org.openrewrite.xml.security.UpdateOwaspSuppressionDate Maven / Gradle / Ivy
Show all versions of rewrite-xml Show documentation
/*
* Copyright 2022 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.openrewrite.xml.security;
import lombok.EqualsAndHashCode;
import lombok.Value;
import org.jspecify.annotations.Nullable;
import org.openrewrite.*;
import org.openrewrite.internal.ListUtils;
import org.openrewrite.internal.StringUtils;
import org.openrewrite.xml.XPathMatcher;
import org.openrewrite.xml.XmlIsoVisitor;
import org.openrewrite.xml.tree.Xml;
import java.time.LocalDate;
import java.util.List;
@Value
@EqualsAndHashCode(callSuper = false)
public class UpdateOwaspSuppressionDate extends Recipe {
@Override
public String getDisplayName() {
return "Update OWASP suppression date bounds";
}
@Override
public String getDescription() {
return "Updates the expiration date for OWASP suppressions having a matching cve tag. " +
"For use with the OWASP `dependency-check` tool. " +
"More details: https://jeremylong.github.io/DependencyCheck/general/suppression.html.";
}
@Option(displayName = "CVE List",
description = "Update suppressions having any of the specified CVE tags.",
example = "CVE-2022-1234")
List cveList;
@Option(displayName = "Until date",
required = false,
description = "Optional. The date to add to the suppression. Default will be 30 days from today.",
example = "2023-01-01")
@Nullable
String untilDate;
@Override
public Validated