package org.owasp.dependencycheck.dependency;

import java.io.File;
import java.io.IOException;
import java.io.Serializable;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.TreeSet;
import javax.annotation.concurrent.ThreadSafe;
import org.apache.commons.lang3.builder.EqualsBuilder;
import org.apache.commons.lang3.builder.HashCodeBuilder;
import org.owasp.dependencycheck.data.nexus.MavenArtifact;
import org.owasp.dependencycheck.utils.Checksum;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@ThreadSafe
/* loaded from: input_file:WEB-INF/lib/dependency-check-core-3.1.1.jar:org/owasp/dependencycheck/dependency/Dependency.class */
public class Dependency extends EvidenceCollection implements Serializable {
    private static final long serialVersionUID = 1;
    private static final Logger LOGGER = LoggerFactory.getLogger(Dependency.class);
    private String actualFilePath;
    private String filePath;
    private String fileName;
    private String packagePath;
    private String md5sum;
    private String sha1sum;
    private final Set<Identifier> identifiers;
    private String displayName;
    private final Set<Identifier> suppressedIdentifiers;
    private final Set<Vulnerability> suppressedVulnerabilities;
    private String description;
    private String license;
    private final Set<Vulnerability> vulnerabilities;
    private final Set<Dependency> relatedDependencies;
    private final Set<String> projectReferences;
    private final List<String> availableVersions;
    private boolean isVirtual;
    private String name;
    private String version;
    private String ecosystem;

    public String getPackagePath() {
        return this.packagePath;
    }

    public void setPackagePath(String str) {
        this.packagePath = str;
    }

    public Dependency() {
        this.identifiers = new TreeSet();
        this.displayName = null;
        this.suppressedIdentifiers = new TreeSet();
        this.suppressedVulnerabilities = new HashSet();
        this.vulnerabilities = new HashSet();
        this.relatedDependencies = new HashSet();
        this.projectReferences = new HashSet();
        this.availableVersions = new ArrayList();
        this.isVirtual = false;
    }

    public Dependency(File file) {
        this(file, false);
    }

    public Dependency(File file, boolean z) {
        this();
        this.isVirtual = z;
        this.actualFilePath = file.getAbsolutePath();
        this.filePath = this.actualFilePath;
        this.fileName = file.getName();
        this.packagePath = this.filePath;
        determineHashes(file);
    }

    public String getFileName() {
        return this.fileName;
    }

    public void setFileName(String str) {
        this.fileName = str;
    }

    public void setActualFilePath(String str) {
        this.actualFilePath = str;
        if (this.sha1sum == null) {
            determineHashes(new File(this.actualFilePath));
        }
    }

    public String getActualFilePath() {
        return this.actualFilePath;
    }

    public File getActualFile() {
        return new File(this.actualFilePath);
    }

    public void setFilePath(String str) {
        if (this.packagePath == null || this.packagePath.equals(this.filePath)) {
            this.packagePath = str;
        }
        this.filePath = str;
    }

    public void setDisplayFileName(String str) {
        this.displayName = str;
    }

    public String getDisplayFileName() {
        return this.displayName != null ? this.displayName : this.name == null ? this.fileName : this.version == null ? this.name : this.name + ":" + this.version;
    }

    public String getFilePath() {
        return this.filePath;
    }

    public String getMd5sum() {
        return this.md5sum;
    }

    public void setMd5sum(String str) {
        this.md5sum = str;
    }

    public String getSha1sum() {
        return this.sha1sum;
    }

    public void setSha1sum(String str) {
        this.sha1sum = str;
    }

    public synchronized Set<Identifier> getIdentifiers() {
        return Collections.unmodifiableSet(new HashSet(this.identifiers));
    }

    protected synchronized void addIdentifiers(Set<Identifier> set) {
        this.identifiers.addAll(set);
    }

    public synchronized void addIdentifier(String str, String str2, String str3) {
        this.identifiers.add(new Identifier(str, str2, str3));
    }

    public synchronized void addIdentifier(String str, String str2, String str3, Confidence confidence) {
        Identifier identifier = new Identifier(str, str2, str3);
        identifier.setConfidence(confidence);
        this.identifiers.add(identifier);
    }

    public synchronized void removeIdentifier(Identifier identifier) {
        this.identifiers.remove(identifier);
    }

    public void addAsEvidence(String str, MavenArtifact mavenArtifact, Confidence confidence) {
        if (mavenArtifact.getGroupId() != null && !mavenArtifact.getGroupId().isEmpty()) {
            addEvidence(EvidenceType.VENDOR, str, "groupid", mavenArtifact.getGroupId(), confidence);
        }
        if (mavenArtifact.getArtifactId() != null && !mavenArtifact.getArtifactId().isEmpty()) {
            addEvidence(EvidenceType.PRODUCT, str, "artifactid", mavenArtifact.getArtifactId(), confidence);
        }
        if (mavenArtifact.getVersion() != null && !mavenArtifact.getVersion().isEmpty()) {
            addEvidence(EvidenceType.VERSION, str, "version", mavenArtifact.getVersion(), confidence);
        }
        if (mavenArtifact.getArtifactUrl() == null || mavenArtifact.getArtifactUrl().isEmpty()) {
            return;
        }
        boolean z = false;
        synchronized (this) {
            Iterator<Identifier> it = this.identifiers.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                Identifier next = it.next();
                if ("maven".equals(next.getType()) && next.getValue().equals(mavenArtifact.toString())) {
                    z = true;
                    next.setConfidence(Confidence.HIGHEST);
                    next.setUrl("http://search.maven.org/#search|ga|1|1%3A%22" + getSha1sum() + "%22");
                    LOGGER.debug("Already found identifier {}. Confidence set to highest", next.getValue());
                    break;
                }
            }
        }
        if (z) {
            return;
        }
        LOGGER.debug("Adding new maven identifier {}", mavenArtifact);
        addIdentifier("maven", mavenArtifact.toString(), mavenArtifact.getArtifactUrl(), Confidence.HIGHEST);
    }

    public synchronized void addIdentifier(Identifier identifier) {
        this.identifiers.add(identifier);
    }

    public synchronized Set<Identifier> getSuppressedIdentifiers() {
        return Collections.unmodifiableSet(new HashSet(this.suppressedIdentifiers));
    }

    public synchronized void addSuppressedIdentifier(Identifier identifier) {
        this.suppressedIdentifiers.add(identifier);
    }

    public synchronized Set<Vulnerability> getVulnerabilities() {
        return getVulnerabilities(false);
    }

    public synchronized Set<Vulnerability> getVulnerabilities(boolean z) {
        return Collections.unmodifiableSet(z ? new TreeSet(this.vulnerabilities) : this.vulnerabilities);
    }

    public synchronized Set<Vulnerability> getSuppressedVulnerabilities() {
        return getSuppressedVulnerabilities(false);
    }

    public synchronized Set<Vulnerability> getSuppressedVulnerabilities(boolean z) {
        return Collections.unmodifiableSet(z ? new TreeSet(this.suppressedVulnerabilities) : this.suppressedVulnerabilities);
    }

    public synchronized void addSuppressedVulnerability(Vulnerability vulnerability) {
        this.suppressedVulnerabilities.add(vulnerability);
    }

    public String getDescription() {
        return this.description;
    }

    public void setDescription(String str) {
        this.description = str;
    }

    public String getLicense() {
        return this.license;
    }

    public void setLicense(String str) {
        this.license = str;
    }

    public String getName() {
        return this.name;
    }

    public void setName(String str) {
        this.name = str;
    }

    private void determineHashes(File file) {
        String str = null;
        String str2 = null;
        if (this.isVirtual) {
            return;
        }
        try {
            str = Checksum.getMD5Checksum(file);
            str2 = Checksum.getSHA1Checksum(file);
        } catch (IOException e) {
            LOGGER.warn("Unable to read '{}' to determine hashes.", file.getName());
            LOGGER.debug("", e);
        } catch (NoSuchAlgorithmException e2) {
            LOGGER.warn("Unable to use MD5 or SHA1 checksums.");
            LOGGER.debug("", e2);
        }
        setMd5sum(str);
        setSha1sum(str2);
    }

    public synchronized void addVulnerability(Vulnerability vulnerability) {
        this.vulnerabilities.add(vulnerability);
    }

    public synchronized void addVulnerabilities(List<Vulnerability> list) {
        this.vulnerabilities.addAll(list);
    }

    public synchronized void removeVulnerability(Vulnerability vulnerability) {
        this.vulnerabilities.remove(vulnerability);
    }

    public synchronized Set<Dependency> getRelatedDependencies() {
        return Collections.unmodifiableSet(new HashSet(this.relatedDependencies));
    }

    public synchronized Set<String> getProjectReferences() {
        return Collections.unmodifiableSet(new HashSet(this.projectReferences));
    }

    public synchronized void addProjectReference(String str) {
        this.projectReferences.add(str);
    }

    public synchronized void addAllProjectReferences(Set<String> set) {
        this.projectReferences.addAll(set);
    }

    public synchronized void addRelatedDependency(Dependency dependency) {
        if (this == dependency) {
            LOGGER.warn("Attempted to add a circular reference - please post the log file to issue #172 here https://github.com/jeremylong/DependencyCheck/issues/172");
            LOGGER.debug("this: {}", this);
            LOGGER.debug("dependency: {}", dependency);
        } else {
            if (this.relatedDependencies.add(dependency)) {
                return;
            }
            LOGGER.debug("Failed to add dependency, likely due to referencing the same file as another dependency in the set.");
            LOGGER.debug("this: {}", this);
            LOGGER.debug("dependency: {}", dependency);
        }
    }

    public synchronized void removeRelatedDependencies(Dependency dependency) {
        this.relatedDependencies.remove(dependency);
    }

    public synchronized List<String> getAvailableVersions() {
        return Collections.unmodifiableList(new ArrayList(this.availableVersions));
    }

    public synchronized void addAvailableVersion(String str) {
        this.availableVersions.add(str);
    }

    public boolean isVirtual() {
        return this.isVirtual;
    }

    @Override // org.owasp.dependencycheck.dependency.EvidenceCollection
    public boolean equals(Object obj) {
        if (obj == null || getClass() != obj.getClass()) {
            return false;
        }
        Dependency dependency = (Dependency) obj;
        return new EqualsBuilder().appendSuper(super.equals(obj)).append(this.actualFilePath, dependency.actualFilePath).append(this.filePath, dependency.filePath).append(this.fileName, dependency.fileName).append(this.packagePath, dependency.packagePath).append(this.md5sum, dependency.md5sum).append(this.sha1sum, dependency.sha1sum).append(this.identifiers, dependency.identifiers).append(this.description, dependency.description).append(this.license, dependency.license).append(this.vulnerabilities, dependency.vulnerabilities).append(this.projectReferences, dependency.projectReferences).append(this.availableVersions, dependency.availableVersions).append(this.version, dependency.version).append(this.ecosystem, dependency.ecosystem).isEquals();
    }

    @Override // org.owasp.dependencycheck.dependency.EvidenceCollection
    public int hashCode() {
        return new HashCodeBuilder(3, 47).appendSuper(super.hashCode()).append(this.actualFilePath).append(this.filePath).append(this.fileName).append(this.packagePath).append(this.md5sum).append(this.sha1sum).append(this.identifiers).append(this.description).append(this.license).append(this.vulnerabilities).append(this.projectReferences).append(this.availableVersions).append(this.version).append(this.ecosystem).toHashCode();
    }

    @Override // org.owasp.dependencycheck.dependency.EvidenceCollection
    public String toString() {
        return "Dependency{ fileName='" + this.fileName + "', actualFilePath='" + this.actualFilePath + "', filePath='" + this.filePath + "', packagePath='" + this.packagePath + "'}";
    }

    public synchronized void addSuppressedVulnerabilities(List<Vulnerability> list) {
        this.suppressedVulnerabilities.addAll(list);
    }

    public String getVersion() {
        return this.version;
    }

    public void setVersion(String str) {
        this.version = str;
    }

    public String getEcosystem() {
        return this.ecosystem;
    }

    public void setEcosystem(String str) {
        this.ecosystem = str;
    }

    @Override // org.owasp.dependencycheck.dependency.EvidenceCollection
    public /* bridge */ /* synthetic */ int size() {
        return super.size();
    }

    @Override // org.owasp.dependencycheck.dependency.EvidenceCollection
    public /* bridge */ /* synthetic */ boolean contains(EvidenceType evidenceType, Confidence confidence) {
        return super.contains(evidenceType, confidence);
    }

    @Override // org.owasp.dependencycheck.dependency.EvidenceCollection
    public /* bridge */ /* synthetic */ boolean contains(EvidenceType evidenceType, Evidence evidence) {
        return super.contains(evidenceType, evidence);
    }

    @Override // org.owasp.dependencycheck.dependency.EvidenceCollection
    public /* bridge */ /* synthetic */ Set getEvidence(EvidenceType evidenceType) {
        return super.getEvidence(evidenceType);
    }

    @Override // org.owasp.dependencycheck.dependency.EvidenceCollection
    public /* bridge */ /* synthetic */ Set getProductWeightings() {
        return super.getProductWeightings();
    }

    @Override // org.owasp.dependencycheck.dependency.EvidenceCollection
    public /* bridge */ /* synthetic */ Set getVendorWeightings() {
        return super.getVendorWeightings();
    }

    @Override // org.owasp.dependencycheck.dependency.EvidenceCollection
    public /* bridge */ /* synthetic */ void addProductWeighting(String str) {
        super.addProductWeighting(str);
    }

    @Override // org.owasp.dependencycheck.dependency.EvidenceCollection
    public /* bridge */ /* synthetic */ void addVendorWeighting(String str) {
        super.addVendorWeighting(str);
    }

    @Override // org.owasp.dependencycheck.dependency.EvidenceCollection
    public /* bridge */ /* synthetic */ void addEvidence(EvidenceType evidenceType, String str, String str2, String str3, Confidence confidence) {
        super.addEvidence(evidenceType, str, str2, str3, confidence);
    }

    @Override // org.owasp.dependencycheck.dependency.EvidenceCollection
    public /* bridge */ /* synthetic */ void removeEvidence(EvidenceType evidenceType, Evidence evidence) {
        super.removeEvidence(evidenceType, evidence);
    }

    @Override // org.owasp.dependencycheck.dependency.EvidenceCollection
    public /* bridge */ /* synthetic */ void addEvidence(EvidenceType evidenceType, Evidence evidence) {
        super.addEvidence(evidenceType, evidence);
    }

    @Override // org.owasp.dependencycheck.dependency.EvidenceCollection
    public /* bridge */ /* synthetic */ Iterable getIterator(EvidenceType evidenceType, Confidence confidence) {
        return super.getIterator(evidenceType, confidence);
    }
}
