PurgeMojo.java

  1. /*
  2.  * This file is part of dependency-check-maven.
  3.  *
  4.  * Licensed under the Apache License, Version 2.0 (the "License");
  5.  * you may not use this file except in compliance with the License.
  6.  * You may obtain a copy of the License at
  7.  *
  8.  *     http://www.apache.org/licenses/LICENSE-2.0
  9.  *
  10.  * Unless required by applicable law or agreed to in writing, software
  11.  * distributed under the License is distributed on an "AS IS" BASIS,
  12.  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13.  * See the License for the specific language governing permissions and
  14.  * limitations under the License.
  15.  *
  16.  * Copyright (c) 2015 Jeremy Long. All Rights Reserved.
  17.  */
  18. package org.owasp.dependencycheck.maven;

  20. import java.util.Locale;
  21. import org.apache.maven.plugin.MojoExecutionException;
  22. import org.apache.maven.plugin.MojoFailureException;
  23. import org.apache.maven.plugins.annotations.LifecyclePhase;
  24. import org.apache.maven.plugins.annotations.Mojo;
  25. import org.apache.maven.plugins.annotations.ResolutionScope;
  26. import org.owasp.dependencycheck.Engine;
  27. import org.owasp.dependencycheck.exception.ExceptionCollection;
  28. import org.owasp.dependencycheck.utils.Downloader;
  29. import org.owasp.dependencycheck.utils.InvalidSettingException;

  31. /**
  32.  * Maven Plugin that purges the local copy of the NVD data.
  33.  *
  34.  * @author Jeremy Long
  35.  */
  36. @Mojo(
  37.         name = "purge",
  38.         defaultPhase = LifecyclePhase.GENERATE_RESOURCES,
  39.         requiresProject = false,
  40.         threadSafe = true,
  41.         requiresDependencyResolution = ResolutionScope.NONE,
  42.         requiresOnline = true,
  43.         aggregator = true
  44. )
  45. public class PurgeMojo extends BaseDependencyCheckMojo {

  47.     /**
  48.      * Returns false; this mojo cannot generate a report.
  49.      *
  50.      * @return <code>false</code>
  51.      */
  52.     @Override
  53.     public boolean canGenerateReport() {
  54.         return false;
  55.     }

  57.     /**
  58.      * Purges the local copy of the NVD.
  59.      *
  60.      * @throws MojoExecutionException thrown if there is an exception executing
  61.      * the goal
  62.      * @throws MojoFailureException thrown if dependency-check is configured to
  63.      * fail the build
  64.      */
  65.     @Override
  66.     protected void runCheck() throws MojoExecutionException, MojoFailureException {
  67.         populateSettings();
  68.         try {
  69.             Downloader.getInstance().configure(getSettings());
  70.         } catch (InvalidSettingException e) {
  71.             if (isFailOnError()) {
  72.                 throw new MojoFailureException(e.getMessage(), e);
  73.             } else {
  74.                 throw new MojoExecutionException(e.getMessage(), e);
  75.             }
  76.         }
  77.         try (Engine engine = new Engine(Engine.Mode.EVIDENCE_PROCESSING, getSettings())) {
  78.             engine.purge();
  79.         } finally {
  80.             getSettings().cleanup();
  81.         }
  82.     }

  84.     /**
  85.      * Returns the report name.
  86.      *
  87.      * @param locale the location
  88.      * @return the report name
  89.      */
  90.     @Override
  91.     public String getName(Locale locale) {
  92.         return "dependency-check-purge";
  93.     }

  95.     /**
  96.      * Gets the description of the Dependency-Check report to be displayed in
  97.      * the Maven Generated Reports page.
  98.      *
  99.      * @param locale The Locale to get the description for
  100.      * @return the description
  101.      */
  102.     @Override
  103.     public String getDescription(Locale locale) {
  104.         return "Purges the local cache of the NVD dataT.";
  105.     }

  107.     /**
  108.      * Throws an exception if called. The purge mojo does not scan dependencies.
  109.      *
  110.      * @param engine the engine used to scan
  111.      * @return a collection of exceptions
  112.      * @throws MojoExecutionException thrown if there is an exception
  113.      */
  114.     @Override
  115.     protected ExceptionCollection scanDependencies(Engine engine) throws MojoExecutionException {
  116.         throw new UnsupportedOperationException("Operation not supported");
  117.     }

  119.     /**
  120.      * Throws an exception if called. The purge mojo does not scan dependencies.
  121.      *
  122.      * @param engine the engine used to scan
  123.      * @param exCollection the collection of exceptions that might have occurred
  124.      * previously
  125.      * @return a collection of exceptions
  126.      * @throws MojoExecutionException thrown if there is an exception
  127.      */
  128.     @Override
  129.     protected ExceptionCollection scanPlugins(final Engine engine, final ExceptionCollection exCollection) throws MojoExecutionException {
  130.         throw new UnsupportedOperationException("Operation not supported");
  131.     }
  132. }
Created with JaCoCo 0.8.12.202403310830