression rule has vulnerabilityName entries

      • getGav

        public PropertyType getGav()
        Get the value of Maven GAV.
        Returns:
        the value of GAV

      • setGav

        public void setGav​(PropertyType gav)
        Set the value of Maven GAV.
        Parameters:
        gav - new value of Maven GAV

      • hasGav

        public boolean hasGav()
        Returns whether or not this suppression rule as GAV entries.
        Returns:
        whether or not this suppression rule as GAV entries

      • setPackageUrl

        public void setPackageUrl​(PropertyType purl)
        Set the value of Package URL.
        Parameters:
        purl - new value of package URL

      • hasPackageUrl

        public boolean hasPackageUrl()
        Returns whether or not this suppression rule as packageUrl entries.
        Returns:
        whether or not this suppression rule as packageUrl entries

      • isBase

        public boolean isBase()
        Get the value of base.
        Returns:
        the value of base

      • setBase

        public void setBase​(boolean base)
        Set the value of base.
        Parameters:
        base - new value of base

      • process

        public void process​(Dependency dependency)
        Processes a given dependency to determine if any CPE, CVE, CWE, or CVSS scores should be suppressed. If any should be, they are removed from the dependency.
        Parameters:
        dependency - a project dependency to analyze

      • cpeHasNoVersion

        protected boolean cpeHasNoVersion​(PropertyType c)
        Identifies if the cpe specified by the cpe suppression rule does not specify a version.
        Parameters:
        c - a suppression rule identifier
        Returns:
        true if the property type does not specify a version; otherwise false

      • purlMatches

        protected boolean purlMatches​(PropertyType suppressionEntry,
                              Identifier identifier)
        Determines if the cpeEntry specified as a PropertyType matches the given Identifier.
        Parameters:
        suppressionEntry - a suppression rule entry
        identifier - a CPE identifier to check
        Returns:
        true if the entry matches; otherwise false

      • identifierMatches

        protected boolean identifierMatches​(PropertyType suppressionEntry,
                                    Identifier identifier)
        Determines if the cpeEntry specified as a PropertyType matches the given Identifier.
        Parameters:
        suppressionEntry - a suppression rule entry
        identifier - a CPE identifier to check
        Returns:
        true if the entry matches; otherwise false

      • toString

        public java.lang.String toString()
        Standard toString implementation.
        Overrides:
        toString in class java.lang.Object
        Returns:
        a string representation of this object