• Home
• com.rapid7.docker
• docker-image-analyzer
• 0.2.16
• source code
• OwaspDependencyFingerprinter.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.rapid7.container.analyzer.docker.fingerprinter.OwaspDependencyFingerprinter Maven / Gradle / Ivy

package com.rapid7.container.analyzer.docker.fingerprinter;

import com.rapid7.container.analyzer.docker.analyzer.LayerFileHandler;
import com.rapid7.container.analyzer.docker.model.LayerPath;
import com.rapid7.container.analyzer.docker.model.image.Image;
import com.rapid7.container.analyzer.docker.model.json.Configuration;
import com.rapid7.container.analyzer.docker.packages.OwaspDependencyParser;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.nio.file.Paths;
import org.apache.commons.compress.archivers.tar.TarArchiveEntry;

public class OwaspDependencyFingerprinter implements LayerFileHandler {
  private final OwaspDependencyParser dependencyParser;

  public OwaspDependencyFingerprinter(OwaspDependencyParser dependencyParser) {
    this.dependencyParser = dependencyParser;
  }

  @Override
  public void handle(String name, TarArchiveEntry entry, InputStream contents, Image image, Configuration configuration, LayerPath layerPath) throws IOException {
    if (dependencyParser.supports(name, entry)) {
      File tmpFile = Paths.get(layerPath.getPath(), name).toFile();
      if (tmpFile.isFile()) {
        layerPath.getLayer().addPackages(dependencyParser.parse(tmpFile, image.getOperatingSystem() == null
            ? layerPath.getLayer().getOperatingSystem() : image.getOperatingSystem()));
      }
    }
  }
}