class Pipeline::OWASPDependencyCheck

Public Class Methods

new(trigger,tracker) click to toggle source
Calls superclass method Pipeline::BaseTask::new
# File lib/pipeline/tasks/owasp-dep-check.rb, line 76
def initialize(trigger,tracker)
  super(trigger,tracker)
  @name = "OWASP Dependency Check"
  @description = "Dependency analysis for Java and .NET"
  @stage = :code
  @labels << "code" << "java" << ".net"
end

Public Instance Methods

analyze() click to toggle source
# File lib/pipeline/tasks/owasp-dep-check.rb, line 90
def analyze
  path = @trigger.path + "/dependency-check-report.xml"
  begin
    Pipeline.debug "Parsing report #{path}"
    get_warnings(path)
  rescue Exception => e
    Pipeline.notify "Problem running OWASP Dep Check ... skipped."
    Pipeline.notify e.message
    raise e
  end
end
get_warnings(path) click to toggle source
# File lib/pipeline/tasks/owasp-dep-check.rb, line 112
def get_warnings(path)
  listener = Pipeline::DepCheckListener.new(self)
  parser = Parsers::StreamParser.new(File.new(path), listener)
  parser.parse
end
run() click to toggle source
# File lib/pipeline/tasks/owasp-dep-check.rb, line 84
def run
  Pipeline.notify "#{@name}"
  rootpath = @trigger.path
  @result= runsystem(true, "/home/pipe/line/tools/dependency-check/bin/dependency-check.sh", "-a", "pipeline", "-f", "XML", "-out", "#{rootpath}", "-s", "#{rootpath}")
end
supported?() click to toggle source
# File lib/pipeline/tasks/owasp-dep-check.rb, line 102
def supported?
  supported=runsystem(true, "/home/pipe/line/tools//dependency-check/bin/dependency-check.sh", "-v")
  if supported =~ /command not found/
    Pipeline.notify "Install dependency-check."
    return false
  else
    return true
  end
end