Package org.palladiosimulator.retriever.vulnerability.core

Class SnykCLIStaticCodeAnalyst

java.lang.Object
org.palladiosimulator.retriever.vulnerability.core.SnykCLIStaticCodeAnalyst
All Implemented Interfaces:
ICodeAnalyst, IStaticCodeAnalyst
public class SnykCLIStaticCodeAnalyst extends Object implements IStaticCodeAnalyst

  • Constructor Details

    • SnykCLIStaticCodeAnalyst

      public SnykCLIStaticCodeAnalyst(Path snykLocation, Path outputLocation, String apiKey, String snykToken)
      Creates a SnykCLIStaticCodeAnalyst which will use the specified Snyk executable.
      Parameters:
      snykLocation - a path to a Snyk executable
      outputLocation - a path to the output directory
      apiKey - an API key for the vulnerability database
      snykToken - a token for using the Snyk executable.

  • Method Details

    • analyze

      public IStaticCodeAnalysisResult analyze(Map<org.palladiosimulator.pcm.system.System,Path> systemPaths)
      Specified by:
      analyze in interface IStaticCodeAnalyst

    • analyze

      public IStaticCodeAnalysisResult analyze(Map<org.palladiosimulator.pcm.system.System,Path> systemPaths, boolean saveResult)

    • parseSnykCLIOutput

      public StaticCodeAnalyisResult parseSnykCLIOutput(String output)
      Takes Snyk CLI output and parses it. StaticCodeAnalysisResults will be built out of the parsed information.
      Parameters:
      output - of a Snyk CLI process
      Returns:
      StaticCodeAnalyisResult object containing all parsed data

    • analyze

      public IStaticCodeAnalysisResult analyze(String path)
      Description copied from interface: ICodeAnalyst
      Request a analysis result of a repository or docker image from the analysis provider.
      Specified by:
      analyze in interface ICodeAnalyst
      Parameters:
      path - String that indicates the path to the repository or docker image to analyze.
      Returns:
      A result object that holds all important analysis information.