View Javadoc
1   /*
2    * This file is part of dependency-check-ant.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *     http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   *
16   * Copyright (c) 2015 Jeremy Long. All Rights Reserved.
17   */
18  package org.owasp.dependencycheck.taskdefs;
19  
20  import org.apache.tools.ant.BuildException;
21  import org.apache.tools.ant.Project;
22  import org.owasp.dependencycheck.Engine;
23  import org.owasp.dependencycheck.data.nvdcve.DatabaseException;
24  import org.owasp.dependencycheck.data.update.exception.UpdateException;
25  import org.owasp.dependencycheck.utils.Downloader;
26  import org.owasp.dependencycheck.utils.InvalidSettingException;
27  import org.owasp.dependencycheck.utils.Settings;
28  import org.slf4j.impl.StaticLoggerBinder;
29  
30  /**
31   * An Ant task definition to execute dependency-check update. This will download
32   * the latest data from the National Vulnerability Database (NVD) and store a
33   * copy in the local database.
34   *
35   * @author Jeremy Long
36   */
37  //While duplicate code is general bad - this is calling out getters/setters
38  //on unrelated ODC clients (the DependencyCheckScanAgent).
39  @SuppressWarnings("common-java:DuplicatedBlocks")
40  public class Update extends Purge {
41  
42      /**
43       * The URL to (a mirror of) the RetireJS JSON data.
44       */
45      private String retireJsUrl;
46      /**
47       * The user to download the RetireJS JSON data from an HTTP Basic auth protected location.
48       */
49      private String retireJsUrlUser;
50      /**
51       * The password to download the RetireJS JSON data from an HTTP Basic auth protected location.
52       */
53      private String retireJsUrlPassword;
54      /**
55       * The token to download the RetireJS JSON data from an HTTP Bearer auth protected location.
56       */
57      private String retireJsUrlBearerToken;
58      /**
59       * Whether or not the RetireJS JSON repository will be updated regardless of the
60       * `autoupdate` settings. Defaults to false.
61       */
62      private Boolean retireJsForceUpdate;
63      /**
64       * Whether or not the Known Exploited Vulnerability Analyzer is enabled.
65       */
66      private Boolean knownExploitedEnabled;
67      /**
68       * The URL to the known exploited vulnerabilities JSON datafeed.
69       */
70      private String knownExploitedUrl;
71      /**
72       * The number of hours before checking for updates for the known exploited vulnerabilities JSON datafeed.
73       */
74      private Integer knownExploitedValidForHours;
75      /**
76       * The user to download the known exploited vulnerabilities JSON datafeed from an HTTP Basic auth protected location.
77       */
78      private String knownExploitedUser;
79      /**
80       * The password to download the known exploited vulnerabilities JSON datafeed from an HTTP Basic auth protected location.
81       */
82      private String knownExploitedPassword;
83      /**
84       * The token to download the known exploited vulnerabilities JSON datafeed from an HTTP Bearer auth protected location.
85       */
86      private String knownExploitedBearerToken;
87      /**
88       * The NVD API endpoint.
89       */
90      private String nvdApiEndpoint;
91      /**
92       * The NVD API Key.
93       */
94      private String nvdApiKey;
95      /**
96       * The maximum number of retry requests for a single call to the NVD API.
97       */
98      private Integer nvdMaxRetryCount;
99      /**
100      * The number of hours to wait before checking for new updates from the NVD.
101      */
102     private Integer nvdValidForHours;
103     /**
104      * The NVD API Data Feed URL.
105      */
106     private String nvdDatafeedUrl;
107     /**
108      * The username to download the NVD Data feed from an HTTP Basic auth protected location.
109      */
110     private String nvdUser;
111     /**
112      * The password to download the NVD Data feed from an HTTP Basic auth protected location.
113      */
114     private String nvdPassword;
115     /**
116      * The token to download the NVD Data feed from an HTTP Bearer auth protected location.
117      */
118     private String nvdBearerToken;
119     /**
120      * The time in milliseconds to wait between downloading NVD API data.
121      */
122     private Integer nvdApiDelay;
123 
124     /**
125      * The number of records per page of NVD API data.
126      */
127     private Integer nvdApiResultsPerPage;
128 
129     /**
130      * The Proxy Server.
131      */
132     private String proxyServer;
133     /**
134      * The Proxy Port.
135      */
136     private String proxyPort;
137     /**
138      * The Proxy username.
139      */
140     private String proxyUsername;
141     /**
142      * The Proxy password.
143      */
144     private String proxyPassword;
145     /**
146      * Non proxy hosts
147      */
148     private String nonProxyHosts;
149     /**
150      * The Connection Timeout.
151      */
152     private String connectionTimeout;
153     /**
154      * The Read Timeout.
155      */
156     private String readTimeout;
157     /**
158      * The database driver name; such as org.h2.Driver.
159      */
160     private String databaseDriverName;
161     /**
162      * The path to the database driver JAR file if it is not on the class path.
163      */
164     private String databaseDriverPath;
165     /**
166      * The database connection string.
167      */
168     private String connectionString;
169     /**
170      * The user name for connecting to the database.
171      */
172     private String databaseUser;
173     /**
174      * The password to use when connecting to the database.
175      */
176     private String databasePassword;
177     /**
178      * The number of hours to wait before re-checking hosted suppressions file
179      * for updates.
180      */
181     private Integer hostedSuppressionsValidForHours;
182     /**
183      * The userid for the hostedSuppressions file.
184      * <br/>
185      * Only needs configuration if you customized the hostedSuppressionsUrl to a custom server that requires Basic Auth
186      */
187     private String hostedSuppressionsUser;
188     /**
189      * The password for the hostedSuppressions file.
190      * <br/>
191      * Only needs configuration if you customized the hostedSuppressionsUrl to a custom server that requires Basic Auth
192      */
193     private String hostedSuppressionsPassword;
194     /**
195      * The (Bearer authentication) API Token for the hostedSuppressions file.
196      * <br/>
197      * Only needs configuration if you customized the hostedSuppressionsUrl to a custom server that requires Bearer Auth
198      */
199     private String hostedSuppressionsBearerToken;
200     /**
201      * Whether the hosted suppressions file will be updated regardless of the
202      * `autoupdate` settings. Defaults to false.
203      */
204     private Boolean hostedSuppressionsForceUpdate;
205     /**
206      * Whether the hosted suppressions file will be used. Defaults to true.
207      */
208     private Boolean hostedSuppressionsEnabled;
209     /**
210      * The URL to hosted suppressions file with base FP suppressions.
211      */
212     private String hostedSuppressionsUrl = null;
213     /**
214      * Whether or not the RetireJS Analyzer is enabled.
215      */
216     private Boolean retireJsAnalyzerEnabled;
217 
218     /**
219      * Construct a new UpdateTask.
220      */
221     public Update() {
222         super();
223         // Call this before Dependency Check Core starts logging anything - this way, all SLF4J messages from
224         // core end up coming through this tasks logger
225         StaticLoggerBinder.getSingleton().setTask(this);
226     }
227 
228     /**
229      * Set the value of nvdApiEndpoint.
230      *
231      * @param nvdApiEndpoint new value of nvdApiEndpoint
232      */
233     public void setNvdApiEndpoint(String nvdApiEndpoint) {
234         this.nvdApiEndpoint = nvdApiEndpoint;
235     }
236 
237     /**
238      * Set the value of nvdApiKey.
239      *
240      * @param nvdApiKey new value of nvdApiKey
241      */
242     public void setNvdApiKey(String nvdApiKey) {
243         this.nvdApiKey = nvdApiKey;
244     }
245 
246     /**
247      * Set the value of nvdMaxRetryCount.
248      *
249      * @param nvdMaxRetryCount new value of nvdMaxRetryCount
250      */
251     public void setNvdMaxRetryCount(Integer nvdMaxRetryCount) {
252         if (nvdMaxRetryCount > 0) {
253             this.nvdMaxRetryCount = nvdMaxRetryCount;
254         } else {
255             throw new BuildException("Invalid setting: `nvdMaxRetryCount` must be greater than zero");
256         }
257     }
258 
259     /**
260      * Set the value of nvdValidForHours.
261      *
262      * @param nvdValidForHours new value of nvdValidForHours
263      */
264     public void setNvdValidForHours(int nvdValidForHours) {
265         if (nvdValidForHours >= 0) {
266             this.nvdValidForHours = nvdValidForHours;
267         } else {
268             throw new BuildException("Invalid setting: `nvdValidForHours` must be 0 or greater");
269         }
270     }
271 
272     /**
273      * Set the value of nvdDatafeedUrl.
274      *
275      * @param nvdDatafeedUrl new value of nvdDatafeedUrl
276      */
277     public void setNvdDatafeedUrl(String nvdDatafeedUrl) {
278         this.nvdDatafeedUrl = nvdDatafeedUrl;
279     }
280 
281     /**
282      * Set the value of nvdUser.
283      *
284      * @param nvdUser new value of nvdUser
285      */
286     public void setNvdUser(String nvdUser) {
287         this.nvdUser = nvdUser;
288     }
289 
290     /**
291      * Set the value of nvdPassword.
292      *
293      * @param nvdPassword new value of nvdPassword
294      */
295     public void setNvdPassword(String nvdPassword) {
296         this.nvdPassword = nvdPassword;
297     }
298 
299     /**
300      * Sets the token to download the NVD Data feed from an HTTP Bearer auth protected location.
301      * @param nvdBearerToken The bearer token
302      */
303     public void setNvdBearerToken(String nvdBearerToken) {
304         this.nvdBearerToken = nvdBearerToken;
305     }
306 
307     /**
308      * Set the value of nvdApiDelay.
309      *
310      * @param nvdApiDelay new value of nvdApiDelay
311      */
312     public void setNvdApiDelay(Integer nvdApiDelay) {
313         this.nvdApiDelay = nvdApiDelay;
314     }
315 
316     /**
317      * Set the value of nvdApiResultsPerPage.
318      *
319      * @param nvdApiResultsPerPage new value of nvdApiResultsPerPage
320      */
321     public void setNvdApiResultsPerPage(Integer nvdApiResultsPerPage) {
322         this.nvdApiResultsPerPage = nvdApiResultsPerPage;
323     }
324 
325     /**
326      * Set the value of proxyServer.
327      *
328      * @param server new value of proxyServer
329      */
330     public void setProxyServer(String server) {
331         this.proxyServer = server;
332     }
333 
334     /**
335      * Set the value of proxyPort.
336      *
337      * @param proxyPort new value of proxyPort
338      */
339     public void setProxyPort(String proxyPort) {
340         this.proxyPort = proxyPort;
341     }
342 
343     /**
344      * Set the value of proxyUsername.
345      *
346      * @param proxyUsername new value of proxyUsername
347      */
348     public void setProxyUsername(String proxyUsername) {
349         this.proxyUsername = proxyUsername;
350     }
351 
352     /**
353      * Set the value of proxyPassword.
354      *
355      * @param proxyPassword new value of proxyPassword
356      */
357     public void setProxyPassword(String proxyPassword) {
358         this.proxyPassword = proxyPassword;
359     }
360 
361     /**
362      * Set the value of nonProxyHosts.
363      *
364      * @param nonProxyHosts new value of nonProxyHosts
365      */
366     public void setNonProxyHosts(String nonProxyHosts) {
367         this.nonProxyHosts = nonProxyHosts;
368     }
369 
370     /**
371      * Set the value of connectionTimeout.
372      *
373      * @param connectionTimeout new value of connectionTimeout
374      */
375     public void setConnectionTimeout(String connectionTimeout) {
376         this.connectionTimeout = connectionTimeout;
377     }
378 
379     /**
380      * Set the value of readTimeout.
381      *
382      * @param readTimeout new value of readTimeout
383      */
384     public void setReadTimeout(String readTimeout) {
385         this.readTimeout = readTimeout;
386     }
387 
388     /**
389      * Set the value of databaseDriverName.
390      *
391      * @param databaseDriverName new value of databaseDriverName
392      */
393     public void setDatabaseDriverName(String databaseDriverName) {
394         this.databaseDriverName = databaseDriverName;
395     }
396 
397     /**
398      * Set the value of databaseDriverPath.
399      *
400      * @param databaseDriverPath new value of databaseDriverPath
401      */
402     public void setDatabaseDriverPath(String databaseDriverPath) {
403         this.databaseDriverPath = databaseDriverPath;
404     }
405 
406     /**
407      * Set the value of connectionString.
408      *
409      * @param connectionString new value of connectionString
410      */
411     public void setConnectionString(String connectionString) {
412         this.connectionString = connectionString;
413     }
414 
415     /**
416      * Set the value of databaseUser.
417      *
418      * @param databaseUser new value of databaseUser
419      */
420     public void setDatabaseUser(String databaseUser) {
421         this.databaseUser = databaseUser;
422     }
423 
424     /**
425      * Set the value of databasePassword.
426      *
427      * @param databasePassword new value of databasePassword
428      */
429     public void setDatabasePassword(String databasePassword) {
430         this.databasePassword = databasePassword;
431     }
432 
433     /**
434      * Set the value of hostedSuppressionsValidForHours.
435      *
436      * @param hostedSuppressionsValidForHours new value of
437      * hostedSuppressionsValidForHours
438      */
439     public void setHostedSuppressionsValidForHours(final Integer hostedSuppressionsValidForHours) {
440         this.hostedSuppressionsValidForHours = hostedSuppressionsValidForHours;
441     }
442 
443     public void setHostedSuppressionsUser(String hostedSuppressionsUser) {
444         this.hostedSuppressionsUser = hostedSuppressionsUser;
445     }
446 
447     public void setHostedSuppressionsPassword(String hostedSuppressionsPassword) {
448         this.hostedSuppressionsPassword = hostedSuppressionsPassword;
449     }
450 
451     public void setHostedSuppressionsBearerToken(String hostedSuppressionsBearerToken) {
452         this.hostedSuppressionsBearerToken = hostedSuppressionsBearerToken;
453     }
454 
455     /**
456      * Set the value of hostedSuppressionsForceUpdate.
457      *
458      * @param hostedSuppressionsForceUpdate new value of
459      * hostedSuppressionsForceUpdate
460      */
461     public void setHostedSuppressionsForceUpdate(final Boolean hostedSuppressionsForceUpdate) {
462         this.hostedSuppressionsForceUpdate = hostedSuppressionsForceUpdate;
463     }
464 
465     /**
466      * Set the value of hostedSuppressionsEnabled.
467      *
468      * @param hostedSuppressionsEnabled new value of hostedSuppressionsEnabled
469      */
470     public void setHostedSuppressionsEnabled(Boolean hostedSuppressionsEnabled) {
471         this.hostedSuppressionsEnabled = hostedSuppressionsEnabled;
472     }
473 
474     /**
475      * Set the value of hostedSuppressionsUrl.
476      *
477      * @param hostedSuppressionsUrl new value of hostedSuppressionsUrl
478      */
479     public void setHostedSuppressionsUrl(final String hostedSuppressionsUrl) {
480         this.hostedSuppressionsUrl = hostedSuppressionsUrl;
481     }
482 
483     /**
484      * Sets the the knownExploitedUrl.
485      *
486      * @param knownExploitedUrl the URL
487      */
488     public void setKnownExploitedUrl(String knownExploitedUrl) {
489         this.knownExploitedUrl = knownExploitedUrl;
490     }
491 
492     public void setKnownExploitedValidForHours(Integer knownExploitedValidForHours) {
493         this.knownExploitedValidForHours = knownExploitedValidForHours;
494     }
495 
496     /**
497      * Sets the user for downloading the knownExploitedUrl from a HTTP Basic auth protected location.
498      *
499      * @param knownExploitedUser the user
500      */
501     public void setKnownExploitedUser(String knownExploitedUser) {
502         this.knownExploitedUser = knownExploitedUser;
503     }
504 
505     /**
506      * Sets the password for downloading the knownExploitedUrl from a HTTP Basic auth protected location..
507      *
508      * @param knownExploitedPassword the password
509      */
510     public void setKnownExploitedPassword(String knownExploitedPassword) {
511         this.knownExploitedPassword = knownExploitedPassword;
512     }
513 
514     /**
515      * Sets the token for downloading the knownExploitedUrl from an HTTP Bearer auth protected location..
516      *
517      * @param knownExploitedBearerToken the token
518      */
519     public void setKnownExploitedBearerToken(String knownExploitedBearerToken) {
520         this.knownExploitedBearerToken = knownExploitedBearerToken;
521     }
522 
523     /**
524      * Sets whether the analyzer is enabled.
525      *
526      * @param knownExploitedEnabled the value of the new setting
527      */
528     public void setKnownExploitedEnabled(Boolean knownExploitedEnabled) {
529         this.knownExploitedEnabled = knownExploitedEnabled;
530     }
531 
532     /**
533      * Set the value of the Retire JS repository URL.
534      *
535      * @param retireJsUrl new value of retireJsUrl
536      */
537     public void setRetireJsUrl(String retireJsUrl) {
538         this.retireJsUrl = retireJsUrl;
539     }
540 
541     /**
542      * Sets the user to download the RetireJS JSON data from an HTTP Basic auth protected location.
543      *
544      * @param retireJsUrlUser new value of retireJsUrlUser
545      */
546     public void setRetireJsUrlUser(String retireJsUrlUser) {
547         this.retireJsUrlUser = retireJsUrlUser;
548     }
549 
550     /**
551      * Sets the password to download the RetireJS JSON data from an HTTP Basic auth protected location.
552      *
553      * @param retireJsUrlPassword new value of retireJsUrlPassword
554      */
555     public void setRetireJsUrlPassword(String retireJsUrlPassword) {
556         this.retireJsUrlPassword = retireJsUrlPassword;
557     }
558 
559     /**
560      * Sets the token to download the RetireJS JSON data from an HTTP Bearer auth protected location.
561      *
562      * @param retireJsUrlBearerToken new value of retireJsUrlBearerToken
563      */
564     public void setRetireJsUrlBearerToken(String retireJsUrlBearerToken) {
565         this.retireJsUrlBearerToken = retireJsUrlBearerToken;
566     }
567 
568     /**
569      * Set the value of retireJsForceUpdate.
570      *
571      * @param retireJsForceUpdate new value of
572      * retireJsForceUpdate
573      */
574     public void setRetireJsForceUpdate(Boolean retireJsForceUpdate) {
575         this.retireJsForceUpdate = retireJsForceUpdate;
576     }
577 
578     /**
579      * Set the value of retireJsAnalyzerEnabled.
580      *
581      * @param retireJsAnalyzerEnabled new value of retireJsAnalyzerEnabled
582      */
583     public void setRetireJsAnalyzerEnabled(Boolean retireJsAnalyzerEnabled) {
584         this.retireJsAnalyzerEnabled = retireJsAnalyzerEnabled;
585     }
586 
587     /**
588      * Executes the update by initializing the settings, downloads the NVD XML
589      * data, and then processes the data storing it in the local database.
590      *
591      * @throws BuildException thrown if a connection to the local database
592      * cannot be made.
593      */
594     //see note on `Check.dealWithReferences()` for information on this suppression
595     @SuppressWarnings("squid:RedundantThrowsDeclarationCheck")
596     @Override
597     protected void executeWithContextClassloader() throws BuildException {
598         populateSettings();
599         try {
600             Downloader.getInstance().configure(getSettings());
601         } catch (InvalidSettingException e) {
602             throw new BuildException(e);
603         }
604         try (Engine engine = new Engine(Update.class.getClassLoader(), getSettings())) {
605             engine.doUpdates();
606         } catch (UpdateException ex) {
607             if (this.isFailOnError()) {
608                 throw new BuildException(ex);
609             }
610             log(ex.getMessage(), Project.MSG_ERR);
611         } catch (DatabaseException ex) {
612             final String msg = "Unable to connect to the dependency-check database; unable to update the NVD data";
613             if (this.isFailOnError()) {
614                 throw new BuildException(msg, ex);
615             }
616             log(msg, Project.MSG_ERR);
617         } finally {
618             getSettings().cleanup();
619         }
620     }
621 
622     /**
623      * Takes the properties supplied and updates the dependency-check settings.
624      * Additionally, this sets the system properties required to change the
625      * proxy server, port, and connection timeout.
626      *
627      * @throws BuildException thrown when an invalid setting is configured.
628      */
629     //see note on `Check.dealWithReferences()` for information on this suppression
630     @SuppressWarnings("squid:RedundantThrowsDeclarationCheck")
631     @Override
632     protected void populateSettings() throws BuildException {
633         super.populateSettings();
634         getSettings().setStringIfNotEmpty(Settings.KEYS.PROXY_SERVER, proxyServer);
635         getSettings().setStringIfNotEmpty(Settings.KEYS.PROXY_PORT, proxyPort);
636         getSettings().setStringIfNotEmpty(Settings.KEYS.PROXY_USERNAME, proxyUsername);
637         getSettings().setStringIfNotEmpty(Settings.KEYS.PROXY_PASSWORD, proxyPassword);
638         getSettings().setStringIfNotEmpty(Settings.KEYS.PROXY_NON_PROXY_HOSTS, nonProxyHosts);
639         getSettings().setStringIfNotEmpty(Settings.KEYS.CONNECTION_TIMEOUT, connectionTimeout);
640         getSettings().setStringIfNotEmpty(Settings.KEYS.CONNECTION_READ_TIMEOUT, readTimeout);
641         getSettings().setStringIfNotEmpty(Settings.KEYS.DB_DRIVER_NAME, databaseDriverName);
642         getSettings().setStringIfNotEmpty(Settings.KEYS.DB_DRIVER_PATH, databaseDriverPath);
643         getSettings().setStringIfNotEmpty(Settings.KEYS.DB_CONNECTION_STRING, connectionString);
644         getSettings().setStringIfNotEmpty(Settings.KEYS.DB_USER, databaseUser);
645         getSettings().setStringIfNotEmpty(Settings.KEYS.DB_PASSWORD, databasePassword);
646 
647         getSettings().setStringIfNotEmpty(Settings.KEYS.KEV_URL, knownExploitedUrl);
648         getSettings().setStringIfNotEmpty(Settings.KEYS.KEV_USER, knownExploitedUser);
649         getSettings().setStringIfNotEmpty(Settings.KEYS.KEV_PASSWORD, knownExploitedPassword);
650         getSettings().setStringIfNotEmpty(Settings.KEYS.KEV_BEARER_TOKEN, knownExploitedBearerToken);
651         getSettings().setIntIfNotNull(Settings.KEYS.KEV_CHECK_VALID_FOR_HOURS, knownExploitedValidForHours);
652         getSettings().setBooleanIfNotNull(Settings.KEYS.ANALYZER_KNOWN_EXPLOITED_ENABLED, knownExploitedEnabled);
653 
654         getSettings().setStringIfNotNull(Settings.KEYS.ANALYZER_RETIREJS_REPO_JS_URL, retireJsUrl);
655         getSettings().setStringIfNotNull(Settings.KEYS.ANALYZER_RETIREJS_REPO_JS_USER, retireJsUrlUser);
656         getSettings().setStringIfNotNull(Settings.KEYS.ANALYZER_RETIREJS_REPO_JS_PASSWORD, retireJsUrlPassword);
657         getSettings().setStringIfNotNull(Settings.KEYS.ANALYZER_RETIREJS_REPO_JS_BEARER_TOKEN, retireJsUrlBearerToken);
658         getSettings().setBooleanIfNotNull(Settings.KEYS.ANALYZER_RETIREJS_FORCEUPDATE, retireJsForceUpdate);
659         getSettings().setBooleanIfNotNull(Settings.KEYS.ANALYZER_RETIREJS_ENABLED, retireJsAnalyzerEnabled);
660 
661         getSettings().setStringIfNotEmpty(Settings.KEYS.HOSTED_SUPPRESSIONS_URL, hostedSuppressionsUrl);
662         getSettings().setIntIfNotNull(Settings.KEYS.HOSTED_SUPPRESSIONS_VALID_FOR_HOURS, hostedSuppressionsValidForHours);
663         getSettings().setStringIfNotNull(Settings.KEYS.HOSTED_SUPPRESSIONS_USER, hostedSuppressionsUser);
664         getSettings().setStringIfNotNull(Settings.KEYS.HOSTED_SUPPRESSIONS_PASSWORD, hostedSuppressionsPassword);
665         getSettings().setStringIfNotNull(Settings.KEYS.HOSTED_SUPPRESSIONS_BEARER_TOKEN, hostedSuppressionsBearerToken);
666         getSettings().setBooleanIfNotNull(Settings.KEYS.HOSTED_SUPPRESSIONS_FORCEUPDATE, hostedSuppressionsForceUpdate);
667         getSettings().setBooleanIfNotNull(Settings.KEYS.HOSTED_SUPPRESSIONS_ENABLED, hostedSuppressionsEnabled);
668 
669         getSettings().setStringIfNotEmpty(Settings.KEYS.NVD_API_KEY, nvdApiKey);
670         getSettings().setStringIfNotEmpty(Settings.KEYS.NVD_API_ENDPOINT, nvdApiEndpoint);
671         getSettings().setIntIfNotNull(Settings.KEYS.NVD_API_DELAY, nvdApiDelay);
672         getSettings().setIntIfNotNull(Settings.KEYS.NVD_API_RESULTS_PER_PAGE, nvdApiResultsPerPage);
673         getSettings().setStringIfNotEmpty(Settings.KEYS.NVD_API_DATAFEED_URL, nvdDatafeedUrl);
674         getSettings().setStringIfNotEmpty(Settings.KEYS.NVD_API_DATAFEED_USER, nvdUser);
675         getSettings().setStringIfNotEmpty(Settings.KEYS.NVD_API_DATAFEED_PASSWORD, nvdPassword);
676         getSettings().setStringIfNotEmpty(Settings.KEYS.NVD_API_DATAFEED_BEARER_TOKEN, nvdBearerToken);
677         getSettings().setIntIfNotNull(Settings.KEYS.NVD_API_MAX_RETRY_COUNT, nvdMaxRetryCount);
678         getSettings().setIntIfNotNull(Settings.KEYS.NVD_API_VALID_FOR_HOURS, nvdValidForHours);
679     }
680 }