package net.nmoncho.sbt.dependencycheck.tasks;

import java.io.File;
import java.util.ArrayList;
import java.util.List;
import net.nmoncho.sbt.dependencycheck.VulnerabilityFoundException;
import net.nmoncho.sbt.dependencycheck.settings.SuppressionRule;
import org.owasp.dependencycheck.Engine;
import org.owasp.dependencycheck.agent.DependencyCheckScanAgent;
import org.owasp.dependencycheck.analyzer.Analyzer;
import org.owasp.dependencycheck.analyzer.VulnerabilitySuppressionAnalyzer;
import org.owasp.dependencycheck.data.nexus.MavenArtifact;
import org.owasp.dependencycheck.dependency.Confidence;
import org.owasp.dependencycheck.dependency.Dependency;
import org.owasp.dependencycheck.dependency.EvidenceType;
import org.owasp.dependencycheck.dependency.Vulnerability;
import org.owasp.dependencycheck.dependency.naming.GenericIdentifier;
import org.owasp.dependencycheck.dependency.naming.Identifier;
import org.owasp.dependencycheck.dependency.naming.PurlIdentifier;
import org.owasp.dependencycheck.exception.ExceptionCollection;
import org.owasp.dependencycheck.reporting.ReportGenerator;
import org.owasp.dependencycheck.utils.Downloader;
import org.owasp.dependencycheck.utils.Settings;
import org.owasp.dependencycheck.utils.SeverityUtil;
import sbt.ConcurrentRestrictions;
import sbt.Keys$;
import sbt.Tags$;
import sbt.internal.util.Attributed;
import sbt.librarymanagement.Configuration;
import sbt.librarymanagement.ModuleID;
import sbt.util.Logger;
import scala.Function1;
import scala.MatchError;
import scala.Option;
import scala.Option$;
import scala.Predef$;
import scala.collection.Iterable;
import scala.collection.IterableLike;
import scala.collection.Seq;
import scala.collection.Seq$;
import scala.collection.immutable.Set;
import scala.collection.mutable.ArrayOps;
import scala.jdk.CollectionConverters$;
import scala.runtime.BoxedUnit;
import scala.runtime.BoxesRunTime;
import scala.util.Failure;
import scala.util.Success;
import scala.util.Try$;
import scala.util.control.NonFatal$;

/* compiled from: package.scala */
/* loaded from: input_file:net/nmoncho/sbt/dependencycheck/tasks/package$.class */
public final class package$ {
    public static package$ MODULE$;
    private final ConcurrentRestrictions.Tag NonParallel;

    static {
        new package$();
    }

    public ConcurrentRestrictions.Tag NonParallel() {
        return this.NonParallel;
    }

    public <A> A withEngine(Settings settings, Function1<Engine, A> function1, Logger logger) {
        ClassLoader contextClassLoader = Thread.currentThread().getContextClassLoader();
        ClassLoader classLoader = Engine.class.getClassLoader();
        Engine engine = new Engine(classLoader, settings);
        try {
            Thread.currentThread().setContextClassLoader(classLoader);
            try {
                Downloader.getInstance().configure(settings);
                return (A) function1.apply(engine);
            } catch (Throwable th) {
                Option unapply = NonFatal$.MODULE$.unapply(th);
                if (unapply.isEmpty()) {
                    throw th;
                }
                Throwable th2 = (Throwable) unapply.get();
                net.nmoncho.sbt.dependencycheck.package$.MODULE$.logFailure(th2, logger);
                throw th2;
            }
        } finally {
            engine.close();
            engine.getSettings().cleanup(true);
            Thread.currentThread().setContextClassLoader(contextClassLoader);
        }
    }

    public Seq<Attributed<File>> logAddDependencies(Seq<Attributed<File>> seq, Configuration configuration, Logger logger) {
        return logDependencies(seq, configuration, "Adding", logger);
    }

    public Seq<Attributed<File>> logRemoveDependencies(Seq<Attributed<File>> seq, Configuration configuration, Logger logger) {
        return logDependencies(seq, configuration, "Removing", logger);
    }

    public Seq<Attributed<File>> logDependencies(Seq<Attributed<File>> seq, Configuration configuration, String str, Logger logger) {
        logger.debug(() -> {
            return new StringBuilder(24).append(str).append(" ").append(configuration.name()).append(" dependencies to check.").toString();
        });
        seq.foreach(attributed -> {
            $anonfun$logDependencies$2(logger, attributed);
            return BoxedUnit.UNIT;
        });
        return seq;
    }

    public void analyzeProject(String str, Engine engine, Set<Attributed<File>> set, Seq<SuppressionRule> seq, Seq<File> seq2, double d, File file, Seq<ReportGenerator.Format> seq3, Logger logger) {
        addSuppressionRules(seq, engine);
        addDependencies(set, engine, logger);
        seq2.foreach(file2 -> {
            return engine.scan(file2);
        });
        Predef$.MODULE$.println(engine.getSettings().getDataDirectory());
        engine.analyzeDependencies();
        if (seq3.isEmpty()) {
            logger.info(() -> {
                return "No Report Format was selected for the Dependency Check Analysis";
            });
        }
        seq3.foreach(format -> {
            $anonfun$analyzeProject$3(engine, file, format);
            return BoxedUnit.UNIT;
        });
        failOnFoundVulnerabilities(d, engine, str);
    }

    private void addSuppressionRules(Seq<SuppressionRule> seq, Engine engine) {
        ((IterableLike) CollectionConverters$.MODULE$.asScalaBufferConverter(engine.getAnalyzers()).asScala()).foreach(analyzer -> {
            $anonfun$addSuppressionRules$1(engine, seq, analyzer);
            return BoxedUnit.UNIT;
        });
    }

    private void addDependencies(Set<Attributed<File>> set, Engine engine, Logger logger) {
        set.foreach(attributed -> {
            if (attributed.data() != null) {
                List scan = engine.scan(new File(((File) attributed.data()).getAbsolutePath()));
                return attributed.get(Keys$.MODULE$.moduleID().key()).flatMap(moduleID -> {
                    return Option$.MODULE$.apply(scan).filterNot(list -> {
                        return BoxesRunTime.boxToBoolean(list.isEmpty());
                    }).flatMap(list2 -> {
                        return Option$.MODULE$.apply(list2.get(0)).map(dependency -> {
                            $anonfun$addDependencies$5(moduleID, dependency);
                            return BoxedUnit.UNIT;
                        });
                    });
                });
            }
            logger.warn(() -> {
                return new StringBuilder(56).append("Attributed[File] = [").append(attributed).append("] has null data and won't be scanned").toString();
            });
            return BoxedUnit.UNIT;
        });
    }

    private void addEvidence(ModuleID moduleID, Dependency dependency) {
        MavenArtifact mavenArtifact = new MavenArtifact(moduleID.organization(), moduleID.name(), moduleID.revision());
        dependency.addAsEvidence("sbt", mavenArtifact, Confidence.HIGHEST);
        dependency.addSoftwareIdentifier(getIdentifier(mavenArtifact, moduleID));
        moduleID.configurations().foreach(str -> {
            $anonfun$addEvidence$1(dependency, str);
            return BoxedUnit.UNIT;
        });
    }

    private Identifier getIdentifier(MavenArtifact mavenArtifact, ModuleID moduleID) {
        Success apply = Try$.MODULE$.apply(() -> {
            return new PurlIdentifier("sbt", mavenArtifact.getGroupId(), mavenArtifact.getArtifactId(), mavenArtifact.getVersion(), Confidence.HIGHEST);
        });
        if (apply instanceof Success) {
            return (PurlIdentifier) apply.value();
        }
        if (apply instanceof Failure) {
            return new GenericIdentifier(String.format("sbt:%s:%s:%s", moduleID.organization(), moduleID.name(), moduleID.revision()), Confidence.HIGHEST);
        }
        throw new MatchError(apply);
    }

    private void failOnFoundVulnerabilities(double d, Engine engine, String str) {
        if (new ArrayOps.ofRef(Predef$.MODULE$.refArrayOps(engine.getDependencies())).exists(dependency -> {
            return BoxesRunTime.boxToBoolean($anonfun$failOnFoundVulnerabilities$1(d, dependency));
        })) {
            DependencyCheckScanAgent.showSummary(str, engine.getDependencies());
            throw new VulnerabilityFoundException(new StringBuilder(50).append("Vulnerability with CVSS score higher than [").append(d).append("] found").toString());
        }
    }

    public static final /* synthetic */ void $anonfun$logDependencies$2(Logger logger, Attributed attributed) {
        logger.debug(() -> {
            return new StringBuilder(1).append("\t").append(((File) attributed.data()).getName()).toString();
        });
    }

    public static final /* synthetic */ void $anonfun$analyzeProject$3(Engine engine, File file, ReportGenerator.Format format) {
        engine.writeReports(engine.getSettings().getString("odc.application.name"), file, format.name(), (ExceptionCollection) null);
    }

    public static final /* synthetic */ void $anonfun$addSuppressionRules$1(Engine engine, Seq seq, Analyzer analyzer) {
        if (!(analyzer instanceof VulnerabilitySuppressionAnalyzer)) {
            BoxedUnit boxedUnit = BoxedUnit.UNIT;
            return;
        }
        VulnerabilitySuppressionAnalyzer vulnerabilitySuppressionAnalyzer = (VulnerabilitySuppressionAnalyzer) analyzer;
        vulnerabilitySuppressionAnalyzer.prepare(engine);
        if (!vulnerabilitySuppressionAnalyzer.isEnabled()) {
            BoxedUnit boxedUnit2 = BoxedUnit.UNIT;
            return;
        }
        List list = (List) Option$.MODULE$.apply(engine.getObject("suppression.rules")).map(obj -> {
            return (List) obj;
        }).getOrElse(() -> {
            return new ArrayList();
        });
        list.addAll(CollectionConverters$.MODULE$.asJavaCollectionConverter((Iterable) seq.map(suppressionRule -> {
            return suppressionRule.toOwasp();
        }, Seq$.MODULE$.canBuildFrom())).asJavaCollection());
        engine.putObject("suppression.rules", list);
        BoxedUnit boxedUnit3 = BoxedUnit.UNIT;
    }

    public static final /* synthetic */ void $anonfun$addDependencies$5(ModuleID moduleID, Dependency dependency) {
        MODULE$.addEvidence(moduleID, dependency);
    }

    public static final /* synthetic */ void $anonfun$addEvidence$1(Dependency dependency, String str) {
        dependency.addEvidence(EvidenceType.VENDOR, "sbt", "configuration", str, Confidence.HIGHEST);
    }

    public static final /* synthetic */ boolean $anonfun$failOnFoundVulnerabilities$2(double d, Vulnerability vulnerability) {
        return (vulnerability.getCvssV2() != null && Predef$.MODULE$.Double2double(vulnerability.getCvssV2().getCvssData().getBaseScore()) >= d) || (vulnerability.getCvssV3() != null && Predef$.MODULE$.Double2double(vulnerability.getCvssV3().getCvssData().getBaseScore()) >= d) || ((vulnerability.getUnscoredSeverity() != null && Predef$.MODULE$.Double2double(SeverityUtil.estimateCvssV2(vulnerability.getUnscoredSeverity())) >= d) || d <= 0.0d);
    }

    public static final /* synthetic */ boolean $anonfun$failOnFoundVulnerabilities$1(double d, Dependency dependency) {
        return ((IterableLike) CollectionConverters$.MODULE$.asScalaSetConverter(dependency.getVulnerabilities()).asScala()).exists(vulnerability -> {
            return BoxesRunTime.boxToBoolean($anonfun$failOnFoundVulnerabilities$2(d, vulnerability));
        });
    }

    private package$() {
        MODULE$ = this;
        this.NonParallel = Tags$.MODULE$.Tag("NonParallel");
    }
}
