1 /*
2  * This file is part of dependency-check-core.
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *     http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  *
16  * Copyright (c) 2013 Jeremy Long. All Rights Reserved.
17  */
18 package org.owasp.dependencycheck.analyzer;
19 
20 import javax.annotation.concurrent.ThreadSafe;
21 import org.owasp.dependencycheck.utils.Settings;
22 
23 /**
24  * The suppression analyzer processes an externally defined XML document that
25  * complies with the suppressions.xsd schema. Any identified CPE entries within
26  * the dependencies that match will be removed.
27  *
28  * @author Jeremy Long
29  */
30 @ThreadSafe
31 public class CpeSuppressionAnalyzer extends AbstractSuppressionAnalyzer {
32 
33     /**
34      * The name of the analyzer.
35      */
36     private static final String ANALYZER_NAME = "Cpe Suppression Analyzer";
37     /**
38      * The phase that this analyzer is intended to run in.
39      */
40     private static final AnalysisPhase ANALYSIS_PHASE = AnalysisPhase.POST_IDENTIFIER_ANALYSIS;
41 
42     /**
43      * Returns the name of the analyzer.
44      *
45      * @return the name of the analyzer.
46      */
47     @Override
getName()48     public String getName() {
49         return ANALYZER_NAME;
50     }
51 
52     /**
53      * Returns the phase that the analyzer is intended to run in.
54      *
55      * @return the phase that the analyzer is intended to run in.
56      */
57     @Override
getAnalysisPhase()58     public AnalysisPhase getAnalysisPhase() {
59         return ANALYSIS_PHASE;
60     }
61 
62     /**
63      * <p>
64      * Returns the setting key to determine if the analyzer is enabled.</p>
65      *
66      * @return the key for the analyzer's enabled property
67      */
68     @Override
getAnalyzerEnabledSettingKey()69     protected String getAnalyzerEnabledSettingKey() {
70         return Settings.KEYS.ANALYZER_CPE_SUPPRESSION_ENABLED;
71     }
72 }
73