View Javadoc
1   /*
2    * This file is part of dependency-check-maven.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *     http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   *
16   * Copyright (c) 2017 Josh Cain. All Rights Reserved.
17   */
18  package org.owasp.dependencycheck.maven;
19  
20  import org.owasp.dependencycheck.utils.Filter;
21  import static org.apache.maven.artifact.Artifact.SCOPE_COMPILE_PLUS_RUNTIME;
22  import static org.apache.maven.artifact.Artifact.SCOPE_RUNTIME;
23  import static org.apache.maven.artifact.Artifact.SCOPE_SYSTEM;
24  import static org.apache.maven.artifact.Artifact.SCOPE_TEST;
25  import static org.apache.maven.artifact.Artifact.SCOPE_PROVIDED;
26  
27  /**
28   * Utility class to determine if an artifact should be excluded.
29   *
30   * @author Josh Cain
31   */
32  public class ArtifactScopeExcluded extends Filter<String> {
33  
34      /**
35       * Whether or not to skip the test scope.
36       */
37      private final boolean skipTestScope;
38      /**
39       * Whether or not to skip the provided scope.
40       */
41      private final boolean skipProvidedScope;
42      /**
43       * Whether or not to skip the system scope.
44       */
45      private final boolean skipSystemScope;
46      /**
47       * Whether or not to skip the runtime scope.
48       */
49      private final boolean skipRuntimeScope;
50  
51      /**
52       * Constructs a new ArtifactScopeExcluded object.
53       *
54       * @param skipTestScope whether or not to skip the test scope
55       * @param skipProvidedScope whether or not to skip the provided scope
56       * @param skipSystemScope whether or not to skip the system scope
57       * @param skipRuntimeScope whether or not to skip the runtime scope
58       */
59      public ArtifactScopeExcluded(final boolean skipTestScope, final boolean skipProvidedScope,
60              final boolean skipSystemScope, final boolean skipRuntimeScope) {
61          this.skipTestScope = skipTestScope;
62          this.skipProvidedScope = skipProvidedScope;
63          this.skipSystemScope = skipSystemScope;
64          this.skipRuntimeScope = skipRuntimeScope;
65      }
66  
67      /**
68       * Tests is the artifact should be included in the scan (i.e. is the
69       * dependency in a scope that is being scanned).
70       *
71       * @param scope the scope of the artifact to test
72       * @return <code>true</code> if the artifact is in an excluded scope;
73       * otherwise <code>false</code>
74       */
75      @Override
76      public boolean passes(final String scope) {
77          if (skipTestScope && SCOPE_TEST.equals(scope)) {
78              return true;
79          }
80          if (skipProvidedScope && SCOPE_PROVIDED.equals(scope)) {
81              return true;
82          }
83          if (skipSystemScope && SCOPE_SYSTEM.equals(scope)) {
84              return true;
85          }
86          if (skipRuntimeScope && SCOPE_RUNTIME.equals(scope)) {
87              return true;
88          }
89          if (skipRuntimeScope && skipSystemScope && SCOPE_COMPILE_PLUS_RUNTIME.equals(scope)) {
90              return true;
91          }
92          return false;
93      }
94  }