|
22 | 22 | import edu.umd.cs.findbugs.annotations.SuppressFBWarnings; |
23 | 23 | import io.github.jeremylong.openvulnerability.client.nvd.Config; |
24 | 24 | import io.github.jeremylong.openvulnerability.client.nvd.CpeMatch; |
| 25 | +import io.github.jeremylong.openvulnerability.client.nvd.CvssV2; |
| 26 | +import io.github.jeremylong.openvulnerability.client.nvd.CvssV2Data; |
| 27 | +import io.github.jeremylong.openvulnerability.client.nvd.CvssV3; |
| 28 | +import io.github.jeremylong.openvulnerability.client.nvd.CvssV3Data; |
| 29 | +import io.github.jeremylong.openvulnerability.client.nvd.CvssV4; |
| 30 | +import io.github.jeremylong.openvulnerability.client.nvd.CvssV4Data; |
| 31 | +import io.github.jeremylong.openvulnerability.client.nvd.DefCveItem; |
| 32 | +import io.github.jeremylong.openvulnerability.client.nvd.LangString; |
| 33 | +import io.github.jeremylong.openvulnerability.client.nvd.Node; |
| 34 | +import io.github.jeremylong.openvulnerability.client.nvd.Reference; |
| 35 | +import io.github.jeremylong.openvulnerability.client.nvd.Weakness; |
25 | 36 | import org.apache.commons.collections4.map.ReferenceMap; |
| 37 | +import org.owasp.dependencycheck.analyzer.exception.LambdaExceptionWrapper; |
| 38 | +import org.owasp.dependencycheck.analyzer.exception.UnexpectedAnalysisException; |
| 39 | +import org.owasp.dependencycheck.data.update.cpe.CpeEcosystemCache; |
| 40 | +import org.owasp.dependencycheck.data.update.cpe.CpePlus; |
26 | 41 | import org.owasp.dependencycheck.dependency.Vulnerability; |
27 | 42 | import org.owasp.dependencycheck.dependency.VulnerableSoftware; |
28 | | -import org.owasp.dependencycheck.utils.*; |
| 43 | +import org.owasp.dependencycheck.dependency.VulnerableSoftwareBuilder; |
| 44 | +import org.owasp.dependencycheck.utils.InvalidSettingException; |
| 45 | +import org.owasp.dependencycheck.utils.Pair; |
| 46 | +import org.owasp.dependencycheck.utils.Settings; |
29 | 47 | import org.slf4j.Logger; |
30 | 48 | import org.slf4j.LoggerFactory; |
| 49 | +import us.springett.parsers.cpe.Cpe; |
| 50 | +import us.springett.parsers.cpe.CpeBuilder; |
| 51 | +import us.springett.parsers.cpe.CpeParser; |
| 52 | +import us.springett.parsers.cpe.exceptions.CpeParsingException; |
| 53 | +import us.springett.parsers.cpe.exceptions.CpeValidationException; |
31 | 54 |
|
32 | 55 | import javax.annotation.concurrent.ThreadSafe; |
33 | 56 | import java.io.IOException; |
|
40 | 63 | import java.sql.ResultSet; |
41 | 64 | import java.sql.SQLException; |
42 | 65 | import java.sql.Statement; |
43 | | -import java.util.*; |
| 66 | +import java.util.ArrayList; |
| 67 | +import java.util.Collections; |
| 68 | +import java.util.Comparator; |
| 69 | +import java.util.HashMap; |
| 70 | +import java.util.HashSet; |
| 71 | +import java.util.List; |
| 72 | +import java.util.Map; |
| 73 | +import java.util.MissingResourceException; |
| 74 | +import java.util.Optional; |
| 75 | +import java.util.Properties; |
| 76 | +import java.util.ResourceBundle; |
| 77 | +import java.util.Set; |
44 | 78 | import java.util.stream.Collectors; |
45 | | -import org.anarres.jdiagnostics.DefaultQuery; |
46 | 79 |
|
47 | 80 | import static org.apache.commons.collections4.map.AbstractReferenceMap.ReferenceStrength.HARD; |
48 | 81 | import static org.apache.commons.collections4.map.AbstractReferenceMap.ReferenceStrength.SOFT; |
49 | | -import org.owasp.dependencycheck.analyzer.exception.LambdaExceptionWrapper; |
50 | | -import org.owasp.dependencycheck.analyzer.exception.UnexpectedAnalysisException; |
51 | | -import io.github.jeremylong.openvulnerability.client.nvd.DefCveItem; |
52 | 82 | import static org.owasp.dependencycheck.data.nvdcve.CveDB.PreparedStatementCveDb.*; |
53 | | -import org.owasp.dependencycheck.data.update.cpe.CpeEcosystemCache; |
54 | | -import org.owasp.dependencycheck.data.update.cpe.CpePlus; |
55 | | -import io.github.jeremylong.openvulnerability.client.nvd.CvssV2; |
56 | | -import io.github.jeremylong.openvulnerability.client.nvd.CvssV2Data; |
57 | | -import io.github.jeremylong.openvulnerability.client.nvd.CvssV3; |
58 | | -import io.github.jeremylong.openvulnerability.client.nvd.CvssV3Data; |
59 | | -import io.github.jeremylong.openvulnerability.client.nvd.CvssV4; |
60 | | -import io.github.jeremylong.openvulnerability.client.nvd.CvssV4Data; |
61 | | -import io.github.jeremylong.openvulnerability.client.nvd.LangString; |
62 | | -import io.github.jeremylong.openvulnerability.client.nvd.Node; |
63 | | -import io.github.jeremylong.openvulnerability.client.nvd.Reference; |
64 | | -import io.github.jeremylong.openvulnerability.client.nvd.Weakness; |
65 | | -import org.owasp.dependencycheck.dependency.VulnerableSoftwareBuilder; |
66 | | -import us.springett.parsers.cpe.Cpe; |
67 | | -import us.springett.parsers.cpe.CpeBuilder; |
68 | | -import us.springett.parsers.cpe.CpeParser; |
69 | | -import us.springett.parsers.cpe.exceptions.CpeParsingException; |
70 | | -import us.springett.parsers.cpe.exceptions.CpeValidationException; |
71 | 83 |
|
72 | 84 | /** |
73 | 85 | * The database holding information about the NVD CVE data. This class is safe |
@@ -120,7 +132,7 @@ public final class CveDB implements AutoCloseable { |
120 | 132 |
|
121 | 133 | /** |
122 | 134 | * Utility to extract information from |
123 | | - * {@linkplain org.owasp.dependencycheck.data.nvd.json.DefCveItem}. |
| 135 | + * {@linkplain DefCveItem}. |
124 | 136 | */ |
125 | 137 | private final CveItemOperator cveItemConverter; |
126 | 138 | /** |
@@ -155,8 +167,6 @@ public int updateEcosystemCache() { |
155 | 167 | } |
156 | 168 | } catch (IOException ex) { |
157 | 169 | throw new DatabaseException("Unable to update the ecosystem cache", ex); |
158 | | - } catch (LinkageError ex) { |
159 | | - LOGGER.debug(new DefaultQuery(ex).call().toString()); |
160 | 170 | } |
161 | 171 | return updateCount; |
162 | 172 | } |
|
0 commit comments