From cc8b9f3d19624bdb4bcd412b8265e1a2d7cc16d7 Mon Sep 17 00:00:00 2001 From: Assaf Attias <49212512+attiasas@users.noreply.github.com> Date: Sun, 25 Feb 2024 16:14:39 +0200 Subject: [PATCH] Use exclude pattern when building dotnet dependency tree (#24) --- cli/docs/flags.go | 4 +- cli/scancommands.go | 6 +-- commands/audit/audit.go | 5 +-- commands/audit/auditparams.go | 16 -------- commands/audit/sca/common.go | 12 ++++++ commands/audit/sca/common_test.go | 48 +++++++++++++++++++++- commands/audit/sca/nuget/nuget.go | 21 ++++++---- commands/audit/sca/nuget/nuget_test.go | 4 +- commands/audit/scarunner.go | 13 +----- commands/audit/scarunner_test.go | 57 +++----------------------- go.mod | 6 ++- go.sum | 12 +++--- utils/auditbasicparams.go | 25 +++++++++++ 13 files changed, 121 insertions(+), 108 deletions(-) diff --git a/cli/docs/flags.go b/cli/docs/flags.go index 8f47c0a4..8c285c48 100644 --- a/cli/docs/flags.go +++ b/cli/docs/flags.go @@ -7,7 +7,7 @@ import ( "github.com/jfrog/jfrog-cli-core/v2/common/cliutils" pluginsCommon "github.com/jfrog/jfrog-cli-core/v2/plugins/common" "github.com/jfrog/jfrog-cli-core/v2/plugins/components" - "github.com/jfrog/jfrog-cli-security/commands/audit" + "github.com/jfrog/jfrog-cli-security/commands/audit/sca" "github.com/jfrog/jfrog-cli-security/commands/curation" "github.com/jfrog/jfrog-cli-security/commands/xray/offlineupdate" ) @@ -200,7 +200,7 @@ var flagsMap = map[string]components.Flag{ ExclusionsAudit: components.NewStringFlag( Exclusions, "List of exclusions separated by semicolons, utilized to skip sub-projects from undergoing an audit. These exclusions may incorporate the * and ? wildcards.", - components.WithStrDefaultValue(strings.Join(audit.DefaultExcludePatterns, ";")), + components.WithStrDefaultValue(strings.Join(sca.DefaultExcludePatterns, ";")), ), Mvn: components.NewBoolFlag(Mvn, "Set to true to request audit for a Maven project."), Gradle: components.NewBoolFlag(Gradle, "Set to true to request audit for a Gradle project."), diff --git a/cli/scancommands.go b/cli/scancommands.go index dd1ac526..ebc6aee6 100644 --- a/cli/scancommands.go +++ b/cli/scancommands.go @@ -357,8 +357,7 @@ func createAuditCmd(c *components.Context) (*audit.AuditCommand, error) { SetPrintExtendedTable(c.GetBoolFlagValue(flags.ExtendedTable)). SetMinSeverityFilter(minSeverity). SetFixableOnly(c.GetBoolFlagValue(flags.FixableOnly)). - SetThirdPartyApplicabilityScan(c.GetBoolFlagValue(flags.ThirdPartyContextualAnalysis)). - SetExclusions(pluginsCommon.GetStringsArrFlagValue(c, flags.Exclusions)) + SetThirdPartyApplicabilityScan(c.GetBoolFlagValue(flags.ThirdPartyContextualAnalysis)) if c.GetStringFlagValue(flags.Watches) != "" { auditCmd.SetWatches(splitByCommaAndTrim(c.GetStringFlagValue(flags.Watches))) @@ -373,7 +372,8 @@ func createAuditCmd(c *components.Context) (*audit.AuditCommand, error) { SetUseWrapper(c.GetBoolFlagValue(flags.UseWrapper)). SetInsecureTls(c.GetBoolFlagValue(flags.InsecureTls)). SetNpmScope(c.GetStringFlagValue(flags.DepType)). - SetPipRequirementsFile(c.GetStringFlagValue(flags.RequirementsFile)) + SetPipRequirementsFile(c.GetStringFlagValue(flags.RequirementsFile)). + SetExclusions(pluginsCommon.GetStringsArrFlagValue(c, flags.Exclusions)) return auditCmd, err } diff --git a/commands/audit/audit.go b/commands/audit/audit.go index 4b9d5f4b..4d57bd26 100644 --- a/commands/audit/audit.go +++ b/commands/audit/audit.go @@ -96,9 +96,8 @@ func (auditCmd *AuditCommand) Run() (err error) { SetMinSeverityFilter(auditCmd.minSeverityFilter). SetFixableOnly(auditCmd.fixableOnly). SetGraphBasicParams(auditCmd.AuditBasicParams). - SetThirdPartyApplicabilityScan(auditCmd.thirdPartyApplicabilityScan). - SetExclusions(auditCmd.exclusions). - SetIsRecursiveScan(isRecursiveScan) + SetThirdPartyApplicabilityScan(auditCmd.thirdPartyApplicabilityScan) + auditParams.SetIsRecursiveScan(isRecursiveScan).SetExclusions(auditCmd.Exclusions()) auditResults, err := RunAudit(auditParams) if err != nil { return diff --git a/commands/audit/auditparams.go b/commands/audit/auditparams.go index 7e944f31..aaa5a2b5 100644 --- a/commands/audit/auditparams.go +++ b/commands/audit/auditparams.go @@ -8,7 +8,6 @@ import ( type AuditParams struct { xrayGraphScanParams *services.XrayGraphScanParams workingDirs []string - exclusions []string installFunc func(tech string) error fixableOnly bool minSeverityFilter string @@ -16,7 +15,6 @@ type AuditParams struct { xrayVersion string // Include third party dependencies source code in the applicability scan. thirdPartyApplicabilityScan bool - isRecursiveScan bool } func NewAuditParams() *AuditParams { @@ -42,20 +40,6 @@ func (params *AuditParams) XrayVersion() string { return params.xrayVersion } -func (params *AuditParams) Exclusions() []string { - return params.exclusions -} - -func (params *AuditParams) SetExclusions(exclusions []string) *AuditParams { - params.exclusions = exclusions - return params -} - -func (params *AuditParams) SetIsRecursiveScan(isRecursiveScan bool) *AuditParams { - params.isRecursiveScan = isRecursiveScan - return params -} - func (params *AuditParams) SetXrayGraphScanParams(xrayGraphScanParams *services.XrayGraphScanParams) *AuditParams { params.xrayGraphScanParams = xrayGraphScanParams return params diff --git a/commands/audit/sca/common.go b/commands/audit/sca/common.go index 9b71d8b6..ff93b280 100644 --- a/commands/audit/sca/common.go +++ b/commands/audit/sca/common.go @@ -11,6 +11,8 @@ import ( "github.com/jfrog/jfrog-cli-core/v2/utils/tests" "github.com/jfrog/jfrog-cli-security/scangraph" "github.com/jfrog/jfrog-cli-security/utils" + "github.com/jfrog/jfrog-client-go/artifactory/services/fspatterns" + clientutils "github.com/jfrog/jfrog-client-go/utils" "github.com/jfrog/jfrog-client-go/utils/errorutils" ioUtils "github.com/jfrog/jfrog-client-go/utils/io" "github.com/jfrog/jfrog-client-go/utils/log" @@ -18,6 +20,16 @@ import ( xrayUtils "github.com/jfrog/jfrog-client-go/xray/services/utils" ) +var DefaultExcludePatterns = []string{"*.git*", "*node_modules*", "*target*", "*venv*", "*test*"} + +func GetExcludePattern(params utils.AuditParams) string { + exclusions := params.Exclusions() + if len(exclusions) == 0 { + exclusions = append(exclusions, DefaultExcludePatterns...) + } + return fspatterns.PrepareExcludePathPattern(exclusions, clientutils.WildCardPattern, params.IsRecursiveScan()) +} + func RunXrayDependenciesTreeScanGraph(dependencyTree *xrayUtils.GraphNode, progress ioUtils.ProgressMgr, technology coreutils.Technology, scanGraphParams *scangraph.ScanGraphParams) (results []services.ScanResponse, err error) { scanGraphParams.XrayGraphScanParams().DependenciesGraph = dependencyTree xscGitInfoContext := scanGraphParams.XrayGraphScanParams().XscGitInfoContext diff --git a/commands/audit/sca/common_test.go b/commands/audit/sca/common_test.go index a99117f4..22a65a4e 100644 --- a/commands/audit/sca/common_test.go +++ b/commands/audit/sca/common_test.go @@ -1,17 +1,63 @@ package sca import ( - "golang.org/x/exp/maps" "reflect" "testing" + "golang.org/x/exp/maps" + "github.com/jfrog/jfrog-cli-core/v2/utils/tests" coreXray "github.com/jfrog/jfrog-cli-core/v2/utils/xray" + "github.com/jfrog/jfrog-cli-security/utils" "github.com/jfrog/jfrog-client-go/xray/services" xrayUtils "github.com/jfrog/jfrog-client-go/xray/services/utils" "github.com/stretchr/testify/assert" ) +func TestGetExcludePattern(t *testing.T) { + tests := []struct { + name string + params func() *utils.AuditBasicParams + expected string + }{ + { + name: "Test exclude pattern recursive", + params: func() *utils.AuditBasicParams { + param := &utils.AuditBasicParams{} + param.SetExclusions([]string{"exclude1", "exclude2"}).SetIsRecursiveScan(true) + return param + }, + expected: "(^exclude1$)|(^exclude2$)", + }, + { + name: "Test no exclude pattern recursive", + params: func() *utils.AuditBasicParams { return (&utils.AuditBasicParams{}).SetIsRecursiveScan(true) }, + expected: "(^.*\\.git.*$)|(^.*node_modules.*$)|(^.*target.*$)|(^.*venv.*$)|(^.*test.*$)", + }, + { + name: "Test exclude pattern not recursive", + params: func() *utils.AuditBasicParams { + param := &utils.AuditBasicParams{} + param.SetExclusions([]string{"exclude1", "exclude2"}) + return param + }, + expected: "(^exclude1$)|(^exclude2$)", + }, + { + name: "Test no exclude pattern", + params: func() *utils.AuditBasicParams { return &utils.AuditBasicParams{} }, + expected: "(^.*\\.git.*$)|(^.*node_modules.*$)|(^.*target.*$)|(^.*venv.*$)|(^.*test.*$)", + }, + } + + for _, test := range tests { + t.Run(test.name, func(t *testing.T) { + result := GetExcludePattern(test.params()) + assert.Equal(t, test.expected, result) + }) + } +} + func TestBuildXrayDependencyTree(t *testing.T) { treeHelper := make(map[string]coreXray.DepTreeNode) rootDep := coreXray.DepTreeNode{Children: []string{"topDep1", "topDep2", "topDep3"}} diff --git a/commands/audit/sca/nuget/nuget.go b/commands/audit/sca/nuget/nuget.go index 63cae11f..c3da7bc8 100644 --- a/commands/audit/sca/nuget/nuget.go +++ b/commands/audit/sca/nuget/nuget.go @@ -3,6 +3,12 @@ package nuget import ( "errors" "fmt" + "io/fs" + "os" + "os/exec" + "path/filepath" + "strings" + bidotnet "github.com/jfrog/build-info-go/build/utils/dotnet" "github.com/jfrog/build-info-go/build/utils/dotnet/solution" "github.com/jfrog/build-info-go/entities" @@ -11,17 +17,13 @@ import ( "github.com/jfrog/jfrog-cli-core/v2/artifactory/commands/dotnet" "github.com/jfrog/jfrog-cli-core/v2/utils/config" coreXray "github.com/jfrog/jfrog-cli-core/v2/utils/xray" + "github.com/jfrog/jfrog-cli-security/commands/audit/sca" "github.com/jfrog/jfrog-cli-security/utils" "github.com/jfrog/jfrog-client-go/utils/errorutils" "github.com/jfrog/jfrog-client-go/utils/io/fileutils" "github.com/jfrog/jfrog-client-go/utils/log" xrayUtils "github.com/jfrog/jfrog-client-go/xray/services/utils" "golang.org/x/exp/maps" - "io/fs" - "os" - "os/exec" - "path/filepath" - "strings" ) const ( @@ -40,7 +42,8 @@ func BuildDependencyTree(params utils.AuditParams) (dependencyTree []*xrayUtils. if err != nil { return } - sol, err := solution.Load(wd, "", log.Logger) + exclusionPattern := sca.GetExcludePattern(params) + sol, err := solution.Load(wd, "", exclusionPattern, log.Logger) if err != nil && !strings.Contains(err.Error(), globalPackagesNotFoundErrorMessage) { // In older NuGet projects that utilize NuGet Cli and package.config, if the project is not installed, the solution.Load function raises an error because it cannot find global package paths. // This issue is resolved by executing the 'nuget restore' command followed by running solution.Load again. Therefore, in this scenario, we need to proceed with this process. @@ -49,7 +52,7 @@ func BuildDependencyTree(params utils.AuditParams) (dependencyTree []*xrayUtils. if isInstallRequired(params, sol) { log.Info("Dependencies sources were not detected nor 'install' command provided. Running 'restore' command") - sol, err = runDotnetRestoreAndLoadSolution(params, wd) + sol, err = runDotnetRestoreAndLoadSolution(params, wd, exclusionPattern) if err != nil { return } @@ -74,7 +77,7 @@ func isInstallRequired(params utils.AuditParams, sol solution.Solution) bool { // Generates a temporary duplicate of the project to execute the 'install' command without impacting the original directory and establishing the JFrog configuration file for Artifactory resolution // Additionally, re-loads the project's Solution so the dependencies sources will be identified -func runDotnetRestoreAndLoadSolution(params utils.AuditParams, originalWd string) (sol solution.Solution, err error) { +func runDotnetRestoreAndLoadSolution(params utils.AuditParams, originalWd, exclusionPattern string) (sol solution.Solution, err error) { // Creating a temporary copy of the project in order to run 'install' command without effecting the original directory + creating the jfrog config for artifactory resolution tmpWd, err := fileutils.CreateTempDir() if err != nil { @@ -129,7 +132,7 @@ func runDotnetRestoreAndLoadSolution(params utils.AuditParams, originalWd string if err != nil { return } - sol, err = solution.Load(tmpWd, "", log.Logger) + sol, err = solution.Load(tmpWd, "", exclusionPattern, log.Logger) return } diff --git a/commands/audit/sca/nuget/nuget_test.go b/commands/audit/sca/nuget/nuget_test.go index 078df7aa..0ab6aba9 100644 --- a/commands/audit/sca/nuget/nuget_test.go +++ b/commands/audit/sca/nuget/nuget_test.go @@ -134,13 +134,13 @@ func TestRunDotnetRestoreAndLoadSolution(t *testing.T) { dotnetProjectPath := filepath.Join(testDataDir, "dotnet", projectName) assert.NoError(t, utils.CopyDir(dotnetProjectPath, tempDirPath, true, nil)) - sol, err := solution.Load(tempDirPath, "", log.Logger) + sol, err := solution.Load(tempDirPath, "", "", log.Logger) assert.NoError(t, err) assert.Empty(t, sol.GetProjects()) assert.Empty(t, sol.GetDependenciesSources()) params := &xrayUtils2.AuditBasicParams{} - sol, err = runDotnetRestoreAndLoadSolution(params, tempDirPath) + sol, err = runDotnetRestoreAndLoadSolution(params, tempDirPath, "") assert.NoError(t, err) assert.NotEmpty(t, sol.GetProjects()) assert.NotEmpty(t, sol.GetDependenciesSources()) diff --git a/commands/audit/scarunner.go b/commands/audit/scarunner.go index 7e2952f0..8efb3b18 100644 --- a/commands/audit/scarunner.go +++ b/commands/audit/scarunner.go @@ -22,7 +22,6 @@ import ( "github.com/jfrog/jfrog-cli-security/commands/audit/sca/yarn" "github.com/jfrog/jfrog-cli-security/scangraph" xrayutils "github.com/jfrog/jfrog-cli-security/utils" - "github.com/jfrog/jfrog-client-go/artifactory/services/fspatterns" clientutils "github.com/jfrog/jfrog-client-go/utils" "github.com/jfrog/jfrog-client-go/utils/errorutils" "github.com/jfrog/jfrog-client-go/utils/log" @@ -30,8 +29,6 @@ import ( xrayCmdUtils "github.com/jfrog/jfrog-client-go/xray/services/utils" ) -var DefaultExcludePatterns = []string{"*.git*", "*node_modules*", "*target*", "*venv*", "*test*"} - func runScaScan(params *AuditParams, results *xrayutils.Results) (err error) { // Prepare currentWorkingDir, err := os.Getwd() @@ -75,7 +72,7 @@ func runScaScan(params *AuditParams, results *xrayutils.Results) (err error) { func getScaScansToPreform(params *AuditParams) (scansToPreform []*xrayutils.ScaScanResult) { for _, requestedDirectory := range params.workingDirs { // Detect descriptors and technologies in the requested directory. - techToWorkingDirs, err := coreutils.DetectTechnologiesDescriptors(requestedDirectory, params.isRecursiveScan, params.Technologies(), getRequestedDescriptors(params), getExcludePattern(params, params.isRecursiveScan)) + techToWorkingDirs, err := coreutils.DetectTechnologiesDescriptors(requestedDirectory, params.IsRecursiveScan(), params.Technologies(), getRequestedDescriptors(params), sca.GetExcludePattern(params.AuditBasicParams)) if err != nil { log.Warn("Couldn't detect technologies in", requestedDirectory, "directory.", err.Error()) continue @@ -108,14 +105,6 @@ func getRequestedDescriptors(params *AuditParams) map[coreutils.Technology][]str return requestedDescriptors } -func getExcludePattern(params *AuditParams, recursive bool) string { - exclusions := params.Exclusions() - if len(exclusions) == 0 { - exclusions = append(exclusions, DefaultExcludePatterns...) - } - return fspatterns.PrepareExcludePathPattern(exclusions, clientutils.WildCardPattern, recursive) -} - // Preform the SCA scan for the given scan information. // This method will change the working directory to the scan's working directory. func executeScaScan(serverDetails *config.ServerDetails, params *AuditParams, scan *xrayutils.ScaScanResult) (err error) { diff --git a/commands/audit/scarunner_test.go b/commands/audit/scarunner_test.go index 7f2cfc0c..68162094 100644 --- a/commands/audit/scarunner_test.go +++ b/commands/audit/scarunner_test.go @@ -117,55 +117,6 @@ func createEmptyFile(t *testing.T, path string) { assert.NoError(t, file.Close()) } -func TestGetExcludePattern(t *testing.T) { - tests := []struct { - name string - params func() *AuditParams - recursive bool - expected string - }{ - { - name: "Test exclude pattern recursive", - params: func() *AuditParams { - param := NewAuditParams() - param.SetExclusions([]string{"exclude1", "exclude2"}) - return param - }, - recursive: true, - expected: "(^exclude1$)|(^exclude2$)", - }, - { - name: "Test no exclude pattern recursive", - params: NewAuditParams, - recursive: true, - expected: "(^.*\\.git.*$)|(^.*node_modules.*$)|(^.*target.*$)|(^.*venv.*$)|(^.*test.*$)", - }, - { - name: "Test exclude pattern not recursive", - params: func() *AuditParams { - param := NewAuditParams() - param.SetExclusions([]string{"exclude1", "exclude2"}) - return param - }, - recursive: false, - expected: "(^exclude1$)|(^exclude2$)", - }, - { - name: "Test no exclude pattern", - params: NewAuditParams, - recursive: false, - expected: "(^.*\\.git.*$)|(^.*node_modules.*$)|(^.*target.*$)|(^.*venv.*$)|(^.*test.*$)", - }, - } - - for _, test := range tests { - t.Run(test.name, func(t *testing.T) { - result := getExcludePattern(test.params(), test.recursive) - assert.Equal(t, test.expected, result) - }) - } -} - func TestGetScaScansToPreform(t *testing.T) { dir, cleanUp := createTestDir(t) @@ -180,8 +131,8 @@ func TestGetScaScansToPreform(t *testing.T) { name: "Test specific technologies", wd: dir, params: func() *AuditParams { - param := NewAuditParams().SetIsRecursiveScan(true).SetWorkingDirs([]string{dir}) - param.SetTechnologies([]string{"maven", "npm", "go"}) + param := NewAuditParams().SetWorkingDirs([]string{dir}) + param.SetTechnologies([]string{"maven", "npm", "go"}).SetIsRecursiveScan(true) return param }, expected: []*xrayutils.ScaScanResult{ @@ -210,7 +161,9 @@ func TestGetScaScansToPreform(t *testing.T) { name: "Test all", wd: dir, params: func() *AuditParams { - return NewAuditParams().SetIsRecursiveScan(true).SetWorkingDirs([]string{dir}) + param := NewAuditParams().SetWorkingDirs([]string{dir}) + param.SetIsRecursiveScan(true) + return param }, expected: []*xrayutils.ScaScanResult{ { diff --git a/go.mod b/go.mod index 46fe9bec..8b95af78 100644 --- a/go.mod +++ b/go.mod @@ -98,6 +98,8 @@ require ( gopkg.in/warnings.v0 v0.1.2 // indirect ) -// replace github.com/jfrog/jfrog-cli-core/v2 => github.com/jfrog/jfrog-cli-core/v2 dev +replace github.com/jfrog/jfrog-cli-core/v2 => github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20240225124040-0941c5ce1007 -// replace github.com/jfrog/jfrog-client-go => github.com/jfrog/jfrog-client-go dev +replace github.com/jfrog/jfrog-client-go => github.com/jfrog/jfrog-client-go v1.28.1-0.20240222155638-e55c7d7acbee + +replace github.com/jfrog/build-info-go => github.com/jfrog/build-info-go v1.8.9-0.20240225113943-096bf22ca54c diff --git a/go.sum b/go.sum index ce0623bc..c4211bb8 100644 --- a/go.sum +++ b/go.sum @@ -96,16 +96,16 @@ github.com/jedib0t/go-pretty/v6 v6.5.4 h1:gOGo0613MoqUcf0xCj+h/V3sHDaZasfv152G6/ github.com/jedib0t/go-pretty/v6 v6.5.4/go.mod h1:5LQIxa52oJ/DlDSLv0HEkWOFMDGoWkJb9ss5KqPpJBg= github.com/jfrog/archiver/v3 v3.6.0 h1:OVZ50vudkIQmKMgA8mmFF9S0gA47lcag22N13iV3F1w= github.com/jfrog/archiver/v3 v3.6.0/go.mod h1:fCAof46C3rAXgZurS8kNRNdSVMKBbZs+bNNhPYxLldI= -github.com/jfrog/build-info-go v1.9.23 h1:+TwUIBEJwRvz9skR8xBfY5ti8Vl4Z6iMCkFbkclnEN0= -github.com/jfrog/build-info-go v1.9.23/go.mod h1:QHcKuesY4MrBVBuEwwBz4uIsX6mwYuMEDV09ng4AvAU= +github.com/jfrog/build-info-go v1.8.9-0.20240225113943-096bf22ca54c h1:M1QiuCYGCYN1IiGyxogrLzfetYGkkhE2pgDh5K4Wo9A= +github.com/jfrog/build-info-go v1.8.9-0.20240225113943-096bf22ca54c/go.mod h1:QHcKuesY4MrBVBuEwwBz4uIsX6mwYuMEDV09ng4AvAU= github.com/jfrog/gofrog v1.6.0 h1:jOwb37nHY2PnxePNFJ6e6279Pgkr3di05SbQQw47Mq8= github.com/jfrog/gofrog v1.6.0/go.mod h1:SZ1EPJUruxrVGndOzHd+LTiwWYKMlHqhKD+eu+v5Hqg= github.com/jfrog/jfrog-apps-config v1.0.1 h1:mtv6k7g8A8BVhlHGlSveapqf4mJfonwvXYLipdsOFMY= github.com/jfrog/jfrog-apps-config v1.0.1/go.mod h1:8AIIr1oY9JuH5dylz2S6f8Ym2MaadPLR6noCBO4C22w= -github.com/jfrog/jfrog-cli-core/v2 v2.48.1 h1:rRqI82btSFKFStGd7uEiheeBAuEjrw+ZZbE1abaKUBU= -github.com/jfrog/jfrog-cli-core/v2 v2.48.1/go.mod h1:9aZHtR9x7s9VUa5AalOjJkxMMPSgxXgQ5hdU3vzMwcs= -github.com/jfrog/jfrog-client-go v1.37.1 h1:BqIWGPajC5vhUo5dcQ9KEJr0EVANr/O4cfEqRYvzvRg= -github.com/jfrog/jfrog-client-go v1.37.1/go.mod h1:y+zeO0LeT2uHoHs4/fXHrm5dfF02bg6Dw3cNJxgJ5LY= +github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20240225124040-0941c5ce1007 h1:0KxG3eFY5Ky9UJDpEtDjAKWJ9Nv3FC+JfLy3HlzOkJo= +github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20240225124040-0941c5ce1007/go.mod h1:WBLFp8yLZMaJiQtY9updnh0zj9kfxRFpY4Y9zCiggtk= +github.com/jfrog/jfrog-client-go v1.28.1-0.20240222155638-e55c7d7acbee h1:IrM+wE8WmsSm95vpYSEYle2mPAOVn1FrRTeScSNxgrw= +github.com/jfrog/jfrog-client-go v1.28.1-0.20240222155638-e55c7d7acbee/go.mod h1:jcZYTyo9H4GtZ6eAYIfKm1ulxeTbshcBBA+YUbWlHNc= github.com/kevinburke/ssh_config v1.2.0 h1:x584FjTGwHzMwvHx18PXxbBVzfnxogHaAReU4gf13a4= github.com/kevinburke/ssh_config v1.2.0/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM= github.com/klauspost/compress v1.4.1/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A= diff --git a/utils/auditbasicparams.go b/utils/auditbasicparams.go index fee9e5c5..e66a618f 100644 --- a/utils/auditbasicparams.go +++ b/utils/auditbasicparams.go @@ -36,6 +36,10 @@ type AuditParams interface { SetIsMavenDepTreeInstalled(isMavenDepTreeInstalled bool) *AuditBasicParams IsCurationCmd() bool SetIsCurationCmd(bool) *AuditBasicParams + SetExclusions(exclusions []string) *AuditBasicParams + Exclusions() []string + SetIsRecursiveScan(isRecursiveScan bool) *AuditBasicParams + IsRecursiveScan() bool } type AuditBasicParams struct { @@ -55,6 +59,8 @@ type AuditBasicParams struct { args []string installCommandArgs []string dependenciesForApplicabilityScan []string + exclusions []string + isRecursiveScan bool } func (abp *AuditBasicParams) DirectDependencies() []string { @@ -199,7 +205,26 @@ func (abp *AuditBasicParams) SetIsMavenDepTreeInstalled(isMavenDepTreeInstalled func (abp *AuditBasicParams) IsCurationCmd() bool { return abp.isCurationCmd } + func (abp *AuditBasicParams) SetIsCurationCmd(isCurationCmd bool) *AuditBasicParams { abp.isCurationCmd = isCurationCmd return abp } + +func (abp *AuditBasicParams) Exclusions() []string { + return abp.exclusions +} + +func (abp *AuditBasicParams) SetExclusions(exclusions []string) *AuditBasicParams { + abp.exclusions = exclusions + return abp +} + +func (abp *AuditBasicParams) SetIsRecursiveScan(isRecursiveScan bool) *AuditBasicParams { + abp.isRecursiveScan = isRecursiveScan + return abp +} + +func (abp *AuditBasicParams) IsRecursiveScan() bool { + return abp.isRecursiveScan +}