1 /* 2 * This file is part of dependency-check-core. 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 * 16 * Copyright (c) 2013 Jeremy Long. All Rights Reserved. 17 */ 18 package org.owasp.dependencycheck.analyzer; 19 20 import javax.annotation.concurrent.ThreadSafe; 21 import org.owasp.dependencycheck.utils.Settings; 22 23 /** 24 * The suppression analyzer processes an externally defined XML document that 25 * complies with the suppressions.xsd schema. Any identified CPE entries within 26 * the dependencies that match will be removed. 27 * 28 * @author Jeremy Long 29 */ 30 @ThreadSafe 31 public class CpeSuppressionAnalyzer extends AbstractSuppressionAnalyzer { 32 33 /** 34 * The name of the analyzer. 35 */ 36 private static final String ANALYZER_NAME = "Cpe Suppression Analyzer"; 37 /** 38 * The phase that this analyzer is intended to run in. 39 */ 40 private static final AnalysisPhase ANALYSIS_PHASE = AnalysisPhase.POST_IDENTIFIER_ANALYSIS; 41 42 /** 43 * Returns the name of the analyzer. 44 * 45 * @return the name of the analyzer. 46 */ 47 @Override getName()48 public String getName() { 49 return ANALYZER_NAME; 50 } 51 52 /** 53 * Returns the phase that the analyzer is intended to run in. 54 * 55 * @return the phase that the analyzer is intended to run in. 56 */ 57 @Override getAnalysisPhase()58 public AnalysisPhase getAnalysisPhase() { 59 return ANALYSIS_PHASE; 60 } 61 62 /** 63 * <p> 64 * Returns the setting key to determine if the analyzer is enabled.</p> 65 * 66 * @return the key for the analyzer's enabled property 67 */ 68 @Override getAnalyzerEnabledSettingKey()69 protected String getAnalyzerEnabledSettingKey() { 70 return Settings.KEYS.ANALYZER_CPE_SUPPRESSION_ENABLED; 71 } 72 } 73