From 9db0e1b082310b9d735eb974ef7ea9230a1332a3 Mon Sep 17 00:00:00 2001 From: crowleySynopsys Date: Tue, 5 May 2020 14:28:09 -0400 Subject: [PATCH 1/5] feat(property): Added new property for copyright search in the scanner (IDETECT-1998) --- .../integration/detect/configuration/DetectProperties.kt | 5 +++++ .../tool/signaturescanner/BlackDuckSignatureScanner.java | 1 + .../BlackDuckSignatureScannerOptions.java | 9 ++++++++- 3 files changed, 14 insertions(+), 1 deletion(-) diff --git a/src/main/java/com/synopsys/integration/detect/configuration/DetectProperties.kt b/src/main/java/com/synopsys/integration/detect/configuration/DetectProperties.kt index 676b301950..e1d8709463 100644 --- a/src/main/java/com/synopsys/integration/detect/configuration/DetectProperties.kt +++ b/src/main/java/com/synopsys/integration/detect/configuration/DetectProperties.kt @@ -219,6 +219,11 @@ class DetectProperties { setHelp("Additional arguments to use when running the Black Duck signature scanner.", "For example: Suppose you are running in bash on Linux and want to use the signature scanner's ability to read a list of directories to exclude from a file (using the signature scanner --exclude-from option). You tell the signature scanner read excluded directories from a file named excludes.txt in your home directory with: --detect.blackduck.signature.scanner.arguments='--exclude-from \${HOME}/excludes.txt'") setGroups(DetectGroup.SIGNATURE_SCANNER, DetectGroup.GLOBAL) } + val DETECT_BLACKDUCK_SIGNATURE_SCANNER_COPYRIGHT_SEARCH = BooleanProperty("detect.blackduck.signature.scanner.copyright.search", false).apply { + setInfo("Signature Scanner Copyright Search", "6.4.0") + setHelp("When set to true, user will be able to scan and discover copyright names in Black Duck") + setGroups(DetectGroup.SIGNATURE_SCANNER) + } val DETECT_BLACKDUCK_SIGNATURE_SCANNER_DRY_RUN = BooleanProperty("detect.blackduck.signature.scanner.dry.run", false).apply { setInfo("Signature Scanner Dry Run", "4.2.0") setHelp("If set to true, the signature scanner results are not uploaded to Black Duck, and the scanner results are written to disk.") diff --git a/src/main/java/com/synopsys/integration/detect/tool/signaturescanner/BlackDuckSignatureScanner.java b/src/main/java/com/synopsys/integration/detect/tool/signaturescanner/BlackDuckSignatureScanner.java index d1757d88ac..06d44fe284 100644 --- a/src/main/java/com/synopsys/integration/detect/tool/signaturescanner/BlackDuckSignatureScanner.java +++ b/src/main/java/com/synopsys/integration/detect/tool/signaturescanner/BlackDuckSignatureScanner.java @@ -214,6 +214,7 @@ protected ScanBatchBuilder createDefaultScanBatchBuilder(final NameVersion proje signatureScannerOptions.getSnippetMatching().ifPresent(scanJobBuilder::snippetMatching); scanJobBuilder.uploadSource(signatureScannerOptions.getUploadSource()); scanJobBuilder.licenseSearch(signatureScannerOptions.getLicenseSearch()); + //scanJobBuilder.copyrightSearch(signatureScannerOptions.getCopyrightSearch()); signatureScannerOptions.getAdditionalArguments().ifPresent(scanJobBuilder::additionalScanArguments); diff --git a/src/main/java/com/synopsys/integration/detect/tool/signaturescanner/BlackDuckSignatureScannerOptions.java b/src/main/java/com/synopsys/integration/detect/tool/signaturescanner/BlackDuckSignatureScannerOptions.java index 7837852821..5cc5c157a8 100644 --- a/src/main/java/com/synopsys/integration/detect/tool/signaturescanner/BlackDuckSignatureScannerOptions.java +++ b/src/main/java/com/synopsys/integration/detect/tool/signaturescanner/BlackDuckSignatureScannerOptions.java @@ -61,6 +61,7 @@ public class BlackDuckSignatureScannerOptions { @Nullable private final IndividualFileMatching individualFileMatching; private final Boolean licenseSearch; + private final Boolean copyrightSearch; public BlackDuckSignatureScannerOptions( final List signatureScannerPaths, @@ -79,7 +80,8 @@ public BlackDuckSignatureScannerOptions( @Nullable final String additionalArguments, final Integer maxDepth, @Nullable final IndividualFileMatching individualFileMatching, - final Boolean licenseSearch) { + final Boolean licenseSearch, + final Boolean copyrightSearch) { this.signatureScannerPaths = signatureScannerPaths; this.exclusionPatterns = exclusionPatterns; @@ -98,6 +100,7 @@ public BlackDuckSignatureScannerOptions( this.maxDepth = maxDepth; this.individualFileMatching = individualFileMatching; this.licenseSearch = licenseSearch; + this.copyrightSearch = copyrightSearch; } public List getSignatureScannerPaths() { @@ -167,4 +170,8 @@ public Optional getIndividualFileMatching() { public Boolean getLicenseSearch() { return licenseSearch; } + + public Boolean getCopyrightSearch() { + return copyrightSearch; + } } From 8f3e56d880a7b1bbf8ab6c43022b0a30e43cfda7 Mon Sep 17 00:00:00 2001 From: crowleySynopsys Date: Wed, 6 May 2020 13:22:58 -0400 Subject: [PATCH 2/5] feat(scanner): Add copyrightSearch to ScanBatchBuilder --- build.gradle | 2 +- .../detect/tool/signaturescanner/BlackDuckSignatureScanner.java | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/build.gradle b/build.gradle index 1b13e0c1c2..61677e42f6 100644 --- a/build.gradle +++ b/build.gradle @@ -13,7 +13,7 @@ import com.synopsys.integration.log.PrintStreamIntLogger buildscript { ext { springBootVersion = '2.2.4.RELEASE' - blackDuckCommonVersion = '47.1.0' + blackDuckCommonVersion = '47.1.3' polarisCommonVersion = '0.13.2' junitPlatformDefaultTestTags = 'integration, performance, battery' } diff --git a/src/main/java/com/synopsys/integration/detect/tool/signaturescanner/BlackDuckSignatureScanner.java b/src/main/java/com/synopsys/integration/detect/tool/signaturescanner/BlackDuckSignatureScanner.java index 06d44fe284..9efc0036ae 100644 --- a/src/main/java/com/synopsys/integration/detect/tool/signaturescanner/BlackDuckSignatureScanner.java +++ b/src/main/java/com/synopsys/integration/detect/tool/signaturescanner/BlackDuckSignatureScanner.java @@ -214,7 +214,7 @@ protected ScanBatchBuilder createDefaultScanBatchBuilder(final NameVersion proje signatureScannerOptions.getSnippetMatching().ifPresent(scanJobBuilder::snippetMatching); scanJobBuilder.uploadSource(signatureScannerOptions.getUploadSource()); scanJobBuilder.licenseSearch(signatureScannerOptions.getLicenseSearch()); - //scanJobBuilder.copyrightSearch(signatureScannerOptions.getCopyrightSearch()); + scanJobBuilder.copyrightSearch(signatureScannerOptions.getCopyrightSearch()); signatureScannerOptions.getAdditionalArguments().ifPresent(scanJobBuilder::additionalScanArguments); From 617439be0fa344ec986495635e8e20f1f5f95281 Mon Sep 17 00:00:00 2001 From: crowleySynopsys Date: Wed, 6 May 2020 13:44:03 -0400 Subject: [PATCH 3/5] feat(scanner): Pass copyrightSearch to SignatureScannerOptions --- .../detect/configuration/DetectConfigurationFactory.kt | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/main/java/com/synopsys/integration/detect/configuration/DetectConfigurationFactory.kt b/src/main/java/com/synopsys/integration/detect/configuration/DetectConfigurationFactory.kt index 950aa7bd83..cbebe8730a 100644 --- a/src/main/java/com/synopsys/integration/detect/configuration/DetectConfigurationFactory.kt +++ b/src/main/java/com/synopsys/integration/detect/configuration/DetectConfigurationFactory.kt @@ -337,6 +337,7 @@ open class DetectConfigurationFactory(private val detectConfiguration: PropertyC val dryRun = PropertyConfigUtils.getFirstProvidedValueOrDefault(detectConfiguration, DetectProperties.DETECT_BLACKDUCK_SIGNATURE_SCANNER_DRY_RUN, DetectProperties.DETECT_HUB_SIGNATURE_SCANNER_DRY_RUN) val uploadSource = detectConfiguration.getValue(DetectProperties.DETECT_BLACKDUCK_SIGNATURE_SCANNER_UPLOAD_SOURCE_MODE) val licenseSearch = detectConfiguration.getValue(DetectProperties.DETECT_BLACKDUCK_SIGNATURE_SCANNER_LICENSE_SEARCH) + val copyrightSearch = detectConfiguration.getValue(DetectProperties.DETECT_BLACKDUCK_SIGNATURE_SCANNER_COPYRIGHT_SEARCH) val codeLocationPrefix = detectConfiguration.getValue(DetectProperties.DETECT_PROJECT_CODELOCATION_PREFIX).orElse(null) val codeLocationSuffix = detectConfiguration.getValue(DetectProperties.DETECT_PROJECT_CODELOCATION_SUFFIX).orElse(null) val additionalArguments = PropertyConfigUtils.getFirstProvidedValueOrEmpty(detectConfiguration, DetectProperties.DETECT_BLACKDUCK_SIGNATURE_SCANNER_ARGUMENTS, DetectProperties.DETECT_HUB_SIGNATURE_SCANNER_ARGUMENTS).orElse(null) @@ -371,7 +372,8 @@ open class DetectConfigurationFactory(private val detectConfiguration: PropertyC additionalArguments, maxDepth, findIndividualFileMatching(), - licenseSearch + licenseSearch, + copyrightSearch ) } From 8d2c17979c5674eb9f21ced58a9743cee80a136d Mon Sep 17 00:00:00 2001 From: crowleySynopsys Date: Wed, 6 May 2020 14:10:04 -0400 Subject: [PATCH 4/5] feat(test): Pass copyrightSearch to SignatureScannerOptions in ProductDeciderTest --- .../synopsys/integration/detect/boot/ProductDeciderTest.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/test/java/com/synopsys/integration/detect/boot/ProductDeciderTest.java b/src/test/java/com/synopsys/integration/detect/boot/ProductDeciderTest.java index 175974869f..652f6ac567 100644 --- a/src/test/java/com/synopsys/integration/detect/boot/ProductDeciderTest.java +++ b/src/test/java/com/synopsys/integration/detect/boot/ProductDeciderTest.java @@ -121,7 +121,7 @@ private DetectToolFilter mockToolFilterForPolaris(boolean includesPolaris) { } private BlackDuckSignatureScannerOptions blackDuckSignatureScannerOptions(Path offlineScannerInstallPath, String userProvidedScannerInstallUrl) { - return new BlackDuckSignatureScannerOptions(Bds.listOf(), Bds.listOf(), Bds.listOf(), offlineScannerInstallPath, null, userProvidedScannerInstallUrl, 1024, 1, false, null, false, null, null, null, 1, null, false); + return new BlackDuckSignatureScannerOptions(Bds.listOf(), Bds.listOf(), Bds.listOf(), offlineScannerInstallPath, null, userProvidedScannerInstallUrl, 1024, 1, false, null, false, null, null, null, 1, null, false, false); } private BlackDuckConnectionDetails blackDuckConnectionDetails(boolean offline, String blackduckUrl) { From ebf3f1a95c4ef84bdc7fd7c335fffaf44a868fc8 Mon Sep 17 00:00:00 2001 From: crowleySynopsys Date: Fri, 15 May 2020 15:59:10 -0400 Subject: [PATCH 5/5] feat(doc): Updated documentation to detail new property --- docs/templates/content/90-releasenotes.ftl | 1 + .../integration/detect/configuration/DetectProperties.kt | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/templates/content/90-releasenotes.ftl b/docs/templates/content/90-releasenotes.ftl index f0346a93e6..5b081f25b4 100644 --- a/docs/templates/content/90-releasenotes.ftl +++ b/docs/templates/content/90-releasenotes.ftl @@ -5,6 +5,7 @@ * The Yarn detector extracts project information from package.json files. * Added Yarn Detector support for dependencies that are missing a fuzzy version in a lockfile dependency declaration. * ${solution_name} logs policy violations when it is configured to [fail on policy violations](../properties/configuration/project/#fail-on-policy-violation-severities). +* Added the property [detect.blackduck.signature.scanner.copyright.search](../properties/configuration/signature scanner/#signature-scanner-copyright-search-advanced). ### Changed features * Users can [upload source](../properties/configuration/signature scanner/#upload-source-mode) files when only [license search](../properties/configuration/signature scanner/#signature-scanner-license-search) is enabled. diff --git a/src/main/java/com/synopsys/integration/detect/configuration/DetectProperties.kt b/src/main/java/com/synopsys/integration/detect/configuration/DetectProperties.kt index e1d8709463..ebac51296b 100644 --- a/src/main/java/com/synopsys/integration/detect/configuration/DetectProperties.kt +++ b/src/main/java/com/synopsys/integration/detect/configuration/DetectProperties.kt @@ -221,7 +221,7 @@ class DetectProperties { } val DETECT_BLACKDUCK_SIGNATURE_SCANNER_COPYRIGHT_SEARCH = BooleanProperty("detect.blackduck.signature.scanner.copyright.search", false).apply { setInfo("Signature Scanner Copyright Search", "6.4.0") - setHelp("When set to true, user will be able to scan and discover copyright names in Black Duck") + setHelp("When set to true, user will be able to scan and discover copyright names in Black Duck.") setGroups(DetectGroup.SIGNATURE_SCANNER) } val DETECT_BLACKDUCK_SIGNATURE_SCANNER_DRY_RUN = BooleanProperty("detect.blackduck.signature.scanner.dry.run", false).apply {