mirror of
https://github.com/ysoftdevs/DependencyCheck.git
synced 2026-01-14 15:53:36 +01:00
checkstyle corrections
Former-commit-id: b7acf0b29d86a17f03f996d8d4b7a47e3a9f5eb9
This commit is contained in:
Jeremy Long
@@ -500,10 +500,12 @@ public class CPEAnalyzer implements Analyzer {
|
||||
* @param dependency the Dependency being analyzed
|
||||
* @param vendor the vendor for the CPE being analyzed
|
||||
* @param product the product for the CPE being analyzed
|
||||
* @param currentConfidence the current confidence being used during analysis
|
||||
* @return <code>true</code> if an identifier was added to the dependency; otherwise <code>false</code>
|
||||
* @throws UnsupportedEncodingException is thrown if UTF-8 is not supported
|
||||
*/
|
||||
private boolean determineIdentifiers(Dependency dependency, String vendor, String product, Confidence currentConfidence) throws UnsupportedEncodingException {
|
||||
private boolean determineIdentifiers(Dependency dependency, String vendor, String product,
|
||||
Confidence currentConfidence) throws UnsupportedEncodingException {
|
||||
final Set<VulnerableSoftware> cpes = cve.getCPEs(vendor, product);
|
||||
DependencyVersion bestGuess = new DependencyVersion("-");
|
||||
Confidence bestGuessConf = null;
|
||||
|
||||
@@ -395,13 +395,13 @@ public class DependencyBundlingAnalyzer extends AbstractAnalyzer implements Anal
|
||||
* Determines which path is shortest; if path lengths are equal then we use compareTo of the string method to
|
||||
* determine if the first path is smaller.
|
||||
*
|
||||
* @param leftPath the first path to compare
|
||||
* @param rightPath the second path to compare
|
||||
* @param left the first path to compare
|
||||
* @param right the second path to compare
|
||||
* @return <code>true</code> if the leftPath is the shortest; otherwise <code>false</code>
|
||||
*/
|
||||
protected boolean firstPathIsShortest(String leftPath, String rightPath) {
|
||||
leftPath = leftPath.replace('\\', '/');
|
||||
rightPath = rightPath.replace('\\', '/');
|
||||
protected boolean firstPathIsShortest(String left, String right) {
|
||||
final String leftPath = right.replace('\\', '/');
|
||||
final String rightPath = right.replace('\\', '/');
|
||||
|
||||
int leftCount = countChar(leftPath, '/');
|
||||
int rightCount = countChar(rightPath, '/');
|
||||
@@ -421,7 +421,7 @@ public class DependencyBundlingAnalyzer extends AbstractAnalyzer implements Anal
|
||||
*/
|
||||
private int countChar(String string, char c) {
|
||||
int count = 0;
|
||||
int max = string.length();
|
||||
final int max = string.length();
|
||||
for (int i = 0; i < max; i++) {
|
||||
if (c == string.charAt(i)) {
|
||||
count++;
|
||||
|
||||
@@ -93,12 +93,17 @@ public class FalsePositiveAnalyzer extends AbstractAnalyzer {
|
||||
addFalseNegativeCPEs(dependency);
|
||||
}
|
||||
|
||||
/**
|
||||
* Removes inaccurate matches on springframework CPEs.
|
||||
*
|
||||
* @param dependency the dependency to test for and remove known inaccurate CPE matches
|
||||
*/
|
||||
private void removeBadSpringMatches(Dependency dependency) {
|
||||
String mustContain = null;
|
||||
for (Identifier i : dependency.getIdentifiers()) {
|
||||
if ("maven".contains(i.getType())) {
|
||||
if (i.getValue() != null && i.getValue().startsWith("org.springframework.")) {
|
||||
int endPoint = i.getValue().indexOf(":", 19);
|
||||
final int endPoint = i.getValue().indexOf(":", 19);
|
||||
if (endPoint >= 0) {
|
||||
mustContain = i.getValue().substring(19, endPoint).toLowerCase();
|
||||
break;
|
||||
@@ -107,9 +112,9 @@ public class FalsePositiveAnalyzer extends AbstractAnalyzer {
|
||||
}
|
||||
}
|
||||
if (mustContain != null) {
|
||||
Iterator<Identifier> itr = dependency.getIdentifiers().iterator();
|
||||
final Iterator<Identifier> itr = dependency.getIdentifiers().iterator();
|
||||
while (itr.hasNext()) {
|
||||
Identifier i = itr.next();
|
||||
final Identifier i = itr.next();
|
||||
if ("cpe".contains(i.getType())
|
||||
&& i.getValue() != null
|
||||
&& i.getValue().startsWith("cpe:/a:springsource:")
|
||||
@@ -117,7 +122,6 @@ public class FalsePositiveAnalyzer extends AbstractAnalyzer {
|
||||
itr.remove();
|
||||
//dependency.getIdentifiers().remove(i);
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -58,7 +58,7 @@ public final class CweDB {
|
||||
final InputStream input = CweDB.class.getClassLoader().getResourceAsStream(filePath);
|
||||
oin = new ObjectInputStream(input);
|
||||
@SuppressWarnings("unchecked")
|
||||
HashMap<String, String> ret = (HashMap<String, String>) oin.readObject();
|
||||
final HashMap<String, String> ret = (HashMap<String, String>) oin.readObject();
|
||||
return ret;
|
||||
} catch (ClassNotFoundException ex) {
|
||||
LOGGER.log(Level.WARNING, "Unable to load CWE data. This should not be an issue.");
|
||||
|
||||
@@ -269,7 +269,7 @@ public class SuppressionRule {
|
||||
private boolean base;
|
||||
|
||||
/**
|
||||
* Get the value of base
|
||||
* Get the value of base.
|
||||
*
|
||||
* @return the value of base
|
||||
*/
|
||||
@@ -278,7 +278,7 @@ public class SuppressionRule {
|
||||
}
|
||||
|
||||
/**
|
||||
* Set the value of base
|
||||
* Set the value of base.
|
||||
*
|
||||
* @param base new value of base
|
||||
*/
|
||||
|
||||
@@ -198,8 +198,8 @@ public class DependencyVersion implements Iterable, Comparable<DependencyVersion
|
||||
|
||||
boolean ret = true;
|
||||
for (int i = 0; i < max; i++) {
|
||||
String thisVersion = this.versionParts.get(i);
|
||||
String otherVersion = version.getVersionParts().get(i);
|
||||
final String thisVersion = this.versionParts.get(i);
|
||||
final String otherVersion = version.getVersionParts().get(i);
|
||||
if (i >= 3) {
|
||||
if (thisVersion.compareToIgnoreCase(otherVersion) >= 0) {
|
||||
ret = false;
|
||||
|
||||
Reference in New Issue
Block a user