package org.owasp.dependencycheck.analyzer;

import com.esotericsoftware.minlog.Log;
import com.h3xstream.retirejs.repo.VulnerabilitiesRepository;
import com.h3xstream.retirejs.repo.VulnerabilitiesRepositoryLoader;
import java.io.File;
import java.io.FileFilter;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.net.URL;
import java.nio.file.CopyOption;
import java.nio.file.Files;
import javax.annotation.concurrent.ThreadSafe;
import org.json.JSONException;
import org.owasp.dependencycheck.Engine;
import org.owasp.dependencycheck.data.update.RetireJSDataSource;
import org.owasp.dependencycheck.data.update.exception.UpdateException;
import org.owasp.dependencycheck.exception.InitializationException;
import org.owasp.dependencycheck.exception.WriteLockException;
import org.owasp.dependencycheck.utils.FileFilterBuilder;
import org.owasp.dependencycheck.utils.Settings;
import org.owasp.dependencycheck.utils.WriteLock;
import org.owasp.dependencycheck.utils.search.FileContentSearch;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@ThreadSafe
/* loaded from: input_file:org/owasp/dependencycheck/analyzer/RetireJsAnalyzer.class */
public class RetireJsAnalyzer extends AbstractFileTypeAnalyzer {
    public static final String DEPENDENCY_ECOSYSTEM = "js";
    private static final String ANALYZER_NAME = "RetireJS Analyzer";
    private VulnerabilitiesRepository jsRepository;
    private String[] filters = null;
    private boolean skipNonVulnerableInJAR = true;
    private static final Logger LOGGER = LoggerFactory.getLogger(RetireJsAnalyzer.class);
    private static final AnalysisPhase ANALYSIS_PHASE = AnalysisPhase.FINDING_ANALYSIS;
    private static final String[] EXTENSIONS = {"js"};
    private static final FileFilter FILTER = FileFilterBuilder.newInstance().addExtensions(EXTENSIONS).build();

    @Override // org.owasp.dependencycheck.analyzer.AbstractFileTypeAnalyzer
    protected FileFilter getFileFilter() {
        return FILTER;
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractFileTypeAnalyzer, java.io.FileFilter
    public boolean accept(File file) {
        try {
            boolean accept = super.accept(file);
            if (accept && !file.exists()) {
                super.setFilesMatched(true);
                return true;
            }
            if (accept && this.filters != null && FileContentSearch.contains(file, this.filters)) {
                return false;
            }
            return accept;
        } catch (IOException e) {
            LOGGER.warn(String.format("Error testing file %s", file), e);
            return false;
        }
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractAnalyzer, org.owasp.dependencycheck.analyzer.Analyzer
    public void initialize(Settings settings) {
        super.initialize(settings);
        if (isEnabled()) {
            this.filters = settings.getArray("analyzer.retirejs.filters");
        }
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractFileTypeAnalyzer
    protected void prepareFileTypeAnalyzer(Engine engine) throws InitializationException {
        Log.set(4);
        File file = null;
        boolean z = false;
        try {
            file = new File(getSettings().getDataDirectory(), new File(new URL(getSettings().getString("analyzer.retirejs.repo.js.url", RetireJSDataSource.DEFAULT_JS_URL)).getPath()).getName());
            if (!file.isFile() || file.length() <= 1) {
                LOGGER.warn("Retire JS repository is empty or missing - attempting to force the update");
                z = true;
                getSettings().setBoolean("analyzer.retirejs.forceupdate", true);
            }
            boolean z2 = getSettings().getBoolean("odc.autoupdate", true);
            boolean z3 = getSettings().getBoolean("analyzer.retirejs.forceupdate", false);
            if ((!z2 && z3) || (z2 && z)) {
                try {
                    new RetireJSDataSource().update(engine);
                } catch (UpdateException e) {
                    throw new InitializationException("Unable to initialize the Retire JS repository", e);
                }
            }
            try {
                WriteLock writeLock = new WriteLock(getSettings(), true, file.getName() + ".lock");
                try {
                    File file2 = new File(getSettings().getTempDirectory(), file.getName());
                    LOGGER.debug("copying retireJs repo {} to {}", file.toPath(), file2.toPath());
                    Files.copy(file.toPath(), file2.toPath(), new CopyOption[0]);
                    writeLock.close();
                    try {
                        FileInputStream fileInputStream = new FileInputStream(file2);
                        try {
                            this.jsRepository = new VulnerabilitiesRepositoryLoader().loadFromInputStream(fileInputStream);
                            fileInputStream.close();
                        } catch (Throwable th) {
                            try {
                                fileInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                            throw th;
                        }
                    } catch (IOException e2) {
                        setEnabled(false);
                        throw new InitializationException("Failed to initialize the RetireJS repo", e2);
                    } catch (JSONException e3) {
                        setEnabled(false);
                        throw new InitializationException("Failed to initialize the RetireJS repo: `" + file2 + "` appears to be malformed. Please delete the file or run the dependency-check purge command and re-try running dependency-check.", e3);
                    }
                } finally {
                }
            } catch (IOException | WriteLockException e4) {
                setEnabled(false);
                throw new InitializationException("Failed to copy the RetireJS repo", e4);
            }
        } catch (FileNotFoundException e5) {
            setEnabled(false);
            throw new InitializationException(String.format("RetireJS repo does not exist locally (%s)", file), e5);
        } catch (IOException e6) {
            setEnabled(false);
            throw new InitializationException("Failed to initialize the RetireJS", e6);
        }
    }

    @Override // org.owasp.dependencycheck.analyzer.Analyzer
    public String getName() {
        return ANALYZER_NAME;
    }

    @Override // org.owasp.dependencycheck.analyzer.Analyzer
    public AnalysisPhase getAnalysisPhase() {
        return ANALYSIS_PHASE;
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractAnalyzer
    protected String getAnalyzerEnabledSettingKey() {
        return "analyzer.retirejs.enabled";
    }

    /* JADX WARN: Can't fix incorrect switch cases order, some code will duplicate */
    /* JADX WARN: Code restructure failed: missing block: B:43:0x0323, code lost:
    
        switch(r25) {
            case 0: goto L63;
            case 1: goto L67;
            case 2: goto L71;
            case 3: goto L75;
            default: goto L79;
        };
     */
    /* JADX WARN: Code restructure failed: missing block: B:45:0x0346, code lost:
    
        if (null != r0.getName()) goto L66;
     */
    /* JADX WARN: Code restructure failed: missing block: B:46:0x0349, code lost:
    
        r0.setName((java.lang.String) r0.get(0));
     */
    /* JADX WARN: Code restructure failed: missing block: B:47:0x0359, code lost:
    
        r0.setDescription((java.lang.String) r0.get(0));
     */
    /* JADX WARN: Code restructure failed: missing block: B:50:0x036c, code lost:
    
        r0.setName(r0.getLibrary().getName() + " issue: " + ((java.lang.String) r0.get(0)));
     */
    /* JADX WARN: Code restructure failed: missing block: B:51:0x039a, code lost:
    
        if (org.apache.commons.validator.routines.UrlValidator.getInstance().isValid((java.lang.String) r0.get(0)) == false) goto L70;
     */
    /* JADX WARN: Code restructure failed: missing block: B:52:0x039d, code lost:
    
        r0.addReference(r0, r0, (java.lang.String) r0.get(0));
     */
    /* JADX WARN: Code restructure failed: missing block: B:54:0x03b4, code lost:
    
        r0.addReference(r0, (java.lang.String) r0.get(0), null);
     */
    /* JADX WARN: Code restructure failed: missing block: B:56:0x03ca, code lost:
    
        r0.setName(r0.getLibrary().getName() + " bug: " + ((java.lang.String) r0.get(0)));
     */
    /* JADX WARN: Code restructure failed: missing block: B:57:0x03f8, code lost:
    
        if (org.apache.commons.validator.routines.UrlValidator.getInstance().isValid((java.lang.String) r0.get(0)) == false) goto L74;
     */
    /* JADX WARN: Code restructure failed: missing block: B:58:0x03fb, code lost:
    
        r0.addReference(r0, r0, (java.lang.String) r0.get(0));
     */
    /* JADX WARN: Code restructure failed: missing block: B:60:0x0412, code lost:
    
        r0.addReference(r0, (java.lang.String) r0.get(0), null);
     */
    /* JADX WARN: Code restructure failed: missing block: B:62:0x0428, code lost:
    
        r0.setName(r0.getLibrary().getName() + " pr: " + ((java.lang.String) r0.get(0)));
     */
    /* JADX WARN: Code restructure failed: missing block: B:63:0x0456, code lost:
    
        if (org.apache.commons.validator.routines.UrlValidator.getInstance().isValid((java.lang.String) r0.get(0)) == false) goto L78;
     */
    /* JADX WARN: Code restructure failed: missing block: B:64:0x0459, code lost:
    
        r0.addReference(r0, r0, (java.lang.String) r0.get(0));
     */
    /* JADX WARN: Code restructure failed: missing block: B:66:0x0470, code lost:
    
        r0.addReference(r0, (java.lang.String) r0.get(0), null);
     */
    /* JADX WARN: Code restructure failed: missing block: B:69:0x0497, code lost:
    
        if (org.apache.commons.validator.routines.UrlValidator.getInstance().isValid((java.lang.String) r0.get(0)) == false) goto L82;
     */
    /* JADX WARN: Code restructure failed: missing block: B:70:0x049a, code lost:
    
        r0.addReference(r0, r0, (java.lang.String) r0.get(0));
     */
    /* JADX WARN: Code restructure failed: missing block: B:72:0x04b1, code lost:
    
        r0.addReference(r0, (java.lang.String) r0.get(0), null);
     */
    @Override // org.owasp.dependencycheck.analyzer.AbstractAnalyzer
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void analyzeDependency(org.owasp.dependencycheck.dependency.Dependency r8, org.owasp.dependencycheck.Engine r9) throws org.owasp.dependencycheck.analyzer.exception.AnalysisException {
        /*
            Method dump skipped, instructions count: 1379
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.owasp.dependencycheck.analyzer.RetireJsAnalyzer.analyzeDependency(org.owasp.dependencycheck.dependency.Dependency, org.owasp.dependencycheck.Engine):void");
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractAnalyzer
    protected void closeAnalyzer() throws Exception {
        Log.set(3);
    }
}
