| Package | Description |
|---|---|
| org.owasp.dependencycheck.analyzer |
Analyzers are used to inspect the identified dependencies, collect Evidence, and process the dependencies.
|
| Modifier and Type | Method and Description |
|---|---|
protected List<JarAnalyzer.ClassNameInformation> |
JarAnalyzer.collectClassNames(Dependency dependency)
Cycles through an enumeration of JarEntries, contained within the
dependency, and returns a list of the class names.
|
| Modifier and Type | Method and Description |
|---|---|
protected static void |
JarAnalyzer.addMatchingValues(List<JarAnalyzer.ClassNameInformation> classes,
String value,
Dependency dep,
EvidenceType type)
Cycles through the collection of class name information to see if parts
of the package names are contained in the provided value.
|
protected void |
JarAnalyzer.analyzePackageNames(List<JarAnalyzer.ClassNameInformation> classNames,
Dependency dependency,
boolean addPackagesAsEvidence)
Analyzes the path information of the classes contained within the
JarAnalyzer to try and determine possible vendor or product names.
|
protected boolean |
JarAnalyzer.analyzePOM(Dependency dependency,
List<JarAnalyzer.ClassNameInformation> classes,
Engine engine)
Attempts to find a pom.xml within the JAR file.
|
protected boolean |
JarAnalyzer.parseManifest(Dependency dependency,
List<JarAnalyzer.ClassNameInformation> classInformation)
Reads the manifest from the JAR file and collects the entries.
|
static boolean |
JarAnalyzer.setPomEvidence(Dependency dependency,
Model pom,
List<JarAnalyzer.ClassNameInformation> classes,
boolean isMainPom)
Sets evidence from the pom on the supplied dependency.
|
Copyright © 2012–2020 OWASP. All rights reserved.