package com.metaeffekt.artifact.enrichment.vulnerability;

import com.metaeffekt.artifact.analysis.vulnerability.enrichment.filter.FilterAttribute;
import com.metaeffekt.artifact.enrichment.InventoryEnricher;
import com.metaeffekt.artifact.enrichment.configurations.VulnerabilityFilterEnrichmentConfiguration;
import com.metaeffekt.mirror.contents.base.VulnerabilityContextInventory;
import com.metaeffekt.mirror.contents.vulnerability.Vulnerability;
import com.metaeffekt.mirror.download.documentation.EnricherMetadata;
import com.metaeffekt.mirror.download.documentation.InventoryEnrichmentPhase;
import java.io.File;
import org.metaeffekt.core.inventory.processor.model.Inventory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@EnricherMetadata(name = "Vulnerability Filtering", phase = InventoryEnrichmentPhase.INVENTORY_POST_PROCESSING, intermediateFileSuffix = "vulnerability-filter", mavenPropertyName = "vulnerabilityFilterEnrichment")
/* loaded from: input_file:com/metaeffekt/artifact/enrichment/vulnerability/VulnerabilityFilterEnrichment.class */
public class VulnerabilityFilterEnrichment extends InventoryEnricher {
    private static final Logger LOG = LoggerFactory.getLogger(VulnerabilityFilterEnrichment.class);
    private VulnerabilityFilterEnrichmentConfiguration configuration = new VulnerabilityFilterEnrichmentConfiguration();

    public VulnerabilityFilterEnrichment(File file) {
    }

    public VulnerabilityFilterEnrichment() {
    }

    public void setConfiguration(VulnerabilityFilterEnrichmentConfiguration vulnerabilityFilterEnrichmentConfiguration) {
        this.configuration = vulnerabilityFilterEnrichmentConfiguration;
    }

    @Override // com.metaeffekt.artifact.enrichment.InventoryEnricher
    public VulnerabilityFilterEnrichmentConfiguration getConfiguration() {
        return this.configuration;
    }

    @Override // com.metaeffekt.artifact.enrichment.InventoryEnricher
    protected void performEnrichment(Inventory inventory) {
        FilterAttribute vulnerabilityIncludeFilterAttribute = this.configuration.getVulnerabilityIncludeFilterAttribute();
        if (vulnerabilityIncludeFilterAttribute == null) {
            LOG.warn("No vulnerability filter configured, skipping enrichment [{}]", getEnrichmentName());
            return;
        }
        LOG.info("");
        LOG.info("Filtering vulnerabilities using {}", this.configuration.getVulnerabilityIncludeFilter());
        LOG.info("Parsed vulnerability filter: {}", vulnerabilityIncludeFilterAttribute);
        VulnerabilityContextInventory fromInventory = VulnerabilityContextInventory.fromInventory(inventory);
        fromInventory.calculateEffectiveCvssVectorsForVulnerabilities(super.getSecurityPolicyConfiguration());
        int size = fromInventory.getVulnerabilities().size();
        for (Vulnerability vulnerability : fromInventory.getShallowCopyVulnerabilities()) {
            if (!vulnerabilityIncludeFilterAttribute.matches(vulnerability)) {
                fromInventory.remove(vulnerability);
            }
        }
        fromInventory.writeBack(true);
        LOG.info("Filtered vulnerabilities [{} - {} = {}]", new Object[]{Integer.valueOf(size), Integer.valueOf(size - inventory.getVulnerabilityMetaData().size()), Integer.valueOf(inventory.getVulnerabilityMetaData().size())});
    }
}
