github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-04-24 17:28:54 +02:00
Code Issues Packages Projects Releases Wiki Activity

checkstyle updates

Browse Source
This commit is contained in:
Jeremy Long
2017-07-22 18:20:11 -04:00
parent db2a0abcb6
commit 176363492e
9 changed files with 61 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
dependency-check-core/src/main/java/org/owasp/dependencycheck/Engine.java
View File

@@ -62,8 +62,8 @@ public class Engine implements FileFilter, AutoCloseable {
*/
public enum Mode {
/**
* In evidence collection mode the {@link Engine} only collects evidence from the scan targets,
* and doesn't require a database.
* In evidence collection mode the {@link Engine} only collects evidence
* from the scan targets, and doesn't require a database.
*/
EVIDENCE_COLLECTION(
false,
@@ -73,9 +73,10 @@ public class Engine implements FileFilter, AutoCloseable {
POST_INFORMATION_COLLECTION
),
/**
* In evidence processing mode the {@link Engine} processes the evidence collected using the
* {@link #EVIDENCE_COLLECTION} mode. Dependencies should be injected into the {@link Engine}
* using {@link Engine#setDependencies(List)}.
* In evidence processing mode the {@link Engine} processes the evidence
* collected using the {@link #EVIDENCE_COLLECTION} mode. Dependencies
* should be injected into the {@link Engine} using
* {@link Engine#setDependencies(List)}.
*/
EVIDENCE_PROCESSING(
true,
@@ -88,13 +89,26 @@ public class Engine implements FileFilter, AutoCloseable {
FINAL
),
/**
* In standalone mode the {@link Engine} will collect and process evidence in a single execution.
* In standalone mode the {@link Engine} will collect and process
* evidence in a single execution.
*/
STANDALONE(true, AnalysisPhase.values());
/**
* Whether the database is required in this mode.
*/
public final boolean requiresDatabase;
/**
* The analysis phases included in the mode.
*/
public final AnalysisPhase[] phases;
/**
* Constructs a new mode.
*
* @param requiresDatabase if the database is required for the mode
* @param phases the analysis phases to include in the mode
*/
Mode(boolean requiresDatabase, AnalysisPhase... phases) {
this.requiresDatabase = requiresDatabase;
this.phases = phases;
@@ -116,7 +130,8 @@ public class Engine implements FileFilter, AutoCloseable {
private final Set<FileTypeAnalyzer> fileTypeAnalyzers = new HashSet<>();
/**
* The engine execution mode indicating it will either collect evidence or process evidence or both.
* The engine execution mode indicating it will either collect evidence or
* process evidence or both.
*/
private final Mode mode;
@@ -143,6 +158,8 @@ public class Engine implements FileFilter, AutoCloseable {
/**
* Creates a new Engine.
*
* @param mode the mode of operation
*/
public Engine(Mode mode) {
this(Thread.currentThread().getContextClassLoader(), mode);

14
dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/AnalyzerService.java
View File

@@ -32,6 +32,7 @@ import static java.util.Arrays.asList;
* @author Jeremy Long
*/
public class AnalyzerService {
/**
* The Logger for use throughout the class.
*/
@@ -45,7 +46,8 @@ public class AnalyzerService {
/**
* Creates a new instance of AnalyzerService.
*
* @param classLoader the ClassLoader to use when dynamically loading Analyzer and Update services
* @param classLoader the ClassLoader to use when dynamically loading
* Analyzer and Update services
*/
public AnalyzerService(ClassLoader classLoader) {
service = ServiceLoader.load(Analyzer.class, classLoader);
@@ -61,8 +63,10 @@ public class AnalyzerService {
}
/**
* Returns a list of all instances of the Analyzer interface that are bound to one of the given phases.
* Returns a list of all instances of the Analyzer interface that are bound
* to one of the given phases.
*
* @param phases the phases to obtain analyzers for
* @return a list of Analyzers.
*/
public List<Analyzer> getAnalyzers(AnalysisPhase... phases) {
@@ -70,9 +74,11 @@ public class AnalyzerService {
}
/**
* Returns a list of all instances of the Analyzer interface that are bound to one of the given phases.
* Returns a list of all instances of the Analyzer interface that are bound
* to one of the given phases.
*
* @return a list of Analyzers.
* @param phases the phases to obtain analyzers for
* @return a list of Analyzers
*/
private List<Analyzer> getAnalyzers(List<AnalysisPhase> phases) {
final List<Analyzer> analyzers = new ArrayList<>();

2
dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/AssemblyAnalyzer.java
View File

@@ -114,7 +114,7 @@ public class AssemblyAnalyzer extends AbstractFileTypeAnalyzer {
public void analyzeDependency(Dependency dependency, Engine engine)
throws AnalysisException {
File test = new File(dependency.getActualFilePath());
final File test = new File(dependency.getActualFilePath());
if (!test.isFile()) {
throw new AnalysisException(String.format("%s does not exist and cannot be analyzed by dependency-check",
dependency.getActualFilePath()));

3
dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/CveDB.java
View File

@@ -300,6 +300,9 @@ public final class CveDB implements AutoCloseable {
}
}
/**
* Releases the resources used by CveDB.
*/
private synchronized void releaseResources() {
instance.statementBundle = null;
instance.preparedStatements.clear();

2
dependency-check-core/src/main/java/org/owasp/dependencycheck/dependency/EvidenceCollection.java
View File

@@ -261,7 +261,7 @@ public class EvidenceCollection implements Serializable, Iterable<Evidence> {
for (Evidence e : EvidenceCollection.EVIDENCE_USED.filter(this)) {
//TODO consider changing the regex to only compare alpha-numeric (i.e. strip everything else)
String item = e.getValue();
final String item = e.getValue();
if (item != null) {
final String uc = urlCorrection(item.toLowerCase());
if (uc != null) {