Interface Analyzer
- All Known Subinterfaces:
FileTypeAnalyzer
- All Known Implementing Classes:
AbstractAnalyzer, AbstractDependencyComparingAnalyzer, AbstractFileTypeAnalyzer, AbstractNpmAnalyzer, AbstractSuppressionAnalyzer, ArchiveAnalyzer, ArtifactoryAnalyzer, AssemblyAnalyzer, AutoconfAnalyzer, CarthageAnalyzer, CentralAnalyzer, CMakeAnalyzer, CocoaPodsAnalyzer, ComposerLockAnalyzer, CPEAnalyzer, CpeSuppressionAnalyzer, DartAnalyzer, DependencyBundlingAnalyzer, DependencyMergingAnalyzer, ElixirMixAuditAnalyzer, FalsePositiveAnalyzer, FileNameAnalyzer, GolangDepAnalyzer, GolangModAnalyzer, HintAnalyzer, JarAnalyzer, KnownExploitedVulnerabilityAnalyzer, LibmanAnalyzer, MSBuildProjectAnalyzer, NexusAnalyzer, NodeAuditAnalyzer, NodePackageAnalyzer, NpmCPEAnalyzer, NugetconfAnalyzer, NuspecAnalyzer, NvdCveAnalyzer, OpenSSLAnalyzer, OssIndexAnalyzer, PEAnalyzer, PerlCpanfileAnalyzer, PinnedMavenInstallAnalyzer, PipAnalyzer, PipfileAnalyzer, PipfilelockAnalyzer, PnpmAuditAnalyzer, PoetryAnalyzer, PythonDistributionAnalyzer, PythonPackageAnalyzer, RetireJsAnalyzer, RubyBundleAuditAnalyzer, RubyBundlerAnalyzer, RubyGemspecAnalyzer, SwiftPackageManagerAnalyzer, SwiftPackageResolvedAnalyzer, UnusedSuppressionRuleAnalyzer, VersionFilterAnalyzer, VulnerabilitySuppressionAnalyzer, YarnAuditAnalyzer
public interface Analyzer
An interface that defines an Analyzer that is used to identify Dependencies. An analyzer will collect information about the dependency in the form of Evidence.
When the Engine executes it will load the
analyzers and call the methods in the following order:
- Author:
- Jeremy Long
-
Method Summary
Modifier and TypeMethodDescriptionvoidanalyze(Dependency dependency, Engine engine) Analyzes the given dependency.voidclose()The close method is called after all of the dependencies have been analyzed.Returns the phase that the analyzer is intended to run in.getName()Returns the name of the analyzer.voidinitialize(Settings settings) Initializes the analyzer with the configured settings.booleanGet the value of enabled.voidThe prepare method is called (once) prior to the analyze method being called on all of the dependencies.booleanReturns whether multiple instances of the same type of analyzer can run in parallel.
-
Method Details
-
analyze
Analyzes the given dependency. The analysis could be anything from identifying an Identifier for the dependency, to finding vulnerabilities, etc. Additionally, if the analyzer collects enough information to add a description or license information for the dependency it should be added.- Parameters:
dependency- a dependency to analyze.engine- the engine that is scanning the dependencies - this is useful if we need to check other dependencies- Throws:
AnalysisException- is thrown if there is an error analyzing the dependency file
-
getName
-
getAnalysisPhase
AnalysisPhase getAnalysisPhase()Returns the phase that the analyzer is intended to run in.- Returns:
- the phase that the analyzer is intended to run in.
-
initialize
Initializes the analyzer with the configured settings.- Parameters:
settings- the configured settings
-
prepare
The prepare method is called (once) prior to the analyze method being called on all of the dependencies.- Parameters:
engine- a reference to the dependency-check engine- Throws:
InitializationException- is thrown if an exception occurs initializing the analyzer.
-
close
-
supportsParallelProcessing
boolean supportsParallelProcessing()Returns whether multiple instances of the same type of analyzer can run in parallel. Note that running analyzers of different types in parallel is not supported at all.- Returns:
trueif the analyzer supports parallel processing,falseelse
-
isEnabled
boolean isEnabled()Get the value of enabled.- Returns:
- the value of enabled
-