From d8d5b50601e296b43f1e0221fbaa5a8f4a510154 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=B3bert=20Papp=20=28TWiStErRob=29?= Date: Wed, 7 Dec 2022 10:14:09 +0000 Subject: [PATCH 1/6] Fix outdated LICENSE.txt and NOTICE.txt links (branch name, path, repo, etc.) --- core/README.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/core/README.md b/core/README.md index 4a44521944f..c1c440a4017 100644 --- a/core/README.md +++ b/core/README.md @@ -15,4 +15,9 @@ Dependency-Check makes use of several other open source libraries. Please see th [wiki]: https://github.com/jeremylong/DependencyCheck/wiki +<<<<<<< HEAD +======= + [subscribe]: mailto:dependency-check+subscribe@googlegroups.com + [post]: mailto:dependency-check@googlegroups.com +>>>>>>> 4c84d6d9c (Fix outdated LICENSE.txt and NOTICE.txt links) [notices]: https://github.com/jeremylong/DependencyCheck/blob/main/NOTICE.txt From 80b3047fdbd225f75ba0800b04ef75902cc57c3a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=B3bert=20Papp=20=28TWiStErRob=29?= Date: Wed, 7 Dec 2022 10:20:48 +0000 Subject: [PATCH 2/6] Fix strange links --- core/README.md | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/core/README.md b/core/README.md index c1c440a4017..f653565411e 100644 --- a/core/README.md +++ b/core/README.md @@ -1,8 +1,7 @@ Dependency-Check-Core ================ -Dependency-Check-Core is the main engine used by all of the other modules to do the analysis and reporting. - +Dependency-Check-Core is the main engine used by all of the other modules to do the analysis and reporting.s Copyright & License ------------ @@ -15,9 +14,4 @@ Dependency-Check makes use of several other open source libraries. Please see th [wiki]: https://github.com/jeremylong/DependencyCheck/wiki -<<<<<<< HEAD -======= - [subscribe]: mailto:dependency-check+subscribe@googlegroups.com - [post]: mailto:dependency-check@googlegroups.com ->>>>>>> 4c84d6d9c (Fix outdated LICENSE.txt and NOTICE.txt links) [notices]: https://github.com/jeremylong/DependencyCheck/blob/main/NOTICE.txt From b68c8d030a86784f326205966d7cbb19f841cd7f Mon Sep 17 00:00:00 2001 From: Jeremy Long Date: Thu, 8 Dec 2022 05:42:58 -0500 Subject: [PATCH 3/6] fix(doc): fixed broken links --- core/README.md | 3 --- 1 file changed, 3 deletions(-) diff --git a/core/README.md b/core/README.md index f653565411e..c0234cc9c40 100644 --- a/core/README.md +++ b/core/README.md @@ -3,9 +3,6 @@ Dependency-Check-Core Dependency-Check-Core is the main engine used by all of the other modules to do the analysis and reporting.s -Copyright & License ------------- - Dependency-Check is Copyright (c) 2012-2014 Jeremy Long. All Rights Reserved. Permission to modify and redistribute is granted under the terms of the Apache 2.0 license. See the [LICENSE.txt](https://raw.githubusercontent.com/jeremylong/DependencyCheck/main/LICENSE.txt) file for the full license. From de5e8cab0c0512b8ad266df8c581aa8c8644d9f8 Mon Sep 17 00:00:00 2001 From: Jeremy Long Date: Thu, 8 Dec 2022 06:40:04 -0500 Subject: [PATCH 4/6] fix: correct node_module path resolves #5119 --- .../dependencycheck/analyzer/NodePackageAnalyzer.java | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/core/src/main/java/org/owasp/dependencycheck/analyzer/NodePackageAnalyzer.java b/core/src/main/java/org/owasp/dependencycheck/analyzer/NodePackageAnalyzer.java index 07d3bb4b006..91e4d759a05 100644 --- a/core/src/main/java/org/owasp/dependencycheck/analyzer/NodePackageAnalyzer.java +++ b/core/src/main/java/org/owasp/dependencycheck/analyzer/NodePackageAnalyzer.java @@ -361,7 +361,7 @@ private void processDependencies(JsonObject json, File baseDir, File rootFile, for (Map.Entry entry : deps.entrySet()) { String pathName = entry.getKey(); String name = pathName; - final File base; + File base; final int indexOfNodeModule = name.lastIndexOf(NODE_MODULES_DIRNAME); if (indexOfNodeModule >= 0) { @@ -369,6 +369,11 @@ private void processDependencies(JsonObject json, File baseDir, File rootFile, base = Paths.get(baseDir.getPath(), pathName).toFile(); } else { base = Paths.get(baseDir.getPath(), "node_modules", name).toFile(); + if (!base.isFile()) { + if ("node_modules".equals(baseDir.getParentFile().getName())) { + base = Paths.get(baseDir.getParent(), name).toFile(); + } + } } final String version; From 38c39243ba4724f8c8f986cbc40da0f287e81541 Mon Sep 17 00:00:00 2001 From: Jeremy Long Date: Thu, 8 Dec 2022 06:59:44 -0500 Subject: [PATCH 5/6] fix(doc): fix mess I created rebasing --- core/README.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/core/README.md b/core/README.md index c0234cc9c40..b05b6e327e2 100644 --- a/core/README.md +++ b/core/README.md @@ -1,7 +1,10 @@ Dependency-Check-Core ================ -Dependency-Check-Core is the main engine used by all of the other modules to do the analysis and reporting.s +Dependency-Check-Core is the main engine used by all of the other modules to do the analysis and reporting. + +Copyright & License +------------ Dependency-Check is Copyright (c) 2012-2014 Jeremy Long. All Rights Reserved. From 7841d46c74509c23d8f53fe78bbf02f6ab38229d Mon Sep 17 00:00:00 2001 From: Jeremy Long Date: Thu, 8 Dec 2022 07:21:35 -0500 Subject: [PATCH 6/6] fix: checkstyle --- .../org/owasp/dependencycheck/analyzer/NodePackageAnalyzer.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/src/main/java/org/owasp/dependencycheck/analyzer/NodePackageAnalyzer.java b/core/src/main/java/org/owasp/dependencycheck/analyzer/NodePackageAnalyzer.java index 91e4d759a05..57bcf58aaea 100644 --- a/core/src/main/java/org/owasp/dependencycheck/analyzer/NodePackageAnalyzer.java +++ b/core/src/main/java/org/owasp/dependencycheck/analyzer/NodePackageAnalyzer.java @@ -359,7 +359,7 @@ private void processDependencies(JsonObject json, File baseDir, File rootFile, if (deps != null) { for (Map.Entry entry : deps.entrySet()) { - String pathName = entry.getKey(); + final String pathName = entry.getKey(); String name = pathName; File base;