diff --git a/ant/src/main/java/org/owasp/dependencycheck/taskdefs/Check.java b/ant/src/main/java/org/owasp/dependencycheck/taskdefs/Check.java index 06dc486bbc..0f1f718609 100644 --- a/ant/src/main/java/org/owasp/dependencycheck/taskdefs/Check.java +++ b/ant/src/main/java/org/owasp/dependencycheck/taskdefs/Check.java @@ -223,6 +223,11 @@ public class Check extends Update { * report. */ private String reportOutputDirectory = "."; + /** + * Specifies a prefix of the filename for the generated Dependency-Check + * report. + */ + private String reportPrefixName = "dependency-check"; /** * If using the JUNIT report format the junitFailOnCVSS sets the CVSS score * threshold that is considered a failure. The default is 0. @@ -610,6 +615,24 @@ public void setReportOutputDirectory(String reportOutputDirectory) { this.reportOutputDirectory = reportOutputDirectory; } + /** + * Get the value of reportPrefixName. + * + * @return the value of reportPrefixName + */ + public String getReportPrefixName() { + return reportPrefixName; + } + + /** + * Set the value of reportPrefixName. + * + * @param reportPrefixName new value of reportPrefixName + */ + public void setReportPrefixName(String reportPrefixName) { + this.reportPrefixName = reportPrefixName; + } + /** * Get the value of failBuildOnCVSS. * @@ -2118,7 +2141,7 @@ protected void executeWithContextClassloader() throws BuildException { final ExceptionCollection exceptions = callExecuteAnalysis(engine); if (exceptions == null || !exceptions.isFatal()) { for (String format : getReportFormats()) { - engine.writeReports(getProjectName(), new File(reportOutputDirectory), format, exceptions); + engine.writeReports(getProjectName(), new File(reportOutputDirectory), reportPrefixName, format, exceptions); } if (this.failBuildOnCVSS <= 10) { checkForFailure(engine.getDependencies()); diff --git a/core/src/main/java/org/owasp/dependencycheck/Engine.java b/core/src/main/java/org/owasp/dependencycheck/Engine.java index eb612b2a6f..2375d6cc13 100644 --- a/core/src/main/java/org/owasp/dependencycheck/Engine.java +++ b/core/src/main/java/org/owasp/dependencycheck/Engine.java @@ -1190,11 +1190,11 @@ private void throwFatalExceptionCollection(String message, @NotNull final Throwa * @param format the report format (see {@link ReportGenerator.Format}) * @throws ReportException thrown if there is an error generating the report * @deprecated use - * {@link #writeReports(java.lang.String, java.io.File, java.lang.String, org.owasp.dependencycheck.exception.ExceptionCollection)} + * {@link #writeReports(java.lang.String, java.io.File, java.lang.String, java.lang.String, org.owasp.dependencycheck.exception.ExceptionCollection)} */ @Deprecated public void writeReports(String applicationName, File outputDir, String format) throws ReportException { - writeReports(applicationName, null, null, null, outputDir, format, null); + writeReports(applicationName, null, null, null, outputDir, "dependency-check", format, null); } //CSOFF: LineLength @@ -1204,13 +1204,14 @@ public void writeReports(String applicationName, File outputDir, String format) * @param applicationName the name of the application/project * @param outputDir the path to the output directory (can include the full * file name if the format is not ALL) + * @param reportPrefixName the prefix of the report filename * @param format the report format (see {@link ReportGenerator.Format}) * @param exceptions a collection of exceptions that may have occurred * during the analysis * @throws ReportException thrown if there is an error generating the report */ - public void writeReports(String applicationName, File outputDir, String format, ExceptionCollection exceptions) throws ReportException { - writeReports(applicationName, null, null, null, outputDir, format, exceptions); + public void writeReports(String applicationName, File outputDir, String reportPrefixName, String format, ExceptionCollection exceptions) throws ReportException { + writeReports(applicationName, null, null, null, outputDir, reportPrefixName, format, exceptions); } //CSON: LineLength @@ -1226,13 +1227,13 @@ public void writeReports(String applicationName, File outputDir, String format, * @param format the report format (see {@link ReportGenerator.Format}) * @throws ReportException thrown if there is an error generating the report * @deprecated use - * {@link #writeReports(String, String, String, String, File, String, ExceptionCollection)} + * {@link #writeReports(String, String, String, String, File, String, String, ExceptionCollection)} */ @Deprecated public synchronized void writeReports(String applicationName, @Nullable final String groupId, @Nullable final String artifactId, @Nullable final String version, @NotNull final File outputDir, String format) throws ReportException { - writeReports(applicationName, groupId, artifactId, version, outputDir, format, null); + writeReports(applicationName, groupId, artifactId, version, outputDir, "dependency-check", format, null); } //CSOFF: LineLength @@ -1245,6 +1246,7 @@ public synchronized void writeReports(String applicationName, @Nullable final St * @param version the Maven version * @param outputDir the path to the output directory (can include the full * file name if the format is not ALL) + * @param reportPrefixName the prefix of the report filename * @param format the report format (see {@link ReportGenerator.Format}) * @param exceptions a collection of exceptions that may have occurred * during the analysis @@ -1252,7 +1254,8 @@ public synchronized void writeReports(String applicationName, @Nullable final St */ public synchronized void writeReports(String applicationName, @Nullable final String groupId, @Nullable final String artifactId, @Nullable final String version, - @NotNull final File outputDir, String format, ExceptionCollection exceptions) throws ReportException { + @NotNull final File outputDir, @NotNull String reportPrefixName, + String format, ExceptionCollection exceptions) throws ReportException { if (mode == Mode.EVIDENCE_COLLECTION) { throw new UnsupportedOperationException("Cannot generate report in evidence collection mode."); } @@ -1261,7 +1264,7 @@ public synchronized void writeReports(String applicationName, @Nullable final St final ReportGenerator r = new ReportGenerator(applicationName, groupId, artifactId, version, dependencies, getAnalyzers(), prop, settings, exceptions); try { - r.write(outputDir.getAbsolutePath(), format); + r.write(outputDir.getAbsolutePath(), reportPrefixName, format); } catch (ReportException ex) { final String msg = String.format("Error generating the report for %s", applicationName); LOGGER.debug(msg, ex); diff --git a/core/src/main/java/org/owasp/dependencycheck/reporting/ReportGenerator.java b/core/src/main/java/org/owasp/dependencycheck/reporting/ReportGenerator.java index 640fbfbdf4..2fc9496d74 100644 --- a/core/src/main/java/org/owasp/dependencycheck/reporting/ReportGenerator.java +++ b/core/src/main/java/org/owasp/dependencycheck/reporting/ReportGenerator.java @@ -22,6 +22,7 @@ import com.fasterxml.jackson.core.JsonParser; import edu.umd.cs.findbugs.annotations.SuppressFBWarnings; import org.apache.commons.io.FilenameUtils; +import org.apache.commons.lang3.StringUtils; import org.apache.commons.text.WordUtils; import org.apache.velocity.VelocityContext; import org.apache.velocity.app.VelocityEngine; @@ -308,13 +309,14 @@ private VelocityEngine createVelocityEngine() { * Writes the dependency-check report to the given output location. * * @param outputLocation the path where the reports should be written + * @param reportPrefixName the prefix of the report filename * @param format the format the report should be written in (a valid member * of {@link Format}) or even the path to a custom velocity template * (either fully qualified or the template name on the class path). * @throws ReportException is thrown if there is an error creating out the * reports */ - public void write(String outputLocation, String format) throws ReportException { + public void write(String outputLocation, String reportPrefixName, String format) throws ReportException { Format reportFormat = null; try { reportFormat = Format.valueOf(format.toUpperCase()); @@ -323,9 +325,9 @@ public void write(String outputLocation, String format) throws ReportException { } if (reportFormat != null) { - write(outputLocation, reportFormat); + write(outputLocation, reportPrefixName, reportFormat); } else { - File out = getReportFile(outputLocation, null); + File out = getReportFile(outputLocation, reportPrefixName, null); if (out.isDirectory()) { out = new File(out, FilenameUtils.getBaseName(format)); LOGGER.warn("Writing non-standard VSL output to a directory using template name as file name."); @@ -340,20 +342,21 @@ public void write(String outputLocation, String format) throws ReportException { * Writes the dependency-check report(s). * * @param outputLocation the path where the reports should be written + * @param reportPrefixName the prefix of the report filename * @param format the format the report should be written in (see * {@link Format}) * @throws ReportException is thrown if there is an error creating out the * reports */ - public void write(String outputLocation, Format format) throws ReportException { + public void write(String outputLocation, String reportPrefixName, Format format) throws ReportException { if (format == Format.ALL) { for (Format f : Format.values()) { if (f != Format.ALL) { - write(outputLocation, f); + write(outputLocation, reportPrefixName, f); } } } else { - final File out = getReportFile(outputLocation, format); + final File out = getReportFile(outputLocation, reportPrefixName, format); final String templateName = format.toString().toLowerCase() + "Report"; LOGGER.info("Writing {} report to: {}", format, out.getAbsolutePath()); processTemplate(templateName, out); @@ -375,38 +378,39 @@ public void write(String outputLocation, Format format) throws ReportException { * will generate the correct name for the given output format. * * @param outputLocation the specified output location + * @param reportPrefixName the prefix of the report filename * @param format the report format * @return the report File */ - public static File getReportFile(String outputLocation, Format format) { + public static File getReportFile(String outputLocation, String reportPrefixName, Format format) { File outFile = new File(outputLocation); if (outFile.getParentFile() == null) { outFile = new File(".", outputLocation); } final String pathToCheck = outputLocation.toLowerCase(); if (format == Format.XML && !pathToCheck.endsWith(".xml")) { - return new File(outFile, "dependency-check-report.xml"); + return new File(outFile, reportPrefixName + "-report.xml"); } if (format == Format.HTML && !pathToCheck.endsWith(".html") && !pathToCheck.endsWith(".htm")) { - return new File(outFile, "dependency-check-report.html"); + return new File(outFile, reportPrefixName + "-report.html"); } if (format == Format.JENKINS && !pathToCheck.endsWith(".html") && !pathToCheck.endsWith(".htm")) { - return new File(outFile, "dependency-check-jenkins.html"); + return new File(outFile, reportPrefixName + "-jenkins.html"); } if (format == Format.JSON && !pathToCheck.endsWith(".json")) { - return new File(outFile, "dependency-check-report.json"); + return new File(outFile, reportPrefixName + "-report.json"); } if (format == Format.CSV && !pathToCheck.endsWith(".csv")) { - return new File(outFile, "dependency-check-report.csv"); + return new File(outFile, reportPrefixName + "-report.csv"); } if (format == Format.JUNIT && !pathToCheck.endsWith(".xml")) { - return new File(outFile, "dependency-check-junit.xml"); + return new File(outFile, reportPrefixName + "-report.xml"); } if (format == Format.SARIF && !pathToCheck.endsWith(".sarif")) { - return new File(outFile, "dependency-check-report.sarif"); + return new File(outFile, reportPrefixName + "-report.sarif"); } if (format == Format.GITLAB && !pathToCheck.endsWith(".json")) { - return new File(outFile, "dependency-check-gitlab.json"); + return new File(outFile, reportPrefixName + "-gitlab.json"); } return outFile; }