com.danielsomerfield.cvecheck.gradle.handlers.buildRules.CVSSIndividualThresholdBuildRule.groovy Maven / Gradle / Ivy

Go to download

Show more of this group Show more artifacts with this name
Show all versions of gradle-cve-dependency-check Show documentation

CVE Checking for Gradle

There is a newer version: 0.6.2-100

Show newest version

package com.danielsomerfield.cvecheck.gradle.handlers.buildRules

import com.danielsomerfield.cvecheck.ScanResult
import com.danielsomerfield.cvecheck.Vulnerability

import static com.danielsomerfield.cvecheck.gradle.handlers.buildRules.RuleOutcome.Failed
import static com.danielsomerfield.cvecheck.gradle.handlers.buildRules.RuleOutcome.Passed

class CVSSIndividualThresholdBuildRule implements BuildRule {

  private int threshold;

  CVSSIndividualThresholdBuildRule(BuildRuleConfiguration configuration) {
    //TODO: replace with default mechanism
    this.threshold = configuration.threshold.value
  }

  @Override
  RuleOutcome execute(final ScanResult result) {
    float cvss = result.vulnerabilities.inject(0f) { float highest, Vulnerability vuln
      -> highest > vuln.cvssScore() ? highest : vuln.cvssScore()  }
    cvss > threshold ? Failed : Passed
  }

  @Override
  String getName() {
    "CVSS Indvidual Threshold"
  }
}