Class PipfilelockAnalyzer

java.lang.Object

org.owasp.dependencycheck.analyzer.AbstractAnalyzer

org.owasp.dependencycheck.analyzer.AbstractFileTypeAnalyzer

org.owasp.dependencycheck.analyzer.PipfilelockAnalyzer

All Implemented Interfaces:

FileFilter, Analyzer, FileTypeAnalyzer

@ThreadSafe
public class PipfilelockAnalyzer
extends AbstractFileTypeAnalyzer

Used to analyze dependencies defined in Pipfile.lock. This analyzer works in tandem with the `PipfileAnalyzer` - and both analyzers use the same key to enable/disable the analyzers. The PipfileAnalyzer will be skipped if the lock file exists, as the lock will provide more accurate version numbers.

Author:

jeremy.long

Constructor Summary

Constructors

Constructor	Description
PipfilelockAnalyzer()

Method Summary

Modifier and Type	Method	Description
protected void	analyzeDependency(Dependency dependency, Engine engine)	Analyzes a given dependency.
AnalysisPhase	getAnalysisPhase()	Returns the phase that the analyzer is intended to run in.
protected String	getAnalyzerEnabledSettingKey()	Returns the key used in the properties file to reference the analyzer's enabled property.
protected FileFilter	getFileFilter()	Returns the FileFilter
String	getName()	Returns the identifiedPackage of the analyzer.
protected void	prepareFileTypeAnalyzer(Engine engine)	Initializes the file type analyzer.

Methods inherited from class AbstractFileTypeAnalyzer

accept, getFilesMatched, newHashSet, prepareAnalyzer, setFilesMatched

Methods inherited from class AbstractAnalyzer

analyze, close, closeAnalyzer, getSettings, initialize, isEnabled, prepare, setEnabled, supportsParallelProcessing

Methods inherited from class Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface Analyzer

analyze, close, initialize, isEnabled, prepare, supportsParallelProcessing

Constructor Details

PipfilelockAnalyzer

public PipfilelockAnalyzer()

Method Details

getFileFilter

protected FileFilter getFileFilter()

Returns the FileFilter

Specified by:

getFileFilter in class AbstractFileTypeAnalyzer

Returns:

the FileFilter

getName

public String getName()

Returns the identifiedPackage of the analyzer.

Returns:

the identifiedPackage of the analyzer.

getAnalysisPhase

public AnalysisPhase getAnalysisPhase()

Returns the phase that the analyzer is intended to run in.

Returns:

the phase that the analyzer is intended to run in.

getAnalyzerEnabledSettingKey

protected String getAnalyzerEnabledSettingKey()

Returns the key used in the properties file to reference the analyzer's enabled property.

Specified by:

getAnalyzerEnabledSettingKey in class AbstractAnalyzer

Returns:

the analyzer's enabled property setting key

analyzeDependency

protected void analyzeDependency(Dependency dependency,
 Engine engine)
                          throws AnalysisException

Description copied from class: AbstractAnalyzer

Analyzes a given dependency. If the dependency is an archive, such as a WAR or EAR, the contents are extracted, scanned, and added to the list of dependencies within the engine.

Specified by:

analyzeDependency in class AbstractAnalyzer

Parameters:

dependency - the dependency to analyze

engine - the engine scanning

Throws:

AnalysisException - thrown if there is an analysis exception

prepareFileTypeAnalyzer

protected void prepareFileTypeAnalyzer(Engine engine)
                                throws InitializationException

Initializes the file type analyzer.

Specified by:

prepareFileTypeAnalyzer in class AbstractFileTypeAnalyzer

Parameters:

engine - a reference to the dependency-check engine

Throws:

InitializationException - thrown if there is an exception during initialization