@Override public boolean meetsCondition(HttpResponse _response) { if(_response==null || !_response.hasBody()) return false; boolean meets = false; Library backend_lib = (Library) JacksonUtil.asObject(_response.getBody(), Library.class); //int existing_constructs = backend_lib.countConstructTypes().countTotal(); constructs_count = (this.lib.getConstructs()==null ? 0 : this.lib.getConstructs().size()); ContentCondition c = new ContentCondition("\\\"countTotal\\\"\\s*:\\s*([\\d]*)", ContentCondition.Mode.LT_DOUBLE, Integer.toString(constructs_count)); if(c.meetsCondition(_response)) meets = true; else if(backend_lib.getLibraryId()==null && this.lib.getLibraryId()!=null){ meets = true; } return meets; }
/** * Filter the given packages according to whether the artifact name is (or is not, depending on the boolean flag) contained in the given filter. * @param _packages * @param _filter * @param _include * @return */ public static Set<PipInstalledPackage> filterUsingArtifact(Set<PipInstalledPackage> _packages, StringList _filter, boolean _include) { final Set<PipInstalledPackage> r = new HashSet<PipInstalledPackage>(); for(PipInstalledPackage p: _packages) { try { if(_include) { if(_filter.contains(p.getLibrary().getLibraryId().getArtifact())) r.add(p); } else { if(!_filter.contains(p.getLibrary().getLibraryId().getArtifact())) r.add(p); } } catch (FileAnalysisException e) { log.error("Error getting library ID of package [" + p + "]: " + e.getMessage(), e); } } return r; }
dep_for_path.put(a.getFile().toPath(), dep); getLog().info("Dependency [" + StringUtil.padLeft(++count, 4) + "]: Dependency [libid=" + dep.getLib().getLibraryId() + ", path " + a.getFile().getPath() + ", direct=" + direct_artifacts.contains(a) + ", scope=" + dep.getScope() + "] created for Maven artifact [g=" + a.getGroupId() + ", a=" + a.getArtifactId() + ", base version=" + a.getBaseVersion() + ", version=" + a.getVersion() + ", classifier=" + a.getClassifier() + "]"); getLog().info(" " + this.trailToString(a.getDependencyTrail(), " => "));
ja.setLibraryId(this.getMavenDependency(p).getLib().getLibraryId());
.getVulnDeps(Boolean.valueOf(true)); for (VulnerableDependency vd : unconfirmedBugs) { if (vd.getDep().getLib().getLibraryId() != null) { if (!contained.contains(vd.getBug().getBugId())) { bugsToAnalyze.add(new Bug(vd.getBug().getBugId(), null));
for ( Library l : newApiLibraries ){ if ( l.getLibraryId() != null && !libraryIdsToCheck.contains(l.getLibraryId()) ){ libraryIdsToCheck.add(l.getLibraryId()); String key = l.getLibraryId().getMvnGroup()+":"+l.getLibraryId().getArtifact(); if ( !groupsArtifactsToCheck.containsKey(key) ){ groupsArtifactsToCheck.put(key, l.getLibraryId());
if( (a.getLibraryId()!=null && l.getLibraryId()==null && a.getLibraryId().getMvnGroup().equals("org.apache.tomcat") && a.getLibraryId().getVersion().equals(version)) || (a.getLibraryId()!=null && l.getLibraryId()!=null && a.getLibraryId().getMvnGroup().equals("org.apache.tomcat") && a.getLibraryId().getArtifact().startsWith("tomcat-") && l.getLibraryId().getMvnGroup().equals("p2.eclipse-plugin") && l.getLibraryId().getArtifact().substring(0,l.getLibraryId().getArtifact().lastIndexOf(".")).equals("org.apache") && l.getLibraryId().getArtifact().substring(l.getLibraryId().getArtifact().lastIndexOf(".")+1, l.getLibraryId().getArtifact().length()).equals(a.getLibraryId().getArtifact().substring(a.getLibraryId().getArtifact().lastIndexOf("-")+1,a.getLibraryId().getArtifact().length())) && a.getLibraryId().getVersion().equals(version)) ){
if(v.getDep().getLib().getLibraryId()!=null && this.isAmongAggregatedModules(v.getDep().getLib().getLibraryId())) log.warn("Skipping [" + v.getBug().getBugId() + "] for dependency of " + prj + " on " + v.getDep().getLib().getLibraryId() + ", the latter is one of the aggregated modules"); else added_av.addAnalysis(v);
if(a.getLibraryId()!=null && dep.getLib()!=null && dep.getLib().getLibraryId()!=null) { if(a.getLibraryId().equals(dep.getLib().getLibraryId())) {