Added missing settings in list task. Closes #24

albuch · Aug 3, 2017 · 8a8af67 · 8a8af67
1 parent 72a5a9f
commit 8a8af67
Show file tree

Hide file tree

Showing 7 changed files with 28 additions and 6 deletions.
diff --git a/README.md b/README.md
@@ -71,6 +71,7 @@ dependencyCheckAutoconfAnalyzerEnabled | Sets whether or not the experimental au
 dependencyCheckComposerAnalyzerEnabled | Sets whether or not the experimental PHP Composer Lock File Analyzer should be used. | true
 dependencyCheckNodeAnalyzerEnabled | Sets whether or not the experimental Node.js Analyzer should be used. | true
 dependencyCheckNSPAnalyzerEnabled | Sets whether or not the Node Security Platform (NSP) Analyzer should be used. | true
+dependencyCheckNSPAnalyzerUrl | Sets the URL to the Node Security Platform (NSP) API. If not set uses default URL. | 
 dependencyCheckNuspecAnalyzerEnabled | Sets whether or not the .NET Nuget Nuspec Analyzer will be used. | true
 dependencyCheckCocoapodsEnabled | Sets whether or not the experimental Cocoapods Analyzer should be used. | true
 dependencyCheckSwiftEnabled | Sets whether or not the experimental Swift Package Manager Analyzer should be used. | true

diff --git a/src/main/scala/net/vonbuchholtz/sbt/dependencycheck/DependencyCheckKeys.scala b/src/main/scala/net/vonbuchholtz/sbt/dependencycheck/DependencyCheckKeys.scala
@@ -37,10 +37,11 @@ trait DependencyCheckKeys {
 	lazy val dependencyCheckComposerAnalyzerEnabled = settingKey[Option[Boolean]]("Sets whether or not the experimental PHP Composer Lock File Analyzer should be used. ")
 	lazy val dependencyCheckNodeAnalyzerEnabled = settingKey[Option[Boolean]]("Sets whether or not the experimental Node.js Analyzer should be used. ")
 	lazy val dependencyCheckNSPAnalyzerEnabled = settingKey[Option[Boolean]]("Sets whether or not the Node Security Platform (NSP) Analyzer should be used. ")
+	lazy val dependencyCheckNSPAnalyzerUrl = settingKey[Option[URL]]("Sets the URL to the Node Security Platform (NSP) API. If not set uses default URL.")
 	lazy val dependencyCheckNuspecAnalyzerEnabled = settingKey[Option[Boolean]]("Sets whether or not the .NET Nuget Nuspec Analyzer will be used. ")
 	lazy val dependencyCheckCocoapodsEnabled = settingKey[Option[Boolean]]("Sets whether or not the experimental Cocoapods Analyzer should be used. ")
 	lazy val dependencyCheckSwiftEnabled = settingKey[Option[Boolean]]("Sets whether or not the experimental Swift Package Manager Analyzer should be used. ")
-	lazy val dependencyCheckBundleAuditEnabled = settingKey[Option[Boolean]]("Sets whether or not the experimental Ruby Bundle Audit Analyzer should be used. ")
+	lazy val dependencyCheckBundleAuditEnabled = settingKey[Option[Boolean]]("Sets whether or not the Ruby Bundle Audit Analyzer should be used. ")
 	lazy val dependencyCheckPathToBundleAudit = settingKey[Option[File]]("The path to bundle audit. ")
 	lazy val dependencyCheckAssemblyAnalyzerEnabled = settingKey[Option[Boolean]]("Sets whether or not the .NET Assembly Analyzer should be used. ")
 	lazy val dependencyCheckPathToMono = settingKey[Option[File]]("The path to Mono for .NET assembly analysis on non-windows systems. ")

diff --git a/src/main/scala/net/vonbuchholtz/sbt/dependencycheck/DependencyCheckListSettingsTask.scala b/src/main/scala/net/vonbuchholtz/sbt/dependencycheck/DependencyCheckListSettingsTask.scala
@@ -7,8 +7,9 @@ import org.owasp.dependencycheck.utils.Settings.KEYS._
 import sbt.Logger
 
 object DependencyCheckListSettingsTask {
-  def logSettings(settings: Settings, failBuildOnCVSS: Float, format: String, outputDirectory: String, skip: Boolean,
-                  skipRuntime: Boolean, skipTest: Boolean, skipProvided: Boolean, skipOptional: Boolean, log: Logger): Unit = {
+  def logSettings(settings: Settings, failBuildOnCVSS: Float, format: String, outputDirectory: String, scanSet: Seq[sbt.File],
+                  skip: Boolean, skipRuntime: Boolean, skipTest: Boolean, skipProvided: Boolean, skipOptional: Boolean,
+                  useSbtModuleIdAsGav: Boolean, log: Logger): Unit = {
     // working around threadlocal issue with DependencyCheck's Settings and sbt task dependency system.
     Settings.setInstance(settings)
 
@@ -17,12 +18,13 @@ object DependencyCheckListSettingsTask {
     log.info(s"\tdependencyCheckFailBuildOnCVSS: ${failBuildOnCVSS.toString}")
     log.info(s"\tdependencyCheckFormat: $format")
     log.info(s"\tdependencyCheckOutputDirectory: $outputDirectory")
+    log.info(s"\tdependencyCheckScanSet: ${scanSet.map(f => f.getAbsolutePath).mkString(", ")}")
     log.info(s"\tdependencyCheckSkip: ${skip.toString}")
     log.info(s"\tdependencyCheckSkipTestScope: ${skipTest.toString}")
     log.info(s"\tdependencyCheckSkipRuntimeScope: ${skipRuntime.toString}")
     log.info(s"\tdependencyCheckSkipProvidedScope: ${skipProvided.toString}")
     log.info(s"\tdependencyCheckSkipOptionalScope: ${skipOptional.toString}")
-    logFileSetting(SUPPRESSION_FILE, "dependencyCheckSuppressionFile", log)
+    logFileSetting(SUPPRESSION_FILE, "dependencyCheckSuppressionFile/s", log)
     logFileSetting(HINTS_FILE, "dependencyCheckHintsFile", log)
     logBooleanSetting(ANALYZER_EXPERIMENTAL_ENABLED, "dependencyCheckEnableExperimental", log)
 
@@ -42,6 +44,8 @@ object DependencyCheckListSettingsTask {
     logBooleanSetting(ANALYZER_AUTOCONF_ENABLED, "dependencyCheckAutoconfAnalyzerEnabled", log)
     logBooleanSetting(ANALYZER_COMPOSER_LOCK_ENABLED, "dependencyCheckComposerAnalyzerEnabled", log)
     logBooleanSetting(ANALYZER_NODE_PACKAGE_ENABLED, "dependencyCheckNodeAnalyzerEnabled", log)
+    logBooleanSetting(ANALYZER_NSP_PACKAGE_ENABLED, "dependencyCheckNSPAnalyzerEnabled", log)
+    logUrlSetting(ANALYZER_NSP_URL, "dependencyCheckNSPAnalyzerUrl", log)
     logBooleanSetting(ANALYZER_NUSPEC_ENABLED, "dependencyCheckNuspecAnalyzerEnabled", log)
     logBooleanSetting(ANALYZER_COCOAPODS_ENABLED, "dependencyCheckCocoapodsEnabled", log)
     logBooleanSetting(ANALYZER_SWIFT_PACKAGE_MANAGER_ENABLED, "dependencyCheckSwiftEnabled", log)
@@ -61,6 +65,8 @@ object DependencyCheckListSettingsTask {
     logStringSetting(DB_CONNECTION_STRING, "dependencyCheckConnectionString", log)
     logStringSetting(DB_USER, "dependencyCheckDatabaseUser", log)
     logStringSetting(DB_PASSWORD, "dependencyCheckDatabasePassword", log)
+    log.info(s"\tdependencyCheckUseSbtModuleIdAsGav: ${useSbtModuleIdAsGav.toString}")
+
   }
 
   def logBooleanSetting(key: String, setting: String, log: Logger): Unit = {

diff --git a/src/main/scala/net/vonbuchholtz/sbt/dependencycheck/DependencyCheckPlugin.scala b/src/main/scala/net/vonbuchholtz/sbt/dependencycheck/DependencyCheckPlugin.scala
@@ -55,6 +55,7 @@ object DependencyCheckPlugin extends sbt.AutoPlugin {
     dependencyCheckComposerAnalyzerEnabled := None,
     dependencyCheckNodeAnalyzerEnabled := None,
     dependencyCheckNSPAnalyzerEnabled := None,
+    dependencyCheckNSPAnalyzerUrl := None,
     dependencyCheckNuspecAnalyzerEnabled := None,
     dependencyCheckCocoapodsEnabled := None,
     dependencyCheckSwiftEnabled := None,
@@ -121,6 +122,7 @@ object DependencyCheckPlugin extends sbt.AutoPlugin {
     setBooleanSetting(ANALYZER_COMPOSER_LOCK_ENABLED, dependencyCheckComposerAnalyzerEnabled.value)
     setBooleanSetting(ANALYZER_NODE_PACKAGE_ENABLED, dependencyCheckNodeAnalyzerEnabled.value)
     setBooleanSetting(ANALYZER_NSP_PACKAGE_ENABLED, dependencyCheckNSPAnalyzerEnabled.value)
+    setUrlSetting(ANALYZER_NSP_URL, dependencyCheckNSPAnalyzerUrl.value)
     setBooleanSetting(ANALYZER_NUSPEC_ENABLED, dependencyCheckNuspecAnalyzerEnabled.value)
     setBooleanSetting(ANALYZER_ASSEMBLY_ENABLED, dependencyCheckAssemblyAnalyzerEnabled.value)
     setFileSetting(ANALYZER_ASSEMBLY_MONO_PATH, dependencyCheckPathToMono.value)
@@ -366,8 +368,9 @@ object DependencyCheckPlugin extends sbt.AutoPlugin {
     val settings: Settings = initializeSettings.value
 
     DependencyCheckListSettingsTask.logSettings(settings, dependencyCheckFailBuildOnCVSS.value, dependencyCheckFormat.value,
-      dependencyCheckOutputDirectory.value.getOrElse(new File(".")).getPath, dependencyCheckSkip.value, dependencyCheckSkipRuntimeScope.value,
-      dependencyCheckSkipTestScope.value, dependencyCheckSkipProvidedScope.value, dependencyCheckSkipOptionalScope.value, log)
+      dependencyCheckOutputDirectory.value.getOrElse(new File(".")).getPath, dependencyCheckScanSet.value, dependencyCheckSkip.value,
+      dependencyCheckSkipRuntimeScope.value, dependencyCheckSkipTestScope.value, dependencyCheckSkipProvidedScope.value,
+      dependencyCheckSkipOptionalScope.value, dependencyCheckUseSbtModuleIdAsGav.value.getOrElse(false), log)
   }
 
   def addDependencies(checkClasspath: Set[Attributed[File]], engine: Engine, useSbtModuleIdAsGav: Boolean, log: Logger): Unit = {

diff --git a/src/sbt-test/sbt-dependency-check/listSettings/build.sbt b/src/sbt-test/sbt-dependency-check/listSettings/build.sbt
@@ -0,0 +1,5 @@
+version := "0.1"
+lazy val root = project in file(".")
+scalaVersion := "2.10.6"
+
+dependencyCheckSuppressionFiles := Seq(baseDirectory.value / "src/main/resources", baseDirectory.value / "src/app/")
diff --git a/src/sbt-test/sbt-dependency-check/listSettings/project/plugins.sbt b/src/sbt-test/sbt-dependency-check/listSettings/project/plugins.sbt
@@ -0,0 +1,5 @@
+sys.props.get("plugin.version") match {
+  case Some(x) => addSbtPlugin("net.vonbuchholtz" % "sbt-dependency-check" % x)
+  case _ => sys.error("""|The system property 'plugin.version' is not defined.
+                        |Specify this property using the scriptedLaunchOpts -D.""".stripMargin)
+}
diff --git a/src/sbt-test/sbt-dependency-check/listSettings/test b/src/sbt-test/sbt-dependency-check/listSettings/test
@@ -0,0 +1 @@
+> dependencyCheckListSettings