diff --git a/ant/src/main/java/org/owasp/dependencycheck/taskdefs/Check.java b/ant/src/main/java/org/owasp/dependencycheck/taskdefs/Check.java index 1033ab41425..f569ea8be65 100644 --- a/ant/src/main/java/org/owasp/dependencycheck/taskdefs/Check.java +++ b/ant/src/main/java/org/owasp/dependencycheck/taskdefs/Check.java @@ -20,6 +20,8 @@ import java.io.File; import java.util.ArrayList; import java.util.List; +import java.util.stream.Collectors; +import java.util.stream.Stream; import javax.annotation.concurrent.NotThreadSafe; import org.apache.tools.ant.BuildException; @@ -35,6 +37,7 @@ import org.owasp.dependencycheck.data.nvdcve.DatabaseException; import org.owasp.dependencycheck.dependency.Dependency; import org.owasp.dependencycheck.dependency.Vulnerability; +import org.owasp.dependencycheck.dependency.naming.Identifier; import org.owasp.dependencycheck.exception.ExceptionCollection; import org.owasp.dependencycheck.exception.ReportException; import org.owasp.dependencycheck.reporting.ReportGenerator.Format; @@ -2301,8 +2304,12 @@ private void checkForFailure(Dependency[] dependencies) throws BuildException { || (failBuildOnCVSS <= 0.0f)) { if (addName) { addName = false; - ids.append(NEW_LINE).append(d.getFileName()).append(": "); - ids.append(v.getName()); + ids.append(NEW_LINE).append(d.getFileName()).append(" (") + .append(Stream.concat(d.getSoftwareIdentifiers().stream(), d.getVulnerableSoftwareIdentifiers().stream()) + .map(Identifier::getValue) + .collect(Collectors.joining(", "))) + .append("): ") + .append(v.getName()); } else { ids.append(", ").append(v.getName()); } diff --git a/cli/src/main/java/org/owasp/dependencycheck/App.java b/cli/src/main/java/org/owasp/dependencycheck/App.java index 2b176c96d31..3e85e35ef8f 100644 --- a/cli/src/main/java/org/owasp/dependencycheck/App.java +++ b/cli/src/main/java/org/owasp/dependencycheck/App.java @@ -24,6 +24,8 @@ import java.util.List; import java.util.Set; +import java.util.stream.Collectors; +import java.util.stream.Stream; import org.apache.commons.cli.ParseException; import org.apache.tools.ant.DirectoryScanner; import org.owasp.dependencycheck.data.nvdcve.DatabaseException; @@ -31,6 +33,7 @@ import org.owasp.dependencycheck.dependency.Vulnerability; import org.apache.tools.ant.types.LogLevel; import org.owasp.dependencycheck.data.update.exception.UpdateException; +import org.owasp.dependencycheck.dependency.naming.Identifier; import org.owasp.dependencycheck.exception.ExceptionCollection; import org.owasp.dependencycheck.exception.ReportException; import org.owasp.dependencycheck.utils.Downloader; @@ -331,7 +334,11 @@ private int determineReturnCode(Engine engine, float cvssFailScore) { } if (addName) { addName = false; - ids.append(NEW_LINE).append(d.getFileName()).append(": "); + ids.append(NEW_LINE).append(d.getFileName()).append(" (") + .append(Stream.concat(d.getSoftwareIdentifiers().stream(), d.getVulnerableSoftwareIdentifiers().stream()) + .map(Identifier::getValue) + .collect(Collectors.joining(", "))) + .append("): "); ids.append(v.getName()).append('(').append(score).append(')'); } else { ids.append(", ").append(v.getName()).append('(').append(score).append(')'); diff --git a/core/src/main/java/org/owasp/dependencycheck/agent/DependencyCheckScanAgent.java b/core/src/main/java/org/owasp/dependencycheck/agent/DependencyCheckScanAgent.java index 5d8f3eb2541..ee32f08a32d 100644 --- a/core/src/main/java/org/owasp/dependencycheck/agent/DependencyCheckScanAgent.java +++ b/core/src/main/java/org/owasp/dependencycheck/agent/DependencyCheckScanAgent.java @@ -1011,8 +1011,12 @@ private void checkForFailure(Dependency[] dependencies) throws ScanAgentExceptio || (failBuildOnCVSS <= 0.0f)) { if (addName) { addName = false; - ids.append(NEW_LINE).append(d.getFileName()).append(": "); - ids.append(v.getName()); + ids.append(NEW_LINE).append(d.getFileName()).append(" (") + .append(Stream.concat(d.getSoftwareIdentifiers().stream(), d.getVulnerableSoftwareIdentifiers().stream()) + .map(Identifier::getValue) + .collect(Collectors.joining(", "))) + .append("): ") + .append(v.getName()); } else { ids.append(", ").append(v.getName()); } diff --git a/maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java b/maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java index 159aa780c7e..c2ab499c0d3 100644 --- a/maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java +++ b/maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java @@ -21,6 +21,8 @@ import com.github.packageurl.PackageURL.StandardTypes; import com.github.packageurl.PackageURL; import io.github.jeremylong.jcs3.slf4j.Slf4jAdapter; +import java.util.stream.Collectors; +import java.util.stream.Stream; import org.apache.maven.artifact.Artifact; import org.apache.maven.artifact.DefaultArtifact; import org.apache.maven.artifact.handler.DefaultArtifactHandler; @@ -2662,8 +2664,12 @@ protected void checkForFailure(Dependency[] dependencies) throws MojoFailureExce } if (addName) { addName = false; - ids.append(NEW_LINE).append(d.getFileName()).append(": "); - ids.append(name); + ids.append(NEW_LINE).append(d.getFileName()).append(" (") + .append(Stream.concat(d.getSoftwareIdentifiers().stream(), d.getVulnerableSoftwareIdentifiers().stream()) + .map(Identifier::getValue) + .collect(Collectors.joining(", "))) + .append("): ") + .append(name); } else { ids.append(", ").append(name); }