From 8a8af67ca816328344aedbcf1163bb616fc14f2d Mon Sep 17 00:00:00 2001
From: albuch <albuch@users.noreply.github.com>
Date: Thu, 3 Aug 2017 21:45:25 +0200
Subject: [PATCH] Added missing settings in list task. Closes #24

---
 README.md                                            |  1 +
 .../sbt/dependencycheck/DependencyCheckKeys.scala    |  3 ++-
 .../DependencyCheckListSettingsTask.scala            | 12 +++++++++---
 .../sbt/dependencycheck/DependencyCheckPlugin.scala  |  7 +++++--
 .../sbt-dependency-check/listSettings/build.sbt      |  5 +++++
 .../listSettings/project/plugins.sbt                 |  5 +++++
 src/sbt-test/sbt-dependency-check/listSettings/test  |  1 +
 7 files changed, 28 insertions(+), 6 deletions(-)
 create mode 100644 src/sbt-test/sbt-dependency-check/listSettings/build.sbt
 create mode 100644 src/sbt-test/sbt-dependency-check/listSettings/project/plugins.sbt
 create mode 100644 src/sbt-test/sbt-dependency-check/listSettings/test

diff --git a/README.md b/README.md
index 2719b76..55884b3 100644
--- a/README.md
+++ b/README.md
@@ -71,6 +71,7 @@ dependencyCheckAutoconfAnalyzerEnabled | Sets whether or not the experimental au
 dependencyCheckComposerAnalyzerEnabled | Sets whether or not the experimental PHP Composer Lock File Analyzer should be used. | true
 dependencyCheckNodeAnalyzerEnabled | Sets whether or not the experimental Node.js Analyzer should be used. | true
 dependencyCheckNSPAnalyzerEnabled | Sets whether or not the Node Security Platform (NSP) Analyzer should be used. | true
+dependencyCheckNSPAnalyzerUrl | Sets the URL to the Node Security Platform (NSP) API. If not set uses default URL. | 
 dependencyCheckNuspecAnalyzerEnabled | Sets whether or not the .NET Nuget Nuspec Analyzer will be used. | true
 dependencyCheckCocoapodsEnabled | Sets whether or not the experimental Cocoapods Analyzer should be used. | true
 dependencyCheckSwiftEnabled | Sets whether or not the experimental Swift Package Manager Analyzer should be used. | true
diff --git a/src/main/scala/net/vonbuchholtz/sbt/dependencycheck/DependencyCheckKeys.scala b/src/main/scala/net/vonbuchholtz/sbt/dependencycheck/DependencyCheckKeys.scala
index 68ce344..f461163 100644
--- a/src/main/scala/net/vonbuchholtz/sbt/dependencycheck/DependencyCheckKeys.scala
+++ b/src/main/scala/net/vonbuchholtz/sbt/dependencycheck/DependencyCheckKeys.scala
@@ -37,10 +37,11 @@ trait DependencyCheckKeys {
 	lazy val dependencyCheckComposerAnalyzerEnabled = settingKey[Option[Boolean]]("Sets whether or not the experimental PHP Composer Lock File Analyzer should be used. ")
 	lazy val dependencyCheckNodeAnalyzerEnabled = settingKey[Option[Boolean]]("Sets whether or not the experimental Node.js Analyzer should be used. ")
 	lazy val dependencyCheckNSPAnalyzerEnabled = settingKey[Option[Boolean]]("Sets whether or not the Node Security Platform (NSP) Analyzer should be used. ")
+	lazy val dependencyCheckNSPAnalyzerUrl = settingKey[Option[URL]]("Sets the URL to the Node Security Platform (NSP) API. If not set uses default URL.")
 	lazy val dependencyCheckNuspecAnalyzerEnabled = settingKey[Option[Boolean]]("Sets whether or not the .NET Nuget Nuspec Analyzer will be used. ")
 	lazy val dependencyCheckCocoapodsEnabled = settingKey[Option[Boolean]]("Sets whether or not the experimental Cocoapods Analyzer should be used. ")
 	lazy val dependencyCheckSwiftEnabled = settingKey[Option[Boolean]]("Sets whether or not the experimental Swift Package Manager Analyzer should be used. ")
-	lazy val dependencyCheckBundleAuditEnabled = settingKey[Option[Boolean]]("Sets whether or not the experimental Ruby Bundle Audit Analyzer should be used. ")
+	lazy val dependencyCheckBundleAuditEnabled = settingKey[Option[Boolean]]("Sets whether or not the Ruby Bundle Audit Analyzer should be used. ")
 	lazy val dependencyCheckPathToBundleAudit = settingKey[Option[File]]("The path to bundle audit. ")
 	lazy val dependencyCheckAssemblyAnalyzerEnabled = settingKey[Option[Boolean]]("Sets whether or not the .NET Assembly Analyzer should be used. ")
 	lazy val dependencyCheckPathToMono = settingKey[Option[File]]("The path to Mono for .NET assembly analysis on non-windows systems. ")
diff --git a/src/main/scala/net/vonbuchholtz/sbt/dependencycheck/DependencyCheckListSettingsTask.scala b/src/main/scala/net/vonbuchholtz/sbt/dependencycheck/DependencyCheckListSettingsTask.scala
index b27feba..123cdbc 100644
--- a/src/main/scala/net/vonbuchholtz/sbt/dependencycheck/DependencyCheckListSettingsTask.scala
+++ b/src/main/scala/net/vonbuchholtz/sbt/dependencycheck/DependencyCheckListSettingsTask.scala
@@ -7,8 +7,9 @@ import org.owasp.dependencycheck.utils.Settings.KEYS._
 import sbt.Logger
 
 object DependencyCheckListSettingsTask {
-  def logSettings(settings: Settings, failBuildOnCVSS: Float, format: String, outputDirectory: String, skip: Boolean,
-                  skipRuntime: Boolean, skipTest: Boolean, skipProvided: Boolean, skipOptional: Boolean, log: Logger): Unit = {
+  def logSettings(settings: Settings, failBuildOnCVSS: Float, format: String, outputDirectory: String, scanSet: Seq[sbt.File],
+                  skip: Boolean, skipRuntime: Boolean, skipTest: Boolean, skipProvided: Boolean, skipOptional: Boolean,
+                  useSbtModuleIdAsGav: Boolean, log: Logger): Unit = {
     // working around threadlocal issue with DependencyCheck's Settings and sbt task dependency system.
     Settings.setInstance(settings)
 
@@ -17,12 +18,13 @@ object DependencyCheckListSettingsTask {
     log.info(s"\tdependencyCheckFailBuildOnCVSS: ${failBuildOnCVSS.toString}")
     log.info(s"\tdependencyCheckFormat: $format")
     log.info(s"\tdependencyCheckOutputDirectory: $outputDirectory")
+    log.info(s"\tdependencyCheckScanSet: ${scanSet.map(f => f.getAbsolutePath).mkString(", ")}")
     log.info(s"\tdependencyCheckSkip: ${skip.toString}")
     log.info(s"\tdependencyCheckSkipTestScope: ${skipTest.toString}")
     log.info(s"\tdependencyCheckSkipRuntimeScope: ${skipRuntime.toString}")
     log.info(s"\tdependencyCheckSkipProvidedScope: ${skipProvided.toString}")
     log.info(s"\tdependencyCheckSkipOptionalScope: ${skipOptional.toString}")
-    logFileSetting(SUPPRESSION_FILE, "dependencyCheckSuppressionFile", log)
+    logFileSetting(SUPPRESSION_FILE, "dependencyCheckSuppressionFile/s", log)
     logFileSetting(HINTS_FILE, "dependencyCheckHintsFile", log)
     logBooleanSetting(ANALYZER_EXPERIMENTAL_ENABLED, "dependencyCheckEnableExperimental", log)
 
@@ -42,6 +44,8 @@ object DependencyCheckListSettingsTask {
     logBooleanSetting(ANALYZER_AUTOCONF_ENABLED, "dependencyCheckAutoconfAnalyzerEnabled", log)
     logBooleanSetting(ANALYZER_COMPOSER_LOCK_ENABLED, "dependencyCheckComposerAnalyzerEnabled", log)
     logBooleanSetting(ANALYZER_NODE_PACKAGE_ENABLED, "dependencyCheckNodeAnalyzerEnabled", log)
+    logBooleanSetting(ANALYZER_NSP_PACKAGE_ENABLED, "dependencyCheckNSPAnalyzerEnabled", log)
+    logUrlSetting(ANALYZER_NSP_URL, "dependencyCheckNSPAnalyzerUrl", log)
     logBooleanSetting(ANALYZER_NUSPEC_ENABLED, "dependencyCheckNuspecAnalyzerEnabled", log)
     logBooleanSetting(ANALYZER_COCOAPODS_ENABLED, "dependencyCheckCocoapodsEnabled", log)
     logBooleanSetting(ANALYZER_SWIFT_PACKAGE_MANAGER_ENABLED, "dependencyCheckSwiftEnabled", log)
@@ -61,6 +65,8 @@ object DependencyCheckListSettingsTask {
     logStringSetting(DB_CONNECTION_STRING, "dependencyCheckConnectionString", log)
     logStringSetting(DB_USER, "dependencyCheckDatabaseUser", log)
     logStringSetting(DB_PASSWORD, "dependencyCheckDatabasePassword", log)
+    log.info(s"\tdependencyCheckUseSbtModuleIdAsGav: ${useSbtModuleIdAsGav.toString}")
+
   }
 
   def logBooleanSetting(key: String, setting: String, log: Logger): Unit = {
diff --git a/src/main/scala/net/vonbuchholtz/sbt/dependencycheck/DependencyCheckPlugin.scala b/src/main/scala/net/vonbuchholtz/sbt/dependencycheck/DependencyCheckPlugin.scala
index 9851866..2add013 100644
--- a/src/main/scala/net/vonbuchholtz/sbt/dependencycheck/DependencyCheckPlugin.scala
+++ b/src/main/scala/net/vonbuchholtz/sbt/dependencycheck/DependencyCheckPlugin.scala
@@ -55,6 +55,7 @@ object DependencyCheckPlugin extends sbt.AutoPlugin {
     dependencyCheckComposerAnalyzerEnabled := None,
     dependencyCheckNodeAnalyzerEnabled := None,
     dependencyCheckNSPAnalyzerEnabled := None,
+    dependencyCheckNSPAnalyzerUrl := None,
     dependencyCheckNuspecAnalyzerEnabled := None,
     dependencyCheckCocoapodsEnabled := None,
     dependencyCheckSwiftEnabled := None,
@@ -121,6 +122,7 @@ object DependencyCheckPlugin extends sbt.AutoPlugin {
     setBooleanSetting(ANALYZER_COMPOSER_LOCK_ENABLED, dependencyCheckComposerAnalyzerEnabled.value)
     setBooleanSetting(ANALYZER_NODE_PACKAGE_ENABLED, dependencyCheckNodeAnalyzerEnabled.value)
     setBooleanSetting(ANALYZER_NSP_PACKAGE_ENABLED, dependencyCheckNSPAnalyzerEnabled.value)
+    setUrlSetting(ANALYZER_NSP_URL, dependencyCheckNSPAnalyzerUrl.value)
     setBooleanSetting(ANALYZER_NUSPEC_ENABLED, dependencyCheckNuspecAnalyzerEnabled.value)
     setBooleanSetting(ANALYZER_ASSEMBLY_ENABLED, dependencyCheckAssemblyAnalyzerEnabled.value)
     setFileSetting(ANALYZER_ASSEMBLY_MONO_PATH, dependencyCheckPathToMono.value)
@@ -366,8 +368,9 @@ object DependencyCheckPlugin extends sbt.AutoPlugin {
     val settings: Settings = initializeSettings.value
 
     DependencyCheckListSettingsTask.logSettings(settings, dependencyCheckFailBuildOnCVSS.value, dependencyCheckFormat.value,
-      dependencyCheckOutputDirectory.value.getOrElse(new File(".")).getPath, dependencyCheckSkip.value, dependencyCheckSkipRuntimeScope.value,
-      dependencyCheckSkipTestScope.value, dependencyCheckSkipProvidedScope.value, dependencyCheckSkipOptionalScope.value, log)
+      dependencyCheckOutputDirectory.value.getOrElse(new File(".")).getPath, dependencyCheckScanSet.value, dependencyCheckSkip.value,
+      dependencyCheckSkipRuntimeScope.value, dependencyCheckSkipTestScope.value, dependencyCheckSkipProvidedScope.value,
+      dependencyCheckSkipOptionalScope.value, dependencyCheckUseSbtModuleIdAsGav.value.getOrElse(false), log)
   }
 
   def addDependencies(checkClasspath: Set[Attributed[File]], engine: Engine, useSbtModuleIdAsGav: Boolean, log: Logger): Unit = {
diff --git a/src/sbt-test/sbt-dependency-check/listSettings/build.sbt b/src/sbt-test/sbt-dependency-check/listSettings/build.sbt
new file mode 100644
index 0000000..cd30af0
--- /dev/null
+++ b/src/sbt-test/sbt-dependency-check/listSettings/build.sbt
@@ -0,0 +1,5 @@
+version := "0.1"
+lazy val root = project in file(".")
+scalaVersion := "2.10.6"
+
+dependencyCheckSuppressionFiles := Seq(baseDirectory.value / "src/main/resources", baseDirectory.value / "src/app/")
\ No newline at end of file
diff --git a/src/sbt-test/sbt-dependency-check/listSettings/project/plugins.sbt b/src/sbt-test/sbt-dependency-check/listSettings/project/plugins.sbt
new file mode 100644
index 0000000..c939695
--- /dev/null
+++ b/src/sbt-test/sbt-dependency-check/listSettings/project/plugins.sbt
@@ -0,0 +1,5 @@
+sys.props.get("plugin.version") match {
+  case Some(x) => addSbtPlugin("net.vonbuchholtz" % "sbt-dependency-check" % x)
+  case _ => sys.error("""|The system property 'plugin.version' is not defined.
+                        |Specify this property using the scriptedLaunchOpts -D.""".stripMargin)
+}
\ No newline at end of file
diff --git a/src/sbt-test/sbt-dependency-check/listSettings/test b/src/sbt-test/sbt-dependency-check/listSettings/test
new file mode 100644
index 0000000..7c58f30
--- /dev/null
+++ b/src/sbt-test/sbt-dependency-check/listSettings/test
@@ -0,0 +1 @@
+> dependencyCheckListSettings
\ No newline at end of file