diff --git a/docs/templates/content/90-releasenotes.ftl b/docs/templates/content/90-releasenotes.ftl index 72b7596600..11250301d2 100644 --- a/docs/templates/content/90-releasenotes.ftl +++ b/docs/templates/content/90-releasenotes.ftl @@ -13,6 +13,7 @@ Moved download location of ${solution_name} for the shell script from /tmp to ~/ * The Yarn detector extracts project information from package.json files. * Added Yarn Detector support for dependencies that are missing a fuzzy version in a lockfile dependency declaration. * ${solution_name} logs policy violations when it is configured to [fail on policy violations](../properties/configuration/project/#fail-on-policy-violation-severities). +* Added the property [detect.blackduck.signature.scanner.copyright.search](../properties/configuration/signature scanner/#signature-scanner-copyright-search-advanced). * Detect now supports projects managed by the Cargo package manager. ### Changed features diff --git a/src/main/java/com/synopsys/integration/detect/configuration/DetectConfigurationFactory.kt b/src/main/java/com/synopsys/integration/detect/configuration/DetectConfigurationFactory.kt index 950aa7bd83..cbebe8730a 100644 --- a/src/main/java/com/synopsys/integration/detect/configuration/DetectConfigurationFactory.kt +++ b/src/main/java/com/synopsys/integration/detect/configuration/DetectConfigurationFactory.kt @@ -337,6 +337,7 @@ open class DetectConfigurationFactory(private val detectConfiguration: PropertyC val dryRun = PropertyConfigUtils.getFirstProvidedValueOrDefault(detectConfiguration, DetectProperties.DETECT_BLACKDUCK_SIGNATURE_SCANNER_DRY_RUN, DetectProperties.DETECT_HUB_SIGNATURE_SCANNER_DRY_RUN) val uploadSource = detectConfiguration.getValue(DetectProperties.DETECT_BLACKDUCK_SIGNATURE_SCANNER_UPLOAD_SOURCE_MODE) val licenseSearch = detectConfiguration.getValue(DetectProperties.DETECT_BLACKDUCK_SIGNATURE_SCANNER_LICENSE_SEARCH) + val copyrightSearch = detectConfiguration.getValue(DetectProperties.DETECT_BLACKDUCK_SIGNATURE_SCANNER_COPYRIGHT_SEARCH) val codeLocationPrefix = detectConfiguration.getValue(DetectProperties.DETECT_PROJECT_CODELOCATION_PREFIX).orElse(null) val codeLocationSuffix = detectConfiguration.getValue(DetectProperties.DETECT_PROJECT_CODELOCATION_SUFFIX).orElse(null) val additionalArguments = PropertyConfigUtils.getFirstProvidedValueOrEmpty(detectConfiguration, DetectProperties.DETECT_BLACKDUCK_SIGNATURE_SCANNER_ARGUMENTS, DetectProperties.DETECT_HUB_SIGNATURE_SCANNER_ARGUMENTS).orElse(null) @@ -371,7 +372,8 @@ open class DetectConfigurationFactory(private val detectConfiguration: PropertyC additionalArguments, maxDepth, findIndividualFileMatching(), - licenseSearch + licenseSearch, + copyrightSearch ) } diff --git a/src/main/java/com/synopsys/integration/detect/configuration/DetectProperties.kt b/src/main/java/com/synopsys/integration/detect/configuration/DetectProperties.kt index 676b301950..ebac51296b 100644 --- a/src/main/java/com/synopsys/integration/detect/configuration/DetectProperties.kt +++ b/src/main/java/com/synopsys/integration/detect/configuration/DetectProperties.kt @@ -219,6 +219,11 @@ class DetectProperties { setHelp("Additional arguments to use when running the Black Duck signature scanner.", "For example: Suppose you are running in bash on Linux and want to use the signature scanner's ability to read a list of directories to exclude from a file (using the signature scanner --exclude-from option). You tell the signature scanner read excluded directories from a file named excludes.txt in your home directory with: --detect.blackduck.signature.scanner.arguments='--exclude-from \${HOME}/excludes.txt'") setGroups(DetectGroup.SIGNATURE_SCANNER, DetectGroup.GLOBAL) } + val DETECT_BLACKDUCK_SIGNATURE_SCANNER_COPYRIGHT_SEARCH = BooleanProperty("detect.blackduck.signature.scanner.copyright.search", false).apply { + setInfo("Signature Scanner Copyright Search", "6.4.0") + setHelp("When set to true, user will be able to scan and discover copyright names in Black Duck.") + setGroups(DetectGroup.SIGNATURE_SCANNER) + } val DETECT_BLACKDUCK_SIGNATURE_SCANNER_DRY_RUN = BooleanProperty("detect.blackduck.signature.scanner.dry.run", false).apply { setInfo("Signature Scanner Dry Run", "4.2.0") setHelp("If set to true, the signature scanner results are not uploaded to Black Duck, and the scanner results are written to disk.") diff --git a/src/main/java/com/synopsys/integration/detect/tool/signaturescanner/BlackDuckSignatureScanner.java b/src/main/java/com/synopsys/integration/detect/tool/signaturescanner/BlackDuckSignatureScanner.java index d1757d88ac..9efc0036ae 100644 --- a/src/main/java/com/synopsys/integration/detect/tool/signaturescanner/BlackDuckSignatureScanner.java +++ b/src/main/java/com/synopsys/integration/detect/tool/signaturescanner/BlackDuckSignatureScanner.java @@ -214,6 +214,7 @@ protected ScanBatchBuilder createDefaultScanBatchBuilder(final NameVersion proje signatureScannerOptions.getSnippetMatching().ifPresent(scanJobBuilder::snippetMatching); scanJobBuilder.uploadSource(signatureScannerOptions.getUploadSource()); scanJobBuilder.licenseSearch(signatureScannerOptions.getLicenseSearch()); + scanJobBuilder.copyrightSearch(signatureScannerOptions.getCopyrightSearch()); signatureScannerOptions.getAdditionalArguments().ifPresent(scanJobBuilder::additionalScanArguments); diff --git a/src/main/java/com/synopsys/integration/detect/tool/signaturescanner/BlackDuckSignatureScannerOptions.java b/src/main/java/com/synopsys/integration/detect/tool/signaturescanner/BlackDuckSignatureScannerOptions.java index 7837852821..5cc5c157a8 100644 --- a/src/main/java/com/synopsys/integration/detect/tool/signaturescanner/BlackDuckSignatureScannerOptions.java +++ b/src/main/java/com/synopsys/integration/detect/tool/signaturescanner/BlackDuckSignatureScannerOptions.java @@ -61,6 +61,7 @@ public class BlackDuckSignatureScannerOptions { @Nullable private final IndividualFileMatching individualFileMatching; private final Boolean licenseSearch; + private final Boolean copyrightSearch; public BlackDuckSignatureScannerOptions( final List signatureScannerPaths, @@ -79,7 +80,8 @@ public BlackDuckSignatureScannerOptions( @Nullable final String additionalArguments, final Integer maxDepth, @Nullable final IndividualFileMatching individualFileMatching, - final Boolean licenseSearch) { + final Boolean licenseSearch, + final Boolean copyrightSearch) { this.signatureScannerPaths = signatureScannerPaths; this.exclusionPatterns = exclusionPatterns; @@ -98,6 +100,7 @@ public BlackDuckSignatureScannerOptions( this.maxDepth = maxDepth; this.individualFileMatching = individualFileMatching; this.licenseSearch = licenseSearch; + this.copyrightSearch = copyrightSearch; } public List getSignatureScannerPaths() { @@ -167,4 +170,8 @@ public Optional getIndividualFileMatching() { public Boolean getLicenseSearch() { return licenseSearch; } + + public Boolean getCopyrightSearch() { + return copyrightSearch; + } } diff --git a/src/test/java/com/synopsys/integration/detect/boot/ProductDeciderTest.java b/src/test/java/com/synopsys/integration/detect/boot/ProductDeciderTest.java index 175974869f..652f6ac567 100644 --- a/src/test/java/com/synopsys/integration/detect/boot/ProductDeciderTest.java +++ b/src/test/java/com/synopsys/integration/detect/boot/ProductDeciderTest.java @@ -121,7 +121,7 @@ private DetectToolFilter mockToolFilterForPolaris(boolean includesPolaris) { } private BlackDuckSignatureScannerOptions blackDuckSignatureScannerOptions(Path offlineScannerInstallPath, String userProvidedScannerInstallUrl) { - return new BlackDuckSignatureScannerOptions(Bds.listOf(), Bds.listOf(), Bds.listOf(), offlineScannerInstallPath, null, userProvidedScannerInstallUrl, 1024, 1, false, null, false, null, null, null, 1, null, false); + return new BlackDuckSignatureScannerOptions(Bds.listOf(), Bds.listOf(), Bds.listOf(), offlineScannerInstallPath, null, userProvidedScannerInstallUrl, 1024, 1, false, null, false, null, null, null, 1, null, false, false); } private BlackDuckConnectionDetails blackDuckConnectionDetails(boolean offline, String blackduckUrl) {