Package org.owasp.dependencycheck.maven

Class AggregateMojo

  • All Implemented Interfaces:
    org.apache.maven.plugin.ContextEnabled, org.apache.maven.plugin.Mojo, org.apache.maven.reporting.MavenReport
    @Mojo(name="aggregate",
      defaultPhase=VERIFY,
      aggregator=true,
      threadSafe=true,
      requiresDependencyResolution=COMPILE_PLUS_RUNTIME,
      requiresOnline=true)
public class AggregateMojo
extends BaseDependencyCheckMojo
    Maven Plugin that checks project dependencies and the dependencies of all child modules to see if they have any known published vulnerabilities.
    Author:
    Jeremy Long

    • Constructor Detail

      • AggregateMojo

        public AggregateMojo()

    • Method Detail

      • scanDependencies

        protected ExceptionCollection scanDependencies​(Engine engine)
                                        throws org.apache.maven.plugin.MojoExecutionException
        Scans the dependencies of the projects in aggregate.
        Specified by:
        scanDependencies in class BaseDependencyCheckMojo
        Parameters:
        engine - the engine used to perform the scanning
        Returns:
        a collection of exceptions
        Throws:
        org.apache.maven.plugin.MojoExecutionException - thrown if a fatal exception occurs

      • scanPlugins

        protected ExceptionCollection scanPlugins​(Engine engine,
                                          ExceptionCollection exCollection)
                                   throws org.apache.maven.plugin.MojoExecutionException
        Scans the plugins of the project.
        Specified by:
        scanPlugins in class BaseDependencyCheckMojo
        Parameters:
        engine - the engine used to perform the scanning
        exCollection - the collection of exceptions that might have occurred previously
        Returns:
        a collection of exceptions
        Throws:
        org.apache.maven.plugin.MojoExecutionException - thrown if a fatal exception occurs

      • getDescendants

        protected java.util.Set<org.apache.maven.project.MavenProject> getDescendants​(org.apache.maven.project.MavenProject project)
        Returns a set containing all the descendant projects of the given project.
        Parameters:
        project - the project for which all descendants will be returned
        Returns:
        the set of descendant projects

      • isConfiguredToSkip

        protected boolean isConfiguredToSkip​(org.apache.maven.project.MavenProject mavenProject)
        Checks the ODC configuration in the child project to see if should be skipped.
        Parameters:
        mavenProject - the maven project to check
        Returns:
        true if the project is configured to skip ODC; otherwise false

      • isMultiModule

        protected boolean isMultiModule​(org.apache.maven.project.MavenProject mavenProject)
        Test if the project has pom packaging
        Parameters:
        mavenProject - Project to test
        Returns:
        true if it has a pom packaging; otherwise false

      • canGenerateReport

        public boolean canGenerateReport()

      • getName

        public java.lang.String getName​(java.util.Locale locale)
        Returns the report name.
        Parameters:
        locale - the location
        Returns:
        the report name

      • getDescription

        public java.lang.String getDescription​(java.util.Locale locale)
        Gets the description of the Dependency-Check report to be displayed in the Maven Generated Reports page.
        Parameters:
        locale - The Locale to get the description for
        Returns:
        the description