Class PythonDistributionAnalyzer

java.lang.Object
org.owasp.dependencycheck.analyzer.AbstractAnalyzer
org.owasp.dependencycheck.analyzer.AbstractFileTypeAnalyzer
org.owasp.dependencycheck.analyzer.PythonDistributionAnalyzer
All Implemented Interfaces:
FileFilter, Analyzer, FileTypeAnalyzer
@ThreadSafe public class PythonDistributionAnalyzer extends AbstractFileTypeAnalyzer
Used to analyze a Wheel or egg distribution files, or their contents in unzipped form, and collect information that can be used to determine the associated CPE.
Author:
Dale Visser

  • Field Details

    • DEPENDENCY_ECOSYSTEM

      public static final String DEPENDENCY_ECOSYSTEM
      A descriptor for the type of dependencies processed or added by this analyzer.
      See Also:

  • Constructor Details

    • PythonDistributionAnalyzer

      public PythonDistributionAnalyzer()

  • Method Details

    • getFileFilter

      protected FileFilter getFileFilter()
      Returns the FileFilter
      Specified by:
      getFileFilter in class AbstractFileTypeAnalyzer
      Returns:
      the FileFilter

    • getName

      public String getName()
      Returns the name of the analyzer.
      Returns:
      the name of the analyzer.

    • getAnalysisPhase

      public AnalysisPhase getAnalysisPhase()
      Returns the phase that the analyzer is intended to run in.
      Returns:
      the phase that the analyzer is intended to run in.

    • getAnalyzerEnabledSettingKey

      protected String getAnalyzerEnabledSettingKey()
      Returns the key used in the properties file to reference the analyzer's enabled property.
      Specified by:
      getAnalyzerEnabledSettingKey in class AbstractAnalyzer
      Returns:
      the analyzer's enabled property setting key

    • analyzeDependency

      protected void analyzeDependency(Dependency dependency, Engine engine) throws AnalysisException
      Description copied from class: AbstractAnalyzer
      Analyzes a given dependency. If the dependency is an archive, such as a WAR or EAR, the contents are extracted, scanned, and added to the list of dependencies within the engine.
      Specified by:
      analyzeDependency in class AbstractAnalyzer
      Parameters:
      dependency - the dependency to analyze
      engine - the engine scanning
      Throws:
      AnalysisException - thrown if there is an analysis exception

    • prepareFileTypeAnalyzer

      protected void prepareFileTypeAnalyzer(Engine engine) throws InitializationException
      Makes sure a usable temporary directory is available.
      Specified by:
      prepareFileTypeAnalyzer in class AbstractFileTypeAnalyzer
      Parameters:
      engine - a reference to the dependency-check engine
      Throws:
      InitializationException - an AnalyzeException is thrown when the temp directory cannot be created

    • closeAnalyzer

      public void closeAnalyzer()
      Deletes any files extracted from the Wheel during analysis.
      Overrides:
      closeAnalyzer in class AbstractAnalyzer