Uses of Class
org.owasp.dependencycheck.Engine

Packages that use Engine

Package	Description
org.owasp.dependencycheck	Includes the main entry point for dependency-check.
org.owasp.dependencycheck.agent	The agent package holds an agent API that can be used by other applications that have information about dependencies; but would rather implement something in their code directly rather then spawn a process to run the entire dependency-check engine.
org.owasp.dependencycheck.analyzer	Analyzers are used to inspect the identified dependencies, collect Evidence, and process the dependencies.
org.owasp.dependencycheck.data.update	Contains classes used to update the data stores. The UpdateService will load, any correctly defined CachedWebDataSource(s) and call update() on them.
org.owasp.dependencycheck.processing	Classes used to process the output of external tools.
org.owasp.dependencycheck.utils	Includes various utility classes such as a Settings wrapper, a Checksum utility, etc.

Uses of Engine in org.owasp.dependencycheck

Constructors in org.owasp.dependencycheck with parameters of type Engine

Constructor and Description
AnalysisTask(Analyzer analyzer, Dependency dependency, Engine engine, java.util.List<java.lang.Throwable> exceptions) Creates a new analysis task.

Uses of Engine in org.owasp.dependencycheck.agent

Methods in org.owasp.dependencycheck.agent that return Engine

Modifier and Type	Method and Description
Engine	DependencyCheckScanAgent.execute() Executes the dependency-check and generates the report.

Uses of Engine in org.owasp.dependencycheck.analyzer

Methods in org.owasp.dependencycheck.analyzer with parameters of type Engine

Modifier and Type	Method and Description
void	AbstractAnalyzer.analyze(Dependency dependency, Engine engine) Analyzes a given dependency.
void	Analyzer.analyze(Dependency dependency, Engine engine) Analyzes the given dependency.
protected void	NpmCPEAnalyzer.analyzeDependency(Dependency dependency, Engine engine) Analyzes a dependency and attempts to determine if there are any CPE identifiers for this dependency.
void	NuspecAnalyzer.analyzeDependency(Dependency dependency, Engine engine) Performs the analysis.
protected void	SwiftPackageManagerAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
void	LibmanAnalyzer.analyzeDependency(Dependency dependency, Engine engine) Performs the analysis.
void	NugetconfAnalyzer.analyzeDependency(Dependency dependency, Engine engine) Performs the analysis.
protected void	NodeAuditAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
protected void	SwiftPackageResolvedAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
protected void	VulnerabilitySuppressionAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
protected void	GolangDepAnalyzer.analyzeDependency(Dependency dependency, Engine engine) Analyzes go packages and adds evidence to the dependency.
void	CentralAnalyzer.analyzeDependency(Dependency dependency, Engine engine) Performs the analysis.
protected void	ElixirMixAuditAnalyzer.analyzeDependency(Dependency dependency, Engine engine) Determines if the analyzer can analyze the given file type.
protected void	DartAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
void	NexusAnalyzer.analyzeDependency(Dependency dependency, Engine engine) Performs the analysis.
protected void	PipfileAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
protected void	CpeSuppressionAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
protected void	CMakeAnalyzer.analyzeDependency(Dependency dependency, Engine engine) Analyzes python packages and adds evidence to the dependency.
void	AssemblyAnalyzer.analyzeDependency(Dependency dependency, Engine engine) Performs the analysis on a single Dependency.
protected void	UnusedSuppressionRuleAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
protected void	ComposerLockAnalyzer.analyzeDependency(Dependency dependency, Engine engine) Entry point for the analyzer.
protected void	PythonDistributionAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
protected void	KnownExploitedVulnerabilityAnalyzer.analyzeDependency(Dependency dependency, Engine engine) Adds information about the known exploited vulnerabilities to the analysis.
protected void	PipAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
protected void	NvdCveAnalyzer.analyzeDependency(Dependency dependency, Engine engine) Analyzes a dependency and attempts to determine if there are any CPE identifiers for this dependency.
void	ArtifactoryAnalyzer.analyzeDependency(Dependency dependency, Engine engine) Performs the analysis.
void	ArchiveAnalyzer.analyzeDependency(Dependency dependency, Engine engine) Analyzes a given dependency.
protected void	YarnAuditAnalyzer.analyzeDependency(Dependency dependency, Engine engine) Analyzes the yarn lock file to determine vulnerable dependencies.
protected void	HintAnalyzer.analyzeDependency(Dependency dependency, Engine engine) The HintAnalyzer uses knowledge about a dependency to add additional information to help in identification of identifiers or vulnerabilities.
protected void	AbstractSuppressionAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
protected void	CocoaPodsAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
protected void	FalsePositiveAnalyzer.analyzeDependency(Dependency dependency, Engine engine) Analyzes the dependencies and removes bad/incorrect CPE associations based on various heuristics.
protected abstract void	AbstractAnalyzer.analyzeDependency(Dependency dependency, Engine engine) Analyzes a given dependency.
protected void	MSBuildProjectAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
protected void	GolangModAnalyzer.analyzeDependency(Dependency dependency, Engine engine) Analyzes go packages and adds evidence to the dependency.
protected void	VersionFilterAnalyzer.analyzeDependency(Dependency dependency, Engine engine) The HintAnalyzer uses knowledge about a dependency to add additional information to help in identification of identifiers or vulnerabilities.
protected void	PipfilelockAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
protected void	RubyBundleAuditAnalyzer.analyzeDependency(Dependency dependency, Engine engine) Determines if the analyzer can analyze the given file type.
void	RetireJsAnalyzer.analyzeDependency(Dependency dependency, Engine engine) Analyzes the specified JavaScript file.
protected void	CarthageAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
protected void	AbstractDependencyComparingAnalyzer.analyzeDependency(Dependency ignore, Engine engine) Analyzes a set of dependencies.
protected void	RubyBundlerAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
protected void	FileNameAnalyzer.analyzeDependency(Dependency dependency, Engine engine) Collects information about the file name.
protected void	AutoconfAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
protected void	CPEAnalyzer.analyzeDependency(Dependency dependency, Engine engine) Analyzes a dependency and attempts to determine if there are any CPE identifiers for this dependency.
protected void	RubyGemspecAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
protected void	PEAnalyzer.analyzeDependency(Dependency dependency, Engine engine) Collects information about the file name.
protected void	PinnedMavenInstallAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
void	JarAnalyzer.analyzeDependency(Dependency dependency, Engine engine) Loads a specified JAR file and collects information from the manifest and checksums to identify the correct CPE information.
protected void	PnpmAuditAnalyzer.analyzeDependency(Dependency dependency, Engine engine) Analyzes the pnpm lock file to determine vulnerable dependencies.
protected void	OssIndexAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
protected void	PoetryAnalyzer.analyzeDependency(Dependency dependency, Engine engine) Analyzes poetry packages and adds evidence to the dependency.
protected void	OpenSSLAnalyzer.analyzeDependency(Dependency dependency, Engine engine) Analyzes python packages and adds evidence to the dependency.
protected void	NodePackageAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
protected void	PythonPackageAnalyzer.analyzeDependency(Dependency dependency, Engine engine) Analyzes python packages and adds evidence to the dependency.
protected void	PerlCpanfileAnalyzer.analyzeDependency(Dependency dependency, Engine engine)
protected boolean	JarAnalyzer.analyzePOM(Dependency dependency, java.util.List<JarAnalyzer.ClassNameInformation> classes, Engine engine) Attempts to find a pom.xml within the JAR file.
protected Dependency	AbstractNpmAnalyzer.findDependency(Engine engine, java.lang.String name, java.lang.String version) Locates the dependency from the list of dependencies that have been scanned by the engine.
static int	AbstractSuppressionAnalyzer.getRuleCount(Engine engine) Returns the number of suppression rules currently loaded in the engine.
void	AbstractAnalyzer.prepare(Engine engine) Initialize the abstract analyzer.
void	Analyzer.prepare(Engine engine) The prepare method is called (once) prior to the analyze method being called on all of the dependencies.
void	KnownExploitedVulnerabilityAnalyzer.prepareAnalyzer(Engine engine) The prepare method does nothing for this Analyzer.
void	HintAnalyzer.prepareAnalyzer(Engine engine) The prepare method does nothing for this Analyzer.
void	AbstractSuppressionAnalyzer.prepareAnalyzer(Engine engine) The prepare method loads the suppression XML file.
protected void	AbstractAnalyzer.prepareAnalyzer(Engine engine) Prepares a given Analyzer.
protected void	AbstractFileTypeAnalyzer.prepareAnalyzer(Engine engine) Initializes the analyzer.
void	CPEAnalyzer.prepareAnalyzer(Engine engine) Creates the CPE Lucene Index.
void	NuspecAnalyzer.prepareFileTypeAnalyzer(Engine engine) Initializes the analyzer once before any analysis is performed.
protected void	SwiftPackageManagerAnalyzer.prepareFileTypeAnalyzer(Engine engine)
void	LibmanAnalyzer.prepareFileTypeAnalyzer(Engine engine) Initializes the analyzer once before any analysis is performed.
void	NugetconfAnalyzer.prepareFileTypeAnalyzer(Engine engine) Initializes the analyzer once before any analysis is performed.
protected void	AbstractNpmAnalyzer.prepareFileTypeAnalyzer(Engine engine) Initializes the analyzer once before any analysis is performed.
protected void	SwiftPackageResolvedAnalyzer.prepareFileTypeAnalyzer(Engine engine)
protected void	GolangDepAnalyzer.prepareFileTypeAnalyzer(Engine engine) No-op initializer implementation.
void	CentralAnalyzer.prepareFileTypeAnalyzer(Engine engine) Initializes the analyzer once before any analysis is performed.
protected void	ElixirMixAuditAnalyzer.prepareFileTypeAnalyzer(Engine engine)
protected void	DartAnalyzer.prepareFileTypeAnalyzer(Engine engine)
void	NexusAnalyzer.prepareFileTypeAnalyzer(Engine engine) Initializes the analyzer once before any analysis is performed.
protected void	PipfileAnalyzer.prepareFileTypeAnalyzer(Engine engine) Initializes the file type analyzer.
protected void	CMakeAnalyzer.prepareFileTypeAnalyzer(Engine engine) Initializes the analyzer.
void	AssemblyAnalyzer.prepareFileTypeAnalyzer(Engine engine) Initialize the analyzer.
protected void	ComposerLockAnalyzer.prepareFileTypeAnalyzer(Engine engine) Initializes the analyzer.
protected void	PythonDistributionAnalyzer.prepareFileTypeAnalyzer(Engine engine) Makes sure a usable temporary directory is available.
protected void	PipAnalyzer.prepareFileTypeAnalyzer(Engine engine) Initializes the file type analyzer.
void	ArtifactoryAnalyzer.prepareFileTypeAnalyzer(Engine engine) Initializes the analyzer once before any analysis is performed.
void	ArchiveAnalyzer.prepareFileTypeAnalyzer(Engine engine) The prepare method does nothing for this Analyzer.
protected void	YarnAuditAnalyzer.prepareFileTypeAnalyzer(Engine engine) Initializes the analyzer once before any analysis is performed.
protected void	CocoaPodsAnalyzer.prepareFileTypeAnalyzer(Engine engine)
protected void	MSBuildProjectAnalyzer.prepareFileTypeAnalyzer(Engine engine)
protected void	GolangModAnalyzer.prepareFileTypeAnalyzer(Engine engine) Initialize the go mod analyzer; ensures that go is installed and can be called.
protected abstract void	AbstractFileTypeAnalyzer.prepareFileTypeAnalyzer(Engine engine) Prepares the file type analyzer for dependency analysis.
protected void	PipfilelockAnalyzer.prepareFileTypeAnalyzer(Engine engine) Initializes the file type analyzer.
void	RubyBundleAuditAnalyzer.prepareFileTypeAnalyzer(Engine engine) Initialize the analyzer.
protected void	RetireJsAnalyzer.prepareFileTypeAnalyzer(Engine engine) Prepares the file type analyzer for dependency analysis.
protected void	CarthageAnalyzer.prepareFileTypeAnalyzer(Engine engine)
protected void	AutoconfAnalyzer.prepareFileTypeAnalyzer(Engine engine) Initializes the file type analyzer.
protected void	RubyGemspecAnalyzer.prepareFileTypeAnalyzer(Engine engine)
protected void	PEAnalyzer.prepareFileTypeAnalyzer(Engine engine)
protected void	PinnedMavenInstallAnalyzer.prepareFileTypeAnalyzer(Engine engine)
void	JarAnalyzer.prepareFileTypeAnalyzer(Engine engine) Initializes the JarAnalyzer.
protected void	PnpmAuditAnalyzer.prepareFileTypeAnalyzer(Engine engine) Initializes the analyzer once before any analysis is performed.
protected void	PoetryAnalyzer.prepareFileTypeAnalyzer(Engine engine) No-op initializer implementation.
protected void	OpenSSLAnalyzer.prepareFileTypeAnalyzer(Engine engine) No-op initializer implementation.
protected void	NodePackageAnalyzer.prepareFileTypeAnalyzer(Engine engine) Performs validation on the configuration to ensure that the correct analyzers are in place.
protected void	PythonPackageAnalyzer.prepareFileTypeAnalyzer(Engine engine) No-op initializer implementation.
protected void	PerlCpanfileAnalyzer.prepareFileTypeAnalyzer(Engine engine)
protected void	PerlCpanfileAnalyzer.processFileContents(java.util.List<java.lang.String> fileLines, java.lang.String filePath, Engine engine)
protected void	AbstractNpmAnalyzer.processPackage(Engine engine, Dependency dependency, javax.json.JsonArray jsonArray, java.lang.String depType) Processes a part of package.json (as defined by JsonArray) and update the specified dependency with relevant info.
protected void	AbstractNpmAnalyzer.processPackage(Engine engine, Dependency dependency, javax.json.JsonObject jsonObject, java.lang.String depType) Processes a part of package.json (as defined by JsonObject) and update the specified dependency with relevant info.
protected void	AbstractNpmAnalyzer.processResults(java.util.List<Advisory> advisories, Engine engine, Dependency dependency, org.apache.commons.collections4.MultiValuedMap<java.lang.String,java.lang.String> dependencyMap) Processes the advisories creating the appropriate dependency objects and adding the resulting vulnerabilities.

Uses of Engine in org.owasp.dependencycheck.data.update

Methods in org.owasp.dependencycheck.data.update with parameters of type Engine

Modifier and Type	Method and Description
boolean	HostedSuppressionsDataSource.purge(Engine engine)
boolean	NvdApiDataSource.purge(Engine engine)
boolean	RetireJSDataSource.purge(Engine engine)
boolean	CachedWebDataSource.purge(Engine engine) Deletes any locally cached data.
boolean	KnownExploitedDataSource.purge(Engine engine)
boolean	EngineVersionCheck.purge(Engine engine)
boolean	HostedSuppressionsDataSource.update(Engine engine) Downloads the current Hosted suppressions file.
boolean	NvdApiDataSource.update(Engine engine)
boolean	RetireJSDataSource.update(Engine engine) Downloads the current RetireJS data source.
boolean	CachedWebDataSource.update(Engine engine) Determines if an update to the current data store is needed, if it is the new data is downloaded from the Internet and imported into the current cached data store.
boolean	KnownExploitedDataSource.update(Engine engine)
boolean	EngineVersionCheck.update(Engine engine) Downloads the current released version number and compares it to the running engine's version number.

Uses of Engine in org.owasp.dependencycheck.processing

Constructors in org.owasp.dependencycheck.processing with parameters of type Engine

Constructor and Description
BundlerAuditProcessor(Dependency gemDependency, Engine engine) Constructs a new processor to consume the output of `bundler-audit`.
GoModProcessor(Dependency goDependency, Engine engine) Constructs a new processor to consume the output of `go list -m -json all`.
MixAuditProcessor(Dependency mixDependency, Engine engine) Constructs a new processor to consume the output of `mix_audit`.

Uses of Engine in org.owasp.dependencycheck.utils

Methods in org.owasp.dependencycheck.utils with parameters of type Engine

Modifier and Type	Method and Description
static void	ExtractionUtil.extractFiles(java.io.File archive, java.io.File extractTo, Engine engine) Extracts the contents of an archive into the specified directory.