org.owasp.dependencycheck.xml.suppression

Class SuppressionRule

java.lang.Object

org.owasp.dependencycheck.xml.suppression.SuppressionRule

@NotThreadSafe
public class SuppressionRule
extends Object

Author:

Jeremy Long

Constructor Summary

Constructors

Constructor and Description
SuppressionRule()

Method Summary

Modifier and Type	Method and Description
void	addCpe(PropertyType cpe) Adds the CPE to the CPE list.
void	addCve(String cve) Adds the CVE to the CVE list.
void	addCvssBelow(Float cvss) Adds the CVSS to the cvssBelow list.
void	addCwe(String cwe) Adds the CWE to the CWE list.
void	addNotes(String notes) Adds the notes to the cve list.
void	addVulnerabilityName(PropertyType name) Adds the CPE to the CPE list.
protected boolean	cpeHasNoVersion(PropertyType c) Identifies if the cpe specified by the cpe suppression rule does not specify a version.
List<PropertyType>	getCpe() Get the value of CPE.
List<String>	getCve() Get the value of CVE.
List<Float>	getCvssBelow() Get the value of cvssBelow.
List<String>	getCwe() Get the value of CWE.
PropertyType	getFilePath() Get the value of filePath.
PropertyType	getGav() Get the value of Maven GAV.
String	getNotes() Get the value of notes.
String	getSha1() Get the value of sha1.
Calendar	getUntil() Get the (@code{nullable}) value of until.
boolean	hasCpe() Returns whether or not this suppression rule as CPE entries.
boolean	hasCve() Returns whether this suppression rule has CVE entries.
boolean	hasCvssBelow() Returns whether or not this suppression rule has CVSS suppressions.
boolean	hasCwe() Returns whether this suppression rule has CWE entries.
boolean	hasGav() Returns whether or not this suppression rule as GAV entries.
boolean	hasNotes() Returns whether this suppression rule has notes entries.
boolean	hasPackageUrl() Returns whether or not this suppression rule as packageUrl entries.
boolean	hasVulnerabilityName() Returns whether this suppression rule has vulnerabilityName entries.
protected boolean	identifierMatches(PropertyType suppressionEntry, Identifier identifier) Determines if the cpeEntry specified as a PropertyType matches the given Identifier.
boolean	isBase() Get the value of base.
void	process(Dependency dependency) Processes a given dependency to determine if any CPE, CVE, CWE, or CVSS scores should be suppressed.
protected boolean	purlMatches(PropertyType suppressionEntry, Identifier identifier) Determines if the cpeEntry specified as a PropertyType matches the given Identifier.
void	setBase(boolean base) Set the value of base.
void	setCpe(List<PropertyType> cpe) Set the value of CPE.
void	setCve(List<String> cve) Set the value of CVE.
void	setCvssBelow(List<Float> cvssBelow) Set the value of cvssBelow.
void	setCwe(List<String> cwe) Set the value of CWE.
void	setFilePath(PropertyType filePath) Set the value of filePath.
void	setGav(PropertyType gav) Set the value of Maven GAV.
void	setNotes(String notes) Set the value of notes.
void	setPackageUrl(PropertyType purl) Set the value of Package URL.
void	setSha1(String sha1) Set the value of SHA1.
void	setUntil(Calendar until) Set the value of until.
String	toString() Standard toString implementation.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

SuppressionRule

public SuppressionRule()

Method Detail

getUntil

public Calendar getUntil()

Get the (@code{nullable}) value of until.

Returns:

the value of until

setUntil

public void setUntil(Calendar until)

Set the value of until.

Parameters:

until - new value of until

getFilePath

public PropertyType getFilePath()

Get the value of filePath.

Returns:

the value of filePath

setFilePath

public void setFilePath(PropertyType filePath)

Set the value of filePath.

Parameters:

filePath - new value of filePath

getSha1

public String getSha1()

Get the value of sha1.

Returns:

the value of sha1

setSha1

public void setSha1(String sha1)

Set the value of SHA1.

Parameters:

sha1 - new value of SHA1

getCpe

public List<PropertyType> getCpe()

Get the value of CPE.

Returns:

the value of CPE

setCpe

public void setCpe(List<PropertyType> cpe)

Set the value of CPE.

Parameters:

cpe - new value of CPE

addCpe

public void addCpe(PropertyType cpe)

Adds the CPE to the CPE list.

Parameters:

cpe - the CPE to add

addVulnerabilityName

public void addVulnerabilityName(PropertyType name)

Adds the CPE to the CPE list.

Parameters:

name - the vulnerability name to add

hasCpe

public boolean hasCpe()

Returns whether or not this suppression rule as CPE entries.

Returns:

whether or not this suppression rule as CPE entries

getCvssBelow

public List<Float> getCvssBelow()

Get the value of cvssBelow.

Returns:

the value of cvssBelow

setCvssBelow

public void setCvssBelow(List<Float> cvssBelow)

Set the value of cvssBelow.

Parameters:

cvssBelow - new value of cvssBelow

addCvssBelow

public void addCvssBelow(Float cvss)

Adds the CVSS to the cvssBelow list.

Parameters:

cvss - the CVSS to add

hasCvssBelow

public boolean hasCvssBelow()

Returns whether or not this suppression rule has CVSS suppressions.

Returns:

whether or not this suppression rule has CVSS suppressions

getNotes

public String getNotes()

Get the value of notes.

Returns:

the value of notes

setNotes

public void setNotes(String notes)

Set the value of notes.

Parameters:

notes - new value of cve

addNotes

public void addNotes(String notes)

Adds the notes to the cve list.

Parameters:

notes - the cve to add

hasNotes

public boolean hasNotes()

Returns whether this suppression rule has notes entries.

Returns:

whether this suppression rule has notes entries

getCwe

public List<String> getCwe()

Get the value of CWE.

Returns:

the value of CWE

setCwe

public void setCwe(List<String> cwe)

Set the value of CWE.

Parameters:

cwe - new value of CWE

addCwe

public void addCwe(String cwe)

Adds the CWE to the CWE list.

Parameters:

cwe - the CWE to add

hasCwe

public boolean hasCwe()

Returns whether this suppression rule has CWE entries.

Returns:

whether this suppression rule has CWE entries

getCve

public List<String> getCve()

Get the value of CVE.

Returns:

the value of CVE

setCve

public void setCve(List<String> cve)

Set the value of CVE.

Parameters:

cve - new value of CVE

addCve

public void addCve(String cve)

Adds the CVE to the CVE list.

Parameters:

cve - the CVE to add

hasCve

public boolean hasCve()

Returns whether this suppression rule has CVE entries.

Returns:

whether this suppression rule has CVE entries

hasVulnerabilityName

public boolean hasVulnerabilityName()

Returns whether this suppression rule has vulnerabilityName entries.

Returns:

whether this suppression rule has vulnerabilityName entries

getGav

public PropertyType getGav()

Get the value of Maven GAV.

Returns:

the value of GAV

setGav

public void setGav(PropertyType gav)

Set the value of Maven GAV.

Parameters:

gav - new value of Maven GAV

hasGav

public boolean hasGav()

Returns whether or not this suppression rule as GAV entries.

Returns:

whether or not this suppression rule as GAV entries

setPackageUrl

public void setPackageUrl(PropertyType purl)

Set the value of Package URL.

Parameters:

purl - new value of package URL

hasPackageUrl

public boolean hasPackageUrl()

Returns whether or not this suppression rule as packageUrl entries.

Returns:

whether or not this suppression rule as packageUrl entries

isBase

public boolean isBase()

Get the value of base.

Returns:

the value of base

setBase

public void setBase(boolean base)

Set the value of base.

Parameters:

base - new value of base

process

public void process(Dependency dependency)

Processes a given dependency to determine if any CPE, CVE, CWE, or CVSS scores should be suppressed. If any should be, they are removed from the dependency.

Parameters:

dependency - a project dependency to analyze

cpeHasNoVersion

protected boolean cpeHasNoVersion(PropertyType c)

Identifies if the cpe specified by the cpe suppression rule does not specify a version.

Parameters:

c - a suppression rule identifier

Returns:

true if the property type does not specify a version; otherwise false

purlMatches

protected boolean purlMatches(PropertyType suppressionEntry,
                              Identifier identifier)

Determines if the cpeEntry specified as a PropertyType matches the given Identifier.

Parameters:

suppressionEntry - a suppression rule entry

identifier - a CPE identifier to check

Returns:

true if the entry matches; otherwise false

identifierMatches

protected boolean identifierMatches(PropertyType suppressionEntry,
                                    Identifier identifier)

Determines if the cpeEntry specified as a PropertyType matches the given Identifier.

Parameters:

suppressionEntry - a suppression rule entry

identifier - a CPE identifier to check

Returns:

true if the entry matches; otherwise false

toString

public String toString()

Standard toString implementation.

Overrides:

toString in class Object

Returns:

a string representation of this object