feat: update to trustify-da

Author: soul2zimate

README.md

@@ -180,16 +180,16 @@ according to your preferences.
   You can specify a specific path to these binaries, and others by settings the following parameters as environment
   variables or system properties:
 
-    * `EXHORT_SYFT_PATH` : Specify the absolute path of `syft` executable.
-    * `EXHORT_SYFT_CONFIG_PATH` : Specify the absolute path to the Syft configuration file.
-    * `EXHORT_SKOPEO_PATH` : Specify the absolute path of `skopeo` executable.
-    * `EXHORT_SKOPEO_CONFIG_PATH` : Specify the absolute path to the authentication file used by the `skopeo inspect`
+    * `TRUSTIFY_DA_SYFT_PATH` : Specify the absolute path of `syft` executable.
+    * `TRUSTIFY_DA_SYFT_CONFIG_PATH` : Specify the absolute path to the Syft configuration file.
+    * `TRUSTIFY_DA_SKOPEO_PATH` : Specify the absolute path of `skopeo` executable.
+    * `TRUSTIFY_DA_SKOPEO_CONFIG_PATH` : Specify the absolute path to the authentication file used by the `skopeo inspect`
       command.
-    * `EXHORT_DOCKER_PATH` : Specify the absolute path of `docker` executable.
-    * `EXHORT_PODMAN_PATH` : Specify the absolute path of `podman` executable.
-    * `EXHORT_IMAGE_PLATFORM` : Specify the platform used for multi-arch images.
-    * `EXHORT_MVN_USER_SETTINGS` : Specify the absolute path to the Maven user settings file.
-    * `EXHORT_MVN_LOCAL_REPO` : Specify the absolute path to the Maven local repository.
+    * `TRUSTIFY_DA_DOCKER_PATH` : Specify the absolute path of `docker` executable.
+    * `TRUSTIFY_DA_PODMAN_PATH` : Specify the absolute path of `podman` executable.
+    * `TRUSTIFY_DA_IMAGE_PLATFORM` : Specify the platform used for multi-arch images.
+    * `TRUSTIFY_DA_MVN_USER_SETTINGS` : Specify the absolute path to the Maven user settings file.
+    * `TRUSTIFY_DA_MVN_LOCAL_REPO` : Specify the absolute path to the Maven local repository.
 
   ![ Animated screenshot showing the inline reporting feature of Image Analysis ](src/main/resources/images/image-analysis.gif)
 
@@ -239,20 +239,20 @@ When modifying the grammar or lexer files, you need to regenerate the parser cla
 - Comments and complex shell commands
 - Comprehensive syntax error handling
 
-- **Excluding dependencies with `exhortignore`**
+- **Excluding dependencies with `trustify-da-ignore`**
   <br >You can exclude a package from analysis by marking the package for exclusion.
-  If you want to ignore vulnerabilities for a dependency in a `pom.xml` file, you must add `exhortignore` as a comment
+  If you want to ignore vulnerabilities for a dependency in a `pom.xml` file, you must add `trustify-da-ignore` as a comment
   against the dependency, group id, artifact id, or version scopes of that particular dependency in the manifest file.
   For example:
   ```xml
-  <dependency> <!--exhortignore-->
+  <dependency> <!--trustify-da-ignore-->
       <groupId>...</groupId>
       <artifactId>...</artifactId>
       <version>...</version>
   </dependency>
   ```
 
-  If you want to ignore vulnerabilities for a dependency in a `package.json` file, you must add `exhortignore` as a
+  If you want to ignore vulnerabilities for a dependency in a `package.json` file, you must add `trustify-da-ignore` as a
   attribute-value pair.
   For example:
   ```json
@@ -270,33 +270,33 @@ When modifying the grammar or lexer files, you need to regenerate the parser cla
           "jsonwebtoken": "^8.5.1",
           "mongoose": "^5.9.18"
       },
-      "exhortignore": [
+      "trustify-da-ignore": [
           "jsonwebtoken"
       ]
   }
   ```
 
-  If you want to ignore vulnerabilities for a dependency in a `go.mod` file, you must add `exhortignore` as a comment
+  If you want to ignore vulnerabilities for a dependency in a `go.mod` file, you must add `trustify-da-ignore` as a comment
   against the dependency in the manifest file.
   For example:
   ```text
   require (
-      golang.org/x/sys v1.6.7 // exhortignore
+      golang.org/x/sys v1.6.7 // trustify-da-ignore
   )
   ```
 
-  If you want to ignore vulnerabilities for a dependency in a `requirements.txt` file, you must add `exhortignore` as a
+  If you want to ignore vulnerabilities for a dependency in a `requirements.txt` file, you must add `trustify-da-ignore` as a
   comment against the dependency in the manifest file.
   For example:
   ```text
-  requests==2.28.1 # exhortignore
+  requests==2.28.1 # trustify-da-ignore
   ```
-  If you want to ignore vulnerabilities for a dependency in a `build.gradle` file, you must add `exhortignore` as a
+  If you want to ignore vulnerabilities for a dependency in a `build.gradle` file, you must add `trustify-da-ignore` as a
   comment against the dependency in the manifest file.
   For example:
   ```text
-  implementation "log4j:log4j:1.2.17" // exhortignore
-  implementation group: 'log4j', name: 'log4j', version: '1.2.17' // exhortignore 
+  implementation "log4j:log4j:1.2.17" // trustify-da-ignore
+  implementation group: 'log4j', name: 'log4j', version: '1.2.17' // trustify-da-ignore
   ```
 
 - **Excluding developmental or test dependencies**

src/main/java/org/jboss/tools/intellij/componentanalysis/CAUtil.java

@@ -32,7 +32,7 @@
 public class CAUtil {
 
     public static String PACKAGE_JSON = "package.json";
-    public static String EXHORT_IGNORE = "exhortignore";
+    public static String TRUSTIFY_DA_IGNORE = "trustify-da-ignore";
     public static String DEPENDENCIES = "dependencies";
 
     public static Map<Dependency, List<PsiElement>> getDependencyListMap(PsiFile file) {
@@ -77,7 +77,7 @@ private static Set<String> getIgnoredDependencies(PsiFile file) {
         Set<String> ignored = Arrays.stream(file.getChildren())
                 .filter(e -> e instanceof JsonObject)
                 .flatMap(e -> Arrays.stream(e.getChildren()))
-                .filter(e -> e instanceof JsonProperty && EXHORT_IGNORE.equals(((JsonProperty) e).getName()))
+                .filter(e -> e instanceof JsonProperty && TRUSTIFY_DA_IGNORE.equals(((JsonProperty) e).getName()))
                 .flatMap(e -> Arrays.stream(e.getChildren()))
                 .filter(e -> e instanceof JsonArray)
                 .flatMap(e -> Arrays.stream(e.getChildren()))

src/main/java/org/jboss/tools/intellij/componentanalysis/golang/GoCAAnnotator.java

@@ -28,7 +28,7 @@
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 
-import static org.jboss.tools.intellij.componentanalysis.CAUtil.EXHORT_IGNORE;
+import static org.jboss.tools.intellij.componentanalysis.CAUtil.TRUSTIFY_DA_IGNORE;
 
 public class GoCAAnnotator extends CAAnnotator {
     public static final Pattern REQUIRE_PATTERN = Pattern.compile("^\\s*([a-zA-Z0-9._/-]+)\\s+(v?[0-9]+(?:\\.[0-9]+)*[0-9a-zA-Z\\-+._]*)(?:\\s*//.*)?$");
@@ -70,8 +70,8 @@ protected Map<Dependency, List<PsiElement>> getDependencies(PsiFile file) {
                 continue;
             }
 
-            // Skip if line contains exhortignore
-            if (line.contains(EXHORT_IGNORE)) {
+            // Skip if line contains trustify-da-ignore
+            if (line.contains(TRUSTIFY_DA_IGNORE)) {
                 continue;
             }
 

src/main/java/org/jboss/tools/intellij/componentanalysis/gradle/GradleCAAnnotator.java

@@ -29,7 +29,7 @@
 import java.util.Map;
 import java.util.Objects;
 
-import static org.jboss.tools.intellij.componentanalysis.CAUtil.EXHORT_IGNORE;
+import static org.jboss.tools.intellij.componentanalysis.CAUtil.TRUSTIFY_DA_IGNORE;
 
 public class GradleCAAnnotator extends CAAnnotator {
 
@@ -44,7 +44,7 @@ protected Map<Dependency, List<PsiElement>> getDependencies(PsiFile file) {
             Map<Dependency, List<PsiElement>> resultMap = new HashMap<>();
             Arrays.stream(file.getChildren())
                     .filter(e -> e instanceof Artifact)
-                    .filter(artifact -> ((Artifact)artifact).getComment() == null || Objects.nonNull(((Artifact)artifact).getComment()) && !((Artifact)artifact).getComment().getText().contains(EXHORT_IGNORE))
+                    .filter(artifact -> ((Artifact)artifact).getComment() == null || Objects.nonNull(((Artifact)artifact).getComment()) && !((Artifact)artifact).getComment().getText().contains(TRUSTIFY_DA_IGNORE))
                     .map(dep -> (Artifact)dep)
                     .forEach(  dep -> {
                             Dependency dependency = new Dependency("maven", dep.getGroup().getText().replace("\"","") , dep.getArtifactId().getText(),dep.getVersion().getText());

src/main/java/org/jboss/tools/intellij/componentanalysis/maven/MavenCAAnnotator.java

@@ -34,7 +34,7 @@
 import java.util.Optional;
 
 import static org.jboss.tools.intellij.componentanalysis.CAUtil.DEPENDENCIES;
-import static org.jboss.tools.intellij.componentanalysis.CAUtil.EXHORT_IGNORE;
+import static org.jboss.tools.intellij.componentanalysis.CAUtil.TRUSTIFY_DA_IGNORE;
 
 public class MavenCAAnnotator extends CAAnnotator {
 
@@ -58,7 +58,7 @@ protected Map<Dependency, List<PsiElement>> getDependencies(PsiFile file) {
                     .filter(e -> e instanceof XmlTag && "dependency".equals(((XmlTag) e).getName()))
                     .filter(e -> Arrays.stream(e.getChildren())
                             .noneMatch(c -> c instanceof XmlComment
-                                    && EXHORT_IGNORE.equals(((XmlComment) c).getCommentText().trim())))
+                                    && TRUSTIFY_DA_IGNORE.equals(((XmlComment) c).getCommentText().trim())))
                     .map(e -> (XmlTag) e)
                     .forEach(d -> {
                         List<XmlTag> elements = Arrays.stream(d.getChildren())

src/main/java/org/jboss/tools/intellij/componentanalysis/pypi/PipCAAnnotator.java

@@ -29,7 +29,7 @@
 import java.util.List;
 import java.util.Map;
 
-import static org.jboss.tools.intellij.componentanalysis.CAUtil.EXHORT_IGNORE;
+import static org.jboss.tools.intellij.componentanalysis.CAUtil.TRUSTIFY_DA_IGNORE;
 
 public class PipCAAnnotator extends CAAnnotator {
     @Override
@@ -50,7 +50,7 @@ protected Map<Dependency, List<PsiElement>> getDependencies(PsiFile file) {
                             .noneMatch(c -> {
                                 String comment = c.getText().trim();
                                 if (!comment.isEmpty() && '#' == comment.charAt(0)) {
-                                    return EXHORT_IGNORE.equals(comment.substring(1).trim());
+                                    return TRUSTIFY_DA_IGNORE.equals(comment.substring(1).trim());
                                 }
                                 return false;
                             }))