use of org.eclipse.sw360.cvesearch.datasource.CveSearchGuesser in project sw360portal by sw360.
the class SearchLevels method guessForRelease.
private List<NeedleWithMeta> guessForRelease(CveSearchGuesser cveSearchGuesser, Release release, boolean useVersionInformation) throws IOException {
if (useVersionInformation && !release.isSetVersion()) {
return Collections.emptyList();
}
List<Match> vendorProductList;
String productHaystack = release.getName();
if (release.isSetVendor() && (release.getVendor().isSetShortname() || release.getVendor().isSetFullname())) {
String vendorHaystack = nullToEmptyString(release.getVendor().getShortname()) + " " + nullToEmptyString(release.getVendor().getFullname());
vendorProductList = cveSearchGuesser.guessVendorAndProducts(vendorHaystack, productHaystack);
} else {
vendorProductList = cveSearchGuesser.guessVendorAndProducts(productHaystack);
}
String cpeNeedlePostfix = ":" + (useVersionInformation ? release.getVersion() : "") + CPE_WILDCARD;
Function<String, String> cpeBuilder = cpeNeedle -> CPE_NEEDLE_PREFIX + cpeNeedle + cpeNeedlePostfix;
return vendorProductList.stream().map(match -> new NeedleWithMeta(cpeBuilder.apply(match.getNeedle()), "heuristic (dist. " + (useVersionInformation ? "0" : "1") + match.getDistance() + ")")).collect(Collectors.toList());
}
use of org.eclipse.sw360.cvesearch.datasource.CveSearchGuesser in project sw360portal by sw360.
the class SearchLevels method addGuessingSearchLevels.
private void addGuessingSearchLevels(CveSearchApi cveSearchApi, int vendorThreshold, int productThreshold, int cutoff) {
CveSearchGuesser cveSearchGuesser = new CveSearchGuesser(cveSearchApi);
cveSearchGuesser.setVendorThreshold(vendorThreshold);
cveSearchGuesser.setProductThreshold(productThreshold);
cveSearchGuesser.setCutoff(cutoff);
// Level 2. search by guessed vendors and products with version
searchLevels.add(release -> guessForRelease(cveSearchGuesser, release, true));
// Level 3. search by guessed vendors and products without version
searchLevels.add(release -> guessForRelease(cveSearchGuesser, release, false));
}
Aggregations