Skip to content

Commit

Permalink
feat: Support report prefix filename (#2634)
Browse files Browse the repository at this point in the history
  • Loading branch information
Antoine Lange committed Dec 18, 2024
1 parent 2328da1 commit d0b778d
Show file tree
Hide file tree
Showing 3 changed files with 54 additions and 24 deletions.
25 changes: 24 additions & 1 deletion ant/src/main/java/org/owasp/dependencycheck/taskdefs/Check.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -223,6 +223,11 @@ public class Check extends Update {
* report.
*/
private String reportOutputDirectory = ".";
/**
* Specifies a prefix of the filename for the generated Dependency-Check
* report.
*/
private String reportPrefixName = "dependency-check";
/**
* If using the JUNIT report format the junitFailOnCVSS sets the CVSS score
* threshold that is considered a failure. The default is 0.
Expand Down Expand Up @@ -610,6 +615,24 @@ public void setReportOutputDirectory(String reportOutputDirectory) {
this.reportOutputDirectory = reportOutputDirectory;
}

/**
* Get the value of reportPrefixName.
*
* @return the value of reportPrefixName
*/
public String getReportPrefixName() {
return reportPrefixName;
}

/**
* Set the value of reportPrefixName.
*
* @param reportPrefixName new value of reportPrefixName
*/
public void setReportPrefixName(String reportPrefixName) {
this.reportPrefixName = reportPrefixName;
}

/**
* Get the value of failBuildOnCVSS.
*
Expand Down Expand Up @@ -2118,7 +2141,7 @@ protected void executeWithContextClassloader() throws BuildException {
final ExceptionCollection exceptions = callExecuteAnalysis(engine);
if (exceptions == null || !exceptions.isFatal()) {
for (String format : getReportFormats()) {
engine.writeReports(getProjectName(), new File(reportOutputDirectory), format, exceptions);
engine.writeReports(getProjectName(), new File(reportOutputDirectory), reportPrefixName, format, exceptions);
}
if (this.failBuildOnCVSS <= 10) {
checkForFailure(engine.getDependencies());
Expand Down
19 changes: 11 additions & 8 deletions core/src/main/java/org/owasp/dependencycheck/Engine.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1190,11 +1190,11 @@ private void throwFatalExceptionCollection(String message, @NotNull final Throwa
* @param format the report format (see {@link ReportGenerator.Format})
* @throws ReportException thrown if there is an error generating the report
* @deprecated use
* {@link #writeReports(java.lang.String, java.io.File, java.lang.String, org.owasp.dependencycheck.exception.ExceptionCollection)}
* {@link #writeReports(java.lang.String, java.io.File, java.lang.String, java.lang.String, org.owasp.dependencycheck.exception.ExceptionCollection)}
*/
@Deprecated
public void writeReports(String applicationName, File outputDir, String format) throws ReportException {
writeReports(applicationName, null, null, null, outputDir, format, null);
writeReports(applicationName, null, null, null, outputDir, "dependency-check", format, null);
}

//CSOFF: LineLength
Expand All @@ -1204,13 +1204,14 @@ public void writeReports(String applicationName, File outputDir, String format)
* @param applicationName the name of the application/project
* @param outputDir the path to the output directory (can include the full
* file name if the format is not ALL)
* @param reportPrefixName the prefix of the report filename
* @param format the report format (see {@link ReportGenerator.Format})
* @param exceptions a collection of exceptions that may have occurred
* during the analysis
* @throws ReportException thrown if there is an error generating the report
*/
public void writeReports(String applicationName, File outputDir, String format, ExceptionCollection exceptions) throws ReportException {
writeReports(applicationName, null, null, null, outputDir, format, exceptions);
public void writeReports(String applicationName, File outputDir, String reportPrefixName, String format, ExceptionCollection exceptions) throws ReportException {
writeReports(applicationName, null, null, null, outputDir, reportPrefixName, format, exceptions);
}
//CSON: LineLength

Expand All @@ -1226,13 +1227,13 @@ public void writeReports(String applicationName, File outputDir, String format,
* @param format the report format (see {@link ReportGenerator.Format})
* @throws ReportException thrown if there is an error generating the report
* @deprecated use
* {@link #writeReports(String, String, String, String, File, String, ExceptionCollection)}
* {@link #writeReports(String, String, String, String, File, String, String, ExceptionCollection)}
*/
@Deprecated
public synchronized void writeReports(String applicationName, @Nullable final String groupId,
@Nullable final String artifactId, @Nullable final String version,
@NotNull final File outputDir, String format) throws ReportException {
writeReports(applicationName, groupId, artifactId, version, outputDir, format, null);
writeReports(applicationName, groupId, artifactId, version, outputDir, "dependency-check", format, null);
}

//CSOFF: LineLength
Expand All @@ -1245,14 +1246,16 @@ public synchronized void writeReports(String applicationName, @Nullable final St
* @param version the Maven version
* @param outputDir the path to the output directory (can include the full
* file name if the format is not ALL)
* @param reportPrefixName the prefix of the report filename
* @param format the report format (see {@link ReportGenerator.Format})
* @param exceptions a collection of exceptions that may have occurred
* during the analysis
* @throws ReportException thrown if there is an error generating the report
*/
public synchronized void writeReports(String applicationName, @Nullable final String groupId,
@Nullable final String artifactId, @Nullable final String version,
@NotNull final File outputDir, String format, ExceptionCollection exceptions) throws ReportException {
@NotNull final File outputDir, @NotNull String reportPrefixName,
String format, ExceptionCollection exceptions) throws ReportException {
if (mode == Mode.EVIDENCE_COLLECTION) {
throw new UnsupportedOperationException("Cannot generate report in evidence collection mode.");
}
Expand All @@ -1261,7 +1264,7 @@ public synchronized void writeReports(String applicationName, @Nullable final St
final ReportGenerator r = new ReportGenerator(applicationName, groupId, artifactId, version,
dependencies, getAnalyzers(), prop, settings, exceptions);
try {
r.write(outputDir.getAbsolutePath(), format);
r.write(outputDir.getAbsolutePath(), reportPrefixName, format);
} catch (ReportException ex) {
final String msg = String.format("Error generating the report for %s", applicationName);
LOGGER.debug(msg, ex);
Expand Down
34 changes: 19 additions & 15 deletions core/src/main/java/org/owasp/dependencycheck/reporting/ReportGenerator.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@
import com.fasterxml.jackson.core.JsonParser;
import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import org.apache.commons.io.FilenameUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.text.WordUtils;
import org.apache.velocity.VelocityContext;
import org.apache.velocity.app.VelocityEngine;
Expand Down Expand Up @@ -308,13 +309,14 @@ private VelocityEngine createVelocityEngine() {
* Writes the dependency-check report to the given output location.
*
* @param outputLocation the path where the reports should be written
* @param reportPrefixName the prefix of the report filename
* @param format the format the report should be written in (a valid member
* of {@link Format}) or even the path to a custom velocity template
* (either fully qualified or the template name on the class path).
* @throws ReportException is thrown if there is an error creating out the
* reports
*/
public void write(String outputLocation, String format) throws ReportException {
public void write(String outputLocation, String reportPrefixName, String format) throws ReportException {
Format reportFormat = null;
try {
reportFormat = Format.valueOf(format.toUpperCase());
Expand All @@ -323,9 +325,9 @@ public void write(String outputLocation, String format) throws ReportException {
}

if (reportFormat != null) {
write(outputLocation, reportFormat);
write(outputLocation, reportPrefixName, reportFormat);
} else {
File out = getReportFile(outputLocation, null);
File out = getReportFile(outputLocation, reportPrefixName, null);
if (out.isDirectory()) {
out = new File(out, FilenameUtils.getBaseName(format));
LOGGER.warn("Writing non-standard VSL output to a directory using template name as file name.");
Expand All @@ -340,20 +342,21 @@ public void write(String outputLocation, String format) throws ReportException {
* Writes the dependency-check report(s).
*
* @param outputLocation the path where the reports should be written
* @param reportPrefixName the prefix of the report filename
* @param format the format the report should be written in (see
* {@link Format})
* @throws ReportException is thrown if there is an error creating out the
* reports
*/
public void write(String outputLocation, Format format) throws ReportException {
public void write(String outputLocation, String reportPrefixName, Format format) throws ReportException {
if (format == Format.ALL) {
for (Format f : Format.values()) {
if (f != Format.ALL) {
write(outputLocation, f);
write(outputLocation, reportPrefixName, f);
}
}
} else {
final File out = getReportFile(outputLocation, format);
final File out = getReportFile(outputLocation, reportPrefixName, format);
final String templateName = format.toString().toLowerCase() + "Report";
LOGGER.info("Writing {} report to: {}", format, out.getAbsolutePath());
processTemplate(templateName, out);
Expand All @@ -375,38 +378,39 @@ public void write(String outputLocation, Format format) throws ReportException {
* will generate the correct name for the given output format.
*
* @param outputLocation the specified output location
* @param reportPrefixName the prefix of the report filename
* @param format the report format
* @return the report File
*/
public static File getReportFile(String outputLocation, Format format) {
public static File getReportFile(String outputLocation, String reportPrefixName, Format format) {
File outFile = new File(outputLocation);
if (outFile.getParentFile() == null) {
outFile = new File(".", outputLocation);
}
final String pathToCheck = outputLocation.toLowerCase();
if (format == Format.XML && !pathToCheck.endsWith(".xml")) {
return new File(outFile, "dependency-check-report.xml");
return new File(outFile, reportPrefixName + "-report.xml");
}
if (format == Format.HTML && !pathToCheck.endsWith(".html") && !pathToCheck.endsWith(".htm")) {
return new File(outFile, "dependency-check-report.html");
return new File(outFile, reportPrefixName + "-report.html");
}
if (format == Format.JENKINS && !pathToCheck.endsWith(".html") && !pathToCheck.endsWith(".htm")) {
return new File(outFile, "dependency-check-jenkins.html");
return new File(outFile, reportPrefixName + "-jenkins.html");
}
if (format == Format.JSON && !pathToCheck.endsWith(".json")) {
return new File(outFile, "dependency-check-report.json");
return new File(outFile, reportPrefixName + "-report.json");
}
if (format == Format.CSV && !pathToCheck.endsWith(".csv")) {
return new File(outFile, "dependency-check-report.csv");
return new File(outFile, reportPrefixName + "-report.csv");
}
if (format == Format.JUNIT && !pathToCheck.endsWith(".xml")) {
return new File(outFile, "dependency-check-junit.xml");
return new File(outFile, reportPrefixName + "-report.xml");
}
if (format == Format.SARIF && !pathToCheck.endsWith(".sarif")) {
return new File(outFile, "dependency-check-report.sarif");
return new File(outFile, reportPrefixName + "-report.sarif");
}
if (format == Format.GITLAB && !pathToCheck.endsWith(".json")) {
return new File(outFile, "dependency-check-gitlab.json");
return new File(outFile, reportPrefixName + "-gitlab.json");
}
return outFile;
}
Expand Down

0 comments on commit d0b778d

Please sign in to comment.