From 9e14cc8d1f44ee2bb734239f5e27130dc36d6871 Mon Sep 17 00:00:00 2001
From: Jeremy Long <jeremy.long@gmail.com>
Date: Thu, 25 Jul 2024 06:39:24 -0400
Subject: [PATCH] fix: skip blank lines in requirements.txt (#6867)

---
 .../org/owasp/dependencycheck/analyzer/PipAnalyzer.java  | 9 ++++++---
 src/test/resources/requirements.txt                      | 5 +++++
 2 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/core/src/main/java/org/owasp/dependencycheck/analyzer/PipAnalyzer.java b/core/src/main/java/org/owasp/dependencycheck/analyzer/PipAnalyzer.java
index 79d7afcd66b..e4ceb68bf25 100644
--- a/core/src/main/java/org/owasp/dependencycheck/analyzer/PipAnalyzer.java
+++ b/core/src/main/java/org/owasp/dependencycheck/analyzer/PipAnalyzer.java
@@ -38,10 +38,11 @@
 import java.io.File;
 import java.io.FileFilter;
 import java.io.IOException;
-import java.nio.charset.StandardCharsets;
+import java.nio.charset.Charset;
 import java.nio.file.Files;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
+import java.util.stream.Collectors;
 
 /**
  * Used to analyze pip dependency files named requirements.txt.
@@ -174,7 +175,7 @@ protected void analyzeDependency(Dependency dependency, Engine engine) throws An
     }
 
     /**
-     * Retrieves the contents of a given file.
+     * Retrieves the contents of a given file without blank lines.
      *
      * @param actualFile the file to read
      * @return the contents of the file
@@ -182,7 +183,9 @@ protected void analyzeDependency(Dependency dependency, Engine engine) throws An
      */
     private String getFileContents(final File actualFile) throws AnalysisException {
         try {
-            return new String(Files.readAllBytes(actualFile.toPath()), StandardCharsets.UTF_8).trim();
+             return Files.lines(actualFile.toPath(), Charset.defaultCharset())
+                     .filter(line -> !line.trim().isEmpty())
+                     .collect(Collectors.joining("\n"));
         } catch (IOException e) {
             throw new AnalysisException("Problem occurred while reading dependency file.", e);
         }
diff --git a/src/test/resources/requirements.txt b/src/test/resources/requirements.txt
index 8e5544b98b4..b0e7c1ef095 100644
--- a/src/test/resources/requirements.txt
+++ b/src/test/resources/requirements.txt
@@ -1,3 +1,7 @@
+#
+# This file has comments and blank lines to make sure they are ignored
+# 
+
 certifi==2018.4.16
 chardet==3.0.4
 click==6.7
@@ -14,6 +18,7 @@ pymongo==3.6.1
 PySimpleSOAP==1.16.2
 pytz==2018.4
 PyYAML==3.12
+
 requests==2.19.1
 sec-wall==1.2
 six==1.11.0