Skip jar analysis when Java <11

bjk7119 · bjk7119 · commit 421dc0d59c60 · 2025-11-12T16:57:40.000+09:00
diff --git a/src/fosslight_binary/binary_analysis.py b/src/fosslight_binary/binary_analysis.py
@@ -25,6 +25,8 @@
 import hashlib
 import tlsh
 from io import open
+import subprocess
+import re
 
 PKG_NAME = "fosslight_binary"
 logger = logging.getLogger(constant.LOGGER_NAME)
@@ -249,12 +251,19 @@ def find_binaries(path_to_find_bin, output_dir, formats, dburl="", simple_mode=F
         try:
             # Run OWASP Dependency-check
             if found_jar:
-                logger.info("Run OWASP Dependency-check to analyze .jar file")
-                owasp_items, vulnerability_items, success = analyze_jar_file(path_to_find_bin, abs_path_to_exclude)
-                if success:
-                    return_list = merge_binary_list(owasp_items, vulnerability_items, return_list)
+                # Check Java version (Dependency-check requires Java 11+)
+                java_ver = get_java_version()
+                if java_ver is None:
+                    logger.warning("Java runtime not found. Skip OWASP Dependency-check for jar analysis.")
+                elif java_ver < 11:
+                    logger.warning(f"Java version {java_ver} detected (<11). Skip OWASP Dependency-check for jar analysis.")
                 else:
-                    logger.warning("Could not find OSS information for some jar files.")
+                    logger.info(f"Run OWASP Dependency-check to analyze .jar file")
+                    owasp_items, vulnerability_items, success = analyze_jar_file(path_to_find_bin, abs_path_to_exclude)
+                    if success:
+                        return_list = merge_binary_list(owasp_items, vulnerability_items, return_list)
+                    else:
+                        logger.warning("Could not find OSS information for some jar files.")
 
             return_list, db_loaded_cnt = get_oss_info_from_db(return_list, dburl)
             return_list = sorted(return_list, key=lambda row: (row.bin_name_with_path))
@@ -346,6 +355,19 @@ def check_binary(file_with_path):
     return is_bin_confirmed
 
 
+def get_java_version():
+    try:
+        completed = subprocess.run(["java", "-version"], capture_output=True, text=True)
+        first_line = (completed.stderr or completed.stdout).splitlines()[0]
+
+        m = re.search(r'"(\d+)', first_line)
+        if not m:
+            return None
+        return int(m.group(1))
+    except Exception:
+        return None
+
+
 def error_occured(error_msg, exit=False, result_log={}, mode="Normal mode"):
     _error_logs.append(error_msg)
     if exit:
