general cleanup/enhancement

Former-commit-id: 6320ac1c59644bcb83ecf171f0d00e7f96b8c7ff

pom.xml

@@ -317,24 +317,10 @@ along with DependencyCheck.  If not, see <http://www.gnu.org/licenses/>.
             <artifactId>commons-cli</artifactId>
             <version>1.2</version>
         </dependency>
-        <dependency>
-            <groupId>commons-cli</groupId>
-            <artifactId>commons-cli</artifactId>
-            <version>1.2</version>
-            <classifier>javadoc</classifier>
-            <scope>provided</scope>
-        </dependency>
-        <dependency>
-            <groupId>commons-cli</groupId>
-            <artifactId>commons-cli</artifactId>
-            <version>1.2</version>
-            <classifier>sources</classifier>
-            <scope>provided</scope>
-        </dependency>
         <dependency>
             <groupId>junit</groupId>
             <artifactId>junit</artifactId>
-            <version>4.8.2</version>
+            <version>4.10</version>
             <scope>test</scope>
             <type>jar</type>
         </dependency>
@@ -397,11 +383,5 @@ along with DependencyCheck.  If not, see <http://www.gnu.org/licenses/>.
                 </exclusion>
             </exclusions>
         </dependency>
-        <!--<dependency>
-        
-        <groupId>log4j</groupId>
-            <artifactId>log4j</artifactId>
-            <version>1.2.17</version>
-        </dependency>-->
     </dependencies>
 </project>

src/main/java/org/codesecure/dependencycheck/Engine.java

@@ -38,8 +38,8 @@ import org.codesecure.dependencycheck.utils.FileUtils;
 
 /**
  * Scans files, directories, etc. for Dependencies. Analyzers are loaded and
- * used to process the files found by the scan, if a file is encountered and
- * an Analyzer is associated with the file type then the file is turned into a
+ * used to process the files found by the scan, if a file is encountered and an
+ * Analyzer is associated with the file type then the file is turned into a
  * dependency.
  *
  * @author Jeremy Long (jeremy.long@gmail.com)
@@ -68,7 +68,8 @@ public class Engine {
     }
 
     /**
-     * Loads the analyzers specified in the configuration file (or system properties).
+     * Loads the analyzers specified in the configuration file (or system
+     * properties).
      */
     private void loadAnalyzers() {
 
@@ -108,8 +109,8 @@ public class Engine {
 
     /**
      * Scans a given file or directory. If a directory is specified, it will be
-     * scanned recursively.
-     * Any dependencies identified are added to the dependency collection.
+     * scanned recursively. Any dependencies identified are added to the
+     * dependency collection.
      *
      * @param path the path to a file or directory to be analyzed.
      */
@@ -125,8 +126,8 @@ public class Engine {
     }
 
     /**
-     * Recursively scans files and directories.
-     * Any dependencies identified are added to the dependency collection.
+     * Recursively scans files and directories. Any dependencies identified are
+     * added to the dependency collection.
      *
      * @param dir the directory to scan.
      */

src/main/java/org/codesecure/dependencycheck/data/cpe/CPEAnalyzer.java

@@ -215,7 +215,7 @@ public class CPEAnalyzer implements org.codesecure.dependencycheck.analyzer.Anal
     }
 
     /**
-     * Returns the text created by concatonating the text and the values from the
+     * Returns the text created by concatenating the text and the values from the
      * EvidenceCollection (filtered for a specific confidence). This attempts to
      * prevent duplicate terms from being added.<br/<br/>
      * Note, if the evidence is longer then 200 characters it will be truncated.
@@ -241,11 +241,11 @@ public class CPEAnalyzer implements org.codesecure.dependencycheck.analyzer.Anal
                 value = value.substring(8).replaceAll("\\.", " ");
             }
             if (sb.indexOf(value) < 0) {
-                if (value.length() > 200) {
-                    sb.append(value.substring(0, 200)).append(' ');
-                } else {
+//                if (value.length() > 200) {
+//                    sb.append(value.substring(0, 200)).append(' ');
+//                } else {
                     sb.append(value).append(' ');
-                }
+//                }
             }
         }
         return sb.toString();
@@ -361,14 +361,14 @@ public class CPEAnalyzer implements org.codesecure.dependencycheck.analyzer.Anal
         if (sb.indexOf("^") > 0) {
             //if we have a weighting on something else, reduce the weighting on the version a lot
             for (String v : version.split(" ")) {
-                LuceneUtils.appendEscapedLuceneQuery(sb, v);
+                LuceneUtils.appendEscapedLuceneQuery(sb, cleanseText(v));
                 sb.append("^0.2 ");
             }
         } else {
             //LuceneUtils.appendEscapedLuceneQuery(sb, version);
             //if we have a weighting on something else, reduce the weighting on the version a lot
             for (String v : version.split(" ")) {
-                LuceneUtils.appendEscapedLuceneQuery(sb, v);
+                LuceneUtils.appendEscapedLuceneQuery(sb, cleanseText(v));
                 sb.append("^0.7 ");
             }
         }
@@ -442,7 +442,7 @@ public class CPEAnalyzer implements org.codesecure.dependencycheck.analyzer.Anal
      *
      * @param l string one to compare.
      * @param r string two to compare.
-     * @return whether or not the two strings are similiar.
+     * @return whether or not the two strings are similar.
      */
     private boolean equalsIgnoreCaseAndNonAlpha(String l, String r) {
         if (l == null || r == null) {

src/main/resources/templates/HtmlReport.vsl

@@ -307,14 +307,27 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
 
                         #if ( $dependency.analysisExceptions.size() != 0 )
                             #set($cnt=$cnt+1)
-                            <h4 id="header$cnt" class="subsectionheader red">Analysis Exceptions</h4>
-                            <div id="content$cnt" class="subsectioncontent standardsubsection">
+                            <h4 id="header$cnt" class="subsectionheader expandablesubsection red">Exceptions Occured During Analysis</h4>
+                            <div id="content$cnt" class="subsectioncontent standardsubsection hidden">
                                 <ul>
                                 #foreach($ex in $dependency.analysisExceptions)
-                                    <li>$esc.html($ex.message)<br/><br/><pre class="indent">$esc.html($ex.stackTrace)</pre>
+                                    <li>$esc.html($ex.message)
+                                    #if ( $ex.stackTrace )
+                                        <div class="indent">
+                                            #foreach ($st in $ex.stackTrace)
+                                                $esc.html($st)<br/>
+                                            #end
+                                        </div>
+                                    #end
                                     #if ( $ex.cause )
                                         <br/><b>Caused by:</b> $esc.html($ex.cause.message)
-                                        <br/><br/><pre class="indent">$esc.html($ex.cause.stackTrace)</pre>
+                                        #if ( $ex.cause.stackTrace )
+                                            <div class="indent">
+                                                #foreach ($st in $ex.cause.stackTrace)
+                                                    $esc.html($st)<br/>
+                                                #end
+                                            </div>
+                                        #end
                                     #end
                                     </li>
                                 #end