fix: #8356 narrow down VersionFilterAnalyzer scope to JAR files by jimin-fundamental · Pull Request #8358 · dependency-check/DependencyCheck (original) (raw)
Pull request overview
This PR aligns VersionFilterAnalyzer’s behavior with its JavaDoc and issue #8356 by limiting it to operate only on JAR files, using the file-type analyzer mechanism already used across the core analyzers.
Changes:
- Updated
VersionFilterAnalyzerto extendAbstractFileTypeAnalyzerand added a.jarFileFilterviaFileFilterBuilder. - Implemented
getFileFilter()andprepareFileTypeAnalyzer(...)to conform to theAbstractFileTypeAnalyzercontract. - Added a unit test ensuring only
.jarfiles are accepted by the analyzer.
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| core/src/main/java/org/owasp/dependencycheck/analyzer/VersionFilterAnalyzer.java | Converts analyzer to a file-type analyzer and restricts scope to .jar files via a FileFilter. |
| core/src/test/java/org/owasp/dependencycheck/analyzer/VersionFilterAnalyzerTest.java | Adds coverage asserting the analyzer only accepts JARs and rejects other extensions. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.