/** * Visits all nodes from the given node and collects dependencies. * * @param node DependencyNode from which to search. * @param collecting Whether we are currently collecting artifacts. */ public void visit( DependencyNode node, boolean collecting ) { if ( collecting ) { dependencies.add( node.getArtifact() ); } if ( matchesTarget( node.getArtifact() ) ) { collecting = true; log.debug( "Found target. Collecting dependencies after " + node.getArtifact() ); } for ( final DependencyNode child : node.getChildren() ) { visit( child, collecting ); } }
/** * helper function for traversing nodes * in Level-Order way (also called BFS algorithm) */ private List<DependencyNode> levelTraverseTreeList(List<DependencyNode> nodeList, List <DependencyNode> aggDepNodeList ) { aggDepNodeList.addAll(nodeList); List<DependencyNode> NodeChildList = new ArrayList<DependencyNode>(); for (DependencyNode node : nodeList) { if ( (node != null) && (node.getChildren() != null) ) { NodeChildList.addAll(node.getChildren()); } } return NodeChildList; }
public boolean accept( DependencyNode node ) { boolean accepted = dependencyNodeFilter.accept( node ); if( !accepted ) { List<DependencyNode> children = node.getChildren(); children.clear(); } return accepted; } }
/** * @return a list of <code>Artifact</code> from the project. */ public List<Artifact> getProjectDependencies() { if ( projectDependencies != null ) { return projectDependencies; } projectDependencies = new ArrayList<>(); for ( DependencyNode dep : dependencyNode.getChildren() ) { projectDependencies.add( dep.getArtifact() ); } return projectDependencies; }
private Set<Artifact> getAllDescendants( DependencyNode node ) { Set<Artifact> children = null; if ( node.getChildren() != null ) { children = new HashSet<Artifact>(); for ( DependencyNode depNode : node.getChildren() ) { children.add( depNode.getArtifact() ); Set<Artifact> subNodes = getAllDescendants( depNode ); if ( subNodes != null ) { children.addAll( subNodes ); } } } return children; }
private Set<Artifact> getAllDescendants( DependencyNode node ) { Set<Artifact> children = null; if( node.getChildren() != null ) { children = new HashSet<Artifact>(); for( DependencyNode depNode : node.getChildren() ) { children.add( depNode.getArtifact() ); Set<Artifact> subNodes = getAllDescendants( depNode ); if( subNodes != null ) { children.addAll( subNodes ); } } } return children; }
private Set<Artifact> getAllDescendants( DependencyNode node ) { Set<Artifact> children = null; if ( node.getChildren() != null ) { children = new HashSet<Artifact>(); for ( DependencyNode depNode : node.getChildren() ) { children.add( depNode.getArtifact() ); Set<Artifact> subNodes = getAllDescendants( depNode ); if ( subNodes != null ) { children.addAll( subNodes ); } } } return children; }
/** * Get List of Nodes of Dependency tree serialised by traversing nodes * in Level-Order way (also called BFS algorithm) * * @param rootNode root node of the project Dependency tree * @return the dependency tree string of comma separated list * of groupId:artifactId */ private List<DependencyNode> depLevelOrderList(DependencyNode rootNode) { // Create list to store aggregate list of all nodes in tree List <DependencyNode> aggDepNodeList = new LinkedList<DependencyNode> (); // Create list that stores current breadth List <DependencyNode> nodeChildList = rootNode.getChildren(); //LevelOrderList.add(rootNode); while (!nodeChildList.isEmpty()) { nodeChildList = levelTraverseTreeList(nodeChildList, aggDepNodeList); } return aggDepNodeList; }
/** * Gets whether the specified dependency node is the last of its siblings. * * @param node the dependency node to check * @return <code>true</code> if the specified dependency node is the last of its last siblings */ private boolean isLast( DependencyNode node ) { // TODO: remove node argument and calculate from visitor calls only DependencyNode parent = node.getParent(); boolean last; if ( parent == null ) { last = true; } else { List<DependencyNode> siblings = parent.getChildren(); last = ( siblings.indexOf( node ) == siblings.size() - 1 ); } return last; }
/** * Gets whether the specified dependency node is the last of its siblings. * * @param node the dependency node to check * @return <code>true</code> if the specified dependency node is the last of its last siblings */ private boolean isLast( DependencyNode node ) { // TODO: remove node argument and calculate from visitor calls only DependencyNode parent = node.getParent(); boolean last; if ( parent == null ) { last = true; } else { List<DependencyNode> siblings = parent.getChildren(); last = ( siblings.indexOf( node ) == siblings.size() - 1 ); } return last; }
/** * Recursive method to get all dependencies from a given <code>dependencyNode</code> * * @param dependencyNode not null */ private void addAllChildrenDependencies( DependencyNode dependencyNode ) { for ( DependencyNode subdependencyNode : dependencyNode.getChildren() ) { Artifact artifact = subdependencyNode.getArtifact(); if ( artifact.getGroupId().equals( project.getGroupId() ) && artifact.getArtifactId().equals( project.getArtifactId() ) && artifact.getVersion().equals( project.getVersion() ) ) { continue; } if ( !allDependencies.contains( artifact ) ) { allDependencies.add( artifact ); } addAllChildrenDependencies( subdependencyNode ); } }
/** * Traverses a tree rooted at the given node. */ protected void visit(DependencyNode g) { if (accept(g)) { for (DependencyNode dn : g.getChildren()) { visit(dn); } } }
protected Set<Artifact> getDependenciesToCheck( MavenProject project ) { Set<Artifact> dependencies = null; try { DependencyNode node = graphBuilder.buildDependencyGraph( project, null ); if ( searchTransitive ) { dependencies = getAllDescendants( node ); } else if ( node.getChildren() != null ) { dependencies = new HashSet<Artifact>(); for ( DependencyNode depNode : node.getChildren() ) { dependencies.add( depNode.getArtifact() ); } } } catch ( DependencyGraphBuilderException e ) { // otherwise we need to change the signature of this protected method throw new RuntimeException( e ); } return dependencies; }
protected Set<Artifact> getDependenciesToCheck( MavenProject project ) { Set<Artifact> dependencies = null; try { DependencyNode node = graphBuilder.buildDependencyGraph( project, null ); if ( searchTransitive ) { dependencies = getAllDescendants( node ); } else if ( node.getChildren() != null ) { dependencies = new HashSet<Artifact>(); for ( DependencyNode depNode : node.getChildren() ) { dependencies.add( depNode.getArtifact() ); } } } catch ( DependencyGraphBuilderException e ) { // otherwise we need to change the signature of this protected method throw new RuntimeException( e ); } return dependencies; }
private void visitNode(DependencyNode baseNode,int level,List<VulnerableLibrary> vulnerabilities) { Artifact a = baseNode.getArtifact(); //getLog().info(StringUtils.repeat(" ",level)+" -> "+a.getGroupId()+":"+a.getArtifactId()+":"+a.getVersion()); List<CveVulnerability> cves = victimDb.search(a.getGroupId(), a.getArtifactId(), a.getVersion()); if(cves.size() > 0) { vulnerabilities.add(new VulnerableLibrary(a, cves, getHierarchyChain(baseNode))); } for (DependencyNode childNode : baseNode.getChildren()) { visitNode(childNode, level + 1, vulnerabilities); } }
/** * Find all of the dependencies for a specified artifact */ private List<PackageDescriptor> addPackageDependencies(PackageDescriptor parent, String groupId, String artifactId, String version, DependencyNode parentDep) { List<PackageDescriptor> packageDependency = new LinkedList<PackageDescriptor>(); List<DependencyNode> children = parentDep.getChildren(); if (children != null) { for (DependencyNode node : children) { DependencyNodeVisitor nlg = new CollectingDependencyNodeVisitor(); node.accept(nlg); List<DependencyNode> deps = ((CollectingDependencyNodeVisitor) nlg).getNodes(); for (DependencyNode dep : deps) { Artifact artifact = dep.getArtifact(); PackageDescriptor pkgDep = new PackageDescriptor("maven", artifact.getGroupId(), artifact.getArtifactId(), artifact.getVersion()); // Only include each package once. They might be transitive dependencies from multiple places. if (!parents.containsKey(pkgDep)) { pkgDep = request.add("maven", artifact.getGroupId(), artifact.getArtifactId(), artifact.getVersion()); parents.put(pkgDep, parent); packageDependency.add(pkgDep); } } } } return packageDependency; }
/** * {@inheritDoc} */ public boolean visit( DependencyNode node ) { // clone the node DefaultDependencyNode newNode = new DefaultDependencyNode( parentNodes.isEmpty() ? null : parentNodes.peek(), node.getArtifact(), node.getPremanagedVersion(), node.getPremanagedScope(), node.getVersionConstraint() ); newNode.setChildren( new ArrayList<DependencyNode>() ); if ( parentNodes.empty() ) { rootNode = newNode; } else { DependencyNode parentNode = parentNodes.peek(); parentNode.getChildren().add( newNode ); } parentNodes.push( newNode ); return true; }
/** * {@inheritDoc} */ @Override public boolean visit( DependencyNode node ) { // clone the node DefaultDependencyNode newNode = new DefaultDependencyNode( parentNodes.isEmpty() ? null : parentNodes.peek(), node.getArtifact(), node.getPremanagedVersion(), node.getPremanagedScope(), node.getVersionConstraint(), node.getOptional() ); newNode.setChildren( new ArrayList<DependencyNode>() ); if ( parentNodes.empty() ) { rootNode = newNode; } else { DependencyNode parentNode = parentNodes.peek(); parentNode.getChildren().add( newNode ); } parentNodes.push( newNode ); return true; }
/** * {@inheritDoc} */ @Override public boolean visit( DependencyNode node ) { if ( node.getParent() == null || node.getParent() == node ) { writer.write( "digraph \"" + node.toNodeString() + "\" { \n" ); } // Generate "currentNode -> Child" lines List<DependencyNode> children = node.getChildren(); for ( DependencyNode child : children ) { writer.println( "\t\"" + node.toNodeString() + "\" -> \"" + child.toNodeString() + "\" ; " ); } return true; }
/** * Retrieve dependencies for from given node and scope. * @param node Node to traverse. * @param scps Scopes to use. * @return Collection of dependency files. */ private Collection<File> dependencies(final DependencyNode node, final Collection<String> scps) { final Artifact artifact = node.getArtifact(); final Collection<File> files = new LinkedList<File>(); if ((artifact.getScope() == null) || scps.contains(artifact.getScope())) { if (artifact.getScope() == null) { files.add(artifact.getFile()); } else { files.add( this.session.getLocalRepository().find(artifact).getFile() ); } for (final DependencyNode child : node.getChildren()) { if (child.getArtifact().compareTo(node.getArtifact()) != 0) { files.addAll(this.dependencies(child, scps)); } } } return files; } }