Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Trivy analyzer integration #1370

Open
wants to merge 12 commits into
base: main
Choose a base branch
from

Merge branch 'main' into add-trivy-support

7ed686f
Select commit
Loading
Failed to load commit list.
Open

Trivy analyzer integration #1370

Merge branch 'main' into add-trivy-support
7ed686f
Select commit
Loading
Failed to load commit list.
Codacy Production / Codacy Static Code Analysis succeeded Jul 8, 2024 in 0s

Your pull request is up to standards!

Codacy found no issues in your code

Annotations

Check warning on line 144 in vulnerability-analyzer/src/main/java/org/dependencytrack/vulnanalyzer/processor/scanner/trivy/TrivyProcessor.java

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

vulnerability-analyzer/src/main/java/org/dependencytrack/vulnanalyzer/processor/scanner/trivy/TrivyProcessor.java#L144 

The method 'analyzeBlobInfo(List, MultivaluedMap)' has an NPath complexity of 300, current threshold is 200

Check warning on line 56 in vulnerability-analyzer/src/test/java/org/dependencytrack/vulnanalyzer/client/trivy/AuthorizationClientHeaderFactoryTest.java

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

vulnerability-analyzer/src/test/java/org/dependencytrack/vulnanalyzer/client/trivy/AuthorizationClientHeaderFactoryTest.java#L56 

Avoid unused local variables such as 'apiTokenSupplier'.

Check notice on line 57 in vulnerability-analyzer/src/test/java/org/dependencytrack/vulnanalyzer/client/trivy/AuthorizationClientHeaderFactoryTest.java

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

vulnerability-analyzer/src/test/java/org/dependencytrack/vulnanalyzer/client/trivy/AuthorizationClientHeaderFactoryTest.java#L57 

Unnecessary use of fully qualified name 'Mockito.mock' due to existing static import 'org.mockito.Mockito.mock'

Check notice on line 35 in vulnerability-analyzer/src/test/java/org/dependencytrack/vulnanalyzer/client/trivy/ModelConverterToCdxTest.java

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

vulnerability-analyzer/src/test/java/org/dependencytrack/vulnanalyzer/client/trivy/ModelConverterToCdxTest.java#L35 

Unnecessary use of fully qualified name 'org.dependencytrack.vulnanalyzer.client.trivy.Vulnerability' due to existing same package import 'org.dependencytrack.vulnanalyzer.client.trivy.*'

Check notice on line 55 in vulnerability-analyzer/src/test/java/org/dependencytrack/vulnanalyzer/client/trivy/ModelConverterToCdxTest.java

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

vulnerability-analyzer/src/test/java/org/dependencytrack/vulnanalyzer/client/trivy/ModelConverterToCdxTest.java#L55 

Unnecessary use of fully qualified name 'org.dependencytrack.vulnanalyzer.client.trivy.ModelConverterToCdx.convert' due to existing same package import 'org.dependencytrack.vulnanalyzer.client.trivy.*'

Check notice on line 90 in vulnerability-analyzer/src/test/java/org/dependencytrack/vulnanalyzer/processor/scanner/trivy/TrivyProcessorTest.java

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

vulnerability-analyzer/src/test/java/org/dependencytrack/vulnanalyzer/processor/scanner/trivy/TrivyProcessorTest.java#L90 

Fields should be declared at the top of the class, before any method declarations, constructors, initializers or inner classes.

Check notice on line 93 in vulnerability-analyzer/src/test/java/org/dependencytrack/vulnanalyzer/processor/scanner/trivy/TrivyProcessorTest.java

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

vulnerability-analyzer/src/test/java/org/dependencytrack/vulnanalyzer/processor/scanner/trivy/TrivyProcessorTest.java#L93 

Fields should be declared at the top of the class, before any method declarations, constructors, initializers or inner classes.

Check notice on line 97 in vulnerability-analyzer/src/test/java/org/dependencytrack/vulnanalyzer/processor/scanner/trivy/TrivyProcessorTest.java

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

vulnerability-analyzer/src/test/java/org/dependencytrack/vulnanalyzer/processor/scanner/trivy/TrivyProcessorTest.java#L97 

Fields should be declared at the top of the class, before any method declarations, constructors, initializers or inner classes.

Check notice on line 101 in vulnerability-analyzer/src/test/java/org/dependencytrack/vulnanalyzer/processor/scanner/trivy/TrivyProcessorTest.java

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

vulnerability-analyzer/src/test/java/org/dependencytrack/vulnanalyzer/processor/scanner/trivy/TrivyProcessorTest.java#L101 

Fields should be declared at the top of the class, before any method declarations, constructors, initializers or inner classes.

Check notice on line 105 in vulnerability-analyzer/src/test/java/org/dependencytrack/vulnanalyzer/processor/scanner/trivy/TrivyProcessorTest.java

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

vulnerability-analyzer/src/test/java/org/dependencytrack/vulnanalyzer/processor/scanner/trivy/TrivyProcessorTest.java#L105 

Fields should be declared at the top of the class, before any method declarations, constructors, initializers or inner classes.

Check notice on line 107 in vulnerability-analyzer/src/test/java/org/dependencytrack/vulnanalyzer/processor/scanner/trivy/TrivyProcessorTest.java

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

vulnerability-analyzer/src/test/java/org/dependencytrack/vulnanalyzer/processor/scanner/trivy/TrivyProcessorTest.java#L107 

Fields should be declared at the top of the class, before any method declarations, constructors, initializers or inner classes.

Check notice on line 108 in vulnerability-analyzer/src/test/java/org/dependencytrack/vulnanalyzer/processor/scanner/trivy/TrivyProcessorTest.java

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

vulnerability-analyzer/src/test/java/org/dependencytrack/vulnanalyzer/processor/scanner/trivy/TrivyProcessorTest.java#L108 

Fields should be declared at the top of the class, before any method declarations, constructors, initializers or inner classes.

Check notice on line 109 in vulnerability-analyzer/src/test/java/org/dependencytrack/vulnanalyzer/processor/scanner/trivy/TrivyProcessorTest.java

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

vulnerability-analyzer/src/test/java/org/dependencytrack/vulnanalyzer/processor/scanner/trivy/TrivyProcessorTest.java#L109 

Fields should be declared at the top of the class, before any method declarations, constructors, initializers or inner classes.

Check warning on line 213 in vulnerability-analyzer/src/test/java/org/dependencytrack/vulnanalyzer/processor/scanner/trivy/TrivyProcessorTest.java

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

vulnerability-analyzer/src/test/java/org/dependencytrack/vulnanalyzer/processor/scanner/trivy/TrivyProcessorTest.java#L213 

Avoid unused local variables such as 'inputRecord'.
View more details on Codacy Production