feat: Add support for scanning Java packages (intel#1463)

anthonyharrison · Dec 26, 2021 · 74e251a · 74e251a
1 parent 9e3d9cc
commit 74e251a
Showing 1 changed file with 7 additions and 5 deletions.
diff --git a/cve_bin_tool/version_scanner.py b/cve_bin_tool/version_scanner.py
@@ -175,8 +175,8 @@ def scan_file(self, filename):
 
         yield from self.run_checkers(filename, lines)
 
-   def find_java_vendor(self, product, version):
-        """ Find vendor for Java product """
+    def find_java_vendor(self, product, version):
+        """Find vendor for Java product"""
         vendor_package_pair = self.cve_db.get_vendor_product_pairs(product)
         # If no match, try alternative product name.
         # Apache product names are stored as A_B in NVD database but often called A-B
@@ -194,9 +194,9 @@ def find_java_vendor(self, product, version):
             self.logger.debug(f"{file_path} {product} {version} by {vendor}")
             return ProductInfo(vendor, product, version), file_path
         return None, None
-        
+
     def run_java_checker(self, filename, lines):
-        """ Process maven pom.xml file and extract product and dependency details """
+        """Process maven pom.xml file and extract product and dependency details"""
         tree = ET.parse(filename)
         # Find root element
         root = tree.getroot()
@@ -235,7 +235,9 @@ def run_java_checker(self, filename, lines):
                         self.logger.debug(f"{file_path} {product.text} {version}")
                         if version[0].isdigit():
                             # Valid version identifier
-                            product_info, file_path = self.find_java_vendor(product.text, version)
+                            product_info, file_path = self.find_java_vendor(
+                                product.text, version
+                            )
                             if file_path is not None:
                                 yield product_info, file_path