Class OssIndexAnalyzer

java.lang.Object

org.owasp.dependencycheck.analyzer.AbstractAnalyzer

org.owasp.dependencycheck.analyzer.OssIndexAnalyzer

All Implemented Interfaces:

Analyzer

public class OssIndexAnalyzer
extends AbstractAnalyzer

Enrich dependency information from Sonatype OSS index.

Since:

5.0.0

Author:

Jason Dillon

Field Summary

Fields

Modifier and Type	Field	Description
static final String	REFERENCE_TYPE	The reference type.

Constructor Summary

Constructors

Constructor	Description
OssIndexAnalyzer()

Method Summary

Modifier and Type	Method	Description
protected void	analyzeDependency(Dependency dependency, Engine engine)	Analyzes a given dependency.
protected void	closeAnalyzer()	Closes a given Analyzer.
AnalysisPhase	getAnalysisPhase()	Returns the phase that the analyzer is intended to run in.
protected String	getAnalyzerEnabledSettingKey()	Returns the setting key to determine if the analyzer is enabled.
String	getName()	Returns the name of the analyzer.
protected void	prepareAnalyzer(Engine engine)	Prepares a given Analyzer.
boolean	supportsParallelProcessing()	Run without parallel support.

Methods inherited from class AbstractAnalyzer

analyze, close, getSettings, initialize, isEnabled, prepare, setEnabled

Methods inherited from class Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

REFERENCE_TYPE

public static final String REFERENCE_TYPE

The reference type.

See Also:

• Constant Field Values

Constructor Details

OssIndexAnalyzer

public OssIndexAnalyzer()

Method Details

getName

public String getName()

Description copied from interface: Analyzer

Returns the name of the analyzer.

Returns:

the name of the analyzer.

getAnalysisPhase

public AnalysisPhase getAnalysisPhase()

Description copied from interface: Analyzer

Returns the phase that the analyzer is intended to run in.

Returns:

the phase that the analyzer is intended to run in.

getAnalyzerEnabledSettingKey

protected String getAnalyzerEnabledSettingKey()

Description copied from class: AbstractAnalyzer

Returns the setting key to determine if the analyzer is enabled.

Specified by:

getAnalyzerEnabledSettingKey in class AbstractAnalyzer

Returns:

the key for the analyzer's enabled property

supportsParallelProcessing

public boolean supportsParallelProcessing()

Run without parallel support.

Specified by:

supportsParallelProcessing in interface Analyzer

Overrides:

supportsParallelProcessing in class AbstractAnalyzer

Returns:

false

closeAnalyzer

protected void closeAnalyzer()
                      throws Exception

Description copied from class: AbstractAnalyzer

Closes a given Analyzer. This will be skipped if the analyzer is disabled.

Overrides:

closeAnalyzer in class AbstractAnalyzer

Throws:

Exception - thrown if there is an exception

prepareAnalyzer

protected void prepareAnalyzer(Engine engine)
                        throws InitializationException

Description copied from class: AbstractAnalyzer

Prepares a given Analyzer. This will be skipped if the analyzer is disabled.

Overrides:

prepareAnalyzer in class AbstractAnalyzer

Parameters:

engine - a reference to the dependency-check engine

Throws:

InitializationException - thrown if there is an exception

analyzeDependency

protected void analyzeDependency(Dependency dependency,
 Engine engine)
                          throws AnalysisException

Description copied from class: AbstractAnalyzer

Analyzes a given dependency. If the dependency is an archive, such as a WAR or EAR, the contents are extracted, scanned, and added to the list of dependencies within the engine.

Specified by:

analyzeDependency in class AbstractAnalyzer

Parameters:

dependency - the dependency to analyze

engine - the engine scanning

Throws:

AnalysisException - thrown if there is an analysis exception