com.metaeffekt.mirror.contents.vulnerability.VulnerableSoftwareVersionRangeEcosystem Maven / Gradle / Ivy
/*
* Copyright 2021-2024 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.metaeffekt.mirror.contents.vulnerability;
import com.metaeffekt.artifact.analysis.version.curation.VersionContext;
import com.metaeffekt.artifact.enrichment.vulnerability.ghsa.GhsaEcosystem;
import org.json.JSONObject;
public class VulnerableSoftwareVersionRangeEcosystem extends VulnerableSoftwareVersionRange {
private final String ecosystem;
private final String name;
public VulnerableSoftwareVersionRangeEcosystem(String ecosystem, String name, String version, String update, String versionStartExcluding, String versionStartIncluding, String versionEndIncluding, String versionEndExcluding, VersionContext context, boolean vulnerable) {
super(version, update, versionStartExcluding, versionStartIncluding, versionEndIncluding, versionEndExcluding, context, vulnerable);
this.ecosystem = ecosystem;
this.name = name;
}
public String getEcosystem() {
return ecosystem;
}
public String getName() {
return name;
}
@Override
public JSONObject toJson() {
return super.toJson()
.put("ecosystem", ecosystem)
.put("name", name);
}
@Override
public String toString() {
return name + " (" + ecosystem + ") " + super.toString();
}
public static VulnerableSoftwareVersionRangeEcosystem fromJson(JSONObject json) {
return new VulnerableSoftwareVersionRangeEcosystem(
json.optString("ecosystem", null),
json.optString("name", null),
json.optString("version", ""),
json.optString("update", ""),
json.optString("versionStartExcluding", null),
json.optString("versionStartIncluding", null),
json.optString("versionEndIncluding", null),
json.optString("versionEndExcluding", null),
VersionContext.fromGhsaProduct(json.optString("name", null)),
json.optBoolean("vulnerable", true)
);
}
// ECOSYSTEM SPECIFIC METHODS
public String getMavenArtifactId() {
// org.apache.commons:commons-collections4 --> commons-collections4
if (GhsaEcosystem.MAVEN.getName().equals(ecosystem) && name != null && name.contains(":")) {
return name.substring(name.indexOf(":") + 1);
} else {
return null;
}
}
public String getMavenGroupId() {
// org.apache.commons:commons-collections4 --> org.apache.commons
if (GhsaEcosystem.MAVEN.getName().equals(ecosystem) && name != null && name.contains(":")) {
return name.substring(0, name.indexOf(":"));
} else {
return null;
}
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy