various updates recommended by intelliJ

Former-commit-id: 5ec42c1470384e9acd203819daa7d688ed10e965

pom.xml

@@ -37,13 +37,22 @@ along with DependencyCheck.  If not, see <http://www.gnu.org/licenses />.
         <developer>
             <name>Jeremy Long</name>
             <email>jeremy.long@owasp.org</email>
-            <organization>owasp</organization>
+            <organization>OWASP</organization>
             <organizationUrl>https://www.owasp.org/index.php/OWASP_Dependency_Check</organizationUrl>
             <roles>
                 <role>architect</role>
                 <role>developer</role>
             </roles>
         </developer>
+        <developer>
+            <name>Steve Springett</name>
+            <email>Steve.Springett@owasp.org</email>
+            <organization>OWASP</organization>
+            <organizationUrl>https://www.owasp.org/index.php/OWASP_Dependency_Check</organizationUrl>
+            <roles>
+                <role>contributor</role>
+            </roles>
+        </developer>
     </developers>
     <scm>
         <connection>scm:git:git@github.com:jeremylong/DependencyCheck.git</connection>

src/main/java/org/owasp/dependencycheck/Engine.java

@@ -52,16 +52,16 @@ public class Engine {
     /**
      * The list of dependencies.
      */
-    private List<Dependency> dependencies = new ArrayList<Dependency>();
+    private final List<Dependency> dependencies = new ArrayList<Dependency>();
     /**
      * A Map of analyzers grouped by Analysis phase.
      */
-    private EnumMap<AnalysisPhase, List<Analyzer>> analyzers =
+    private final EnumMap<AnalysisPhase, List<Analyzer>> analyzers =
             new EnumMap<AnalysisPhase, List<Analyzer>>(AnalysisPhase.class);
     /**
      * A set of extensions supported by the analyzers.
      */
-    private Set<String> extensions = new HashSet<String>();
+    private final Set<String> extensions = new HashSet<String>();
 
     /**
      * Creates a new Engine.
@@ -161,11 +161,13 @@ public class Engine {
      */
     protected void scanDirectory(File dir) {
         final File[] files = dir.listFiles();
-        for (File f : files) {
-            if (f.isDirectory()) {
-                scanDirectory(f);
-            } else {
-                scanFile(f);
+        if (files != null) {
+            for (File f : files) {
+                if (f.isDirectory()) {
+                    scanDirectory(f);
+                } else {
+                    scanFile(f);
+                }
             }
         }
     }

src/main/java/org/owasp/dependencycheck/data/cwe/CweHandler.java

@@ -33,7 +33,7 @@ public class CweHandler extends DefaultHandler {
     /**
      * a HashMap containing the CWE data.
      */
-    private HashMap<String, String> cwe = new HashMap<String, String>();
+    private final HashMap<String, String> cwe = new HashMap<String, String>();
 
     /**
      * Returns the HashMap of CWE entries (CWE-ID, Full CWE Name).

src/main/java/org/owasp/dependencycheck/data/lucene/FieldAnalyzer.java

@@ -41,7 +41,7 @@ public class FieldAnalyzer extends Analyzer {
     /**
      * The Lucene Version used.
      */
-    private Version version;
+    private final Version version;
 
     /**
      * Creates a new FieldAnalyzer.

src/main/java/org/owasp/dependencycheck/data/lucene/SearchFieldAnalyzer.java

@@ -39,7 +39,7 @@ public class SearchFieldAnalyzer extends Analyzer {
     /**
      * The Lucene Version used.
      */
-    private Version version;
+    private final Version version;
     /**
      * A local reference to the TokenPairConcatenatingFilter so that we
      * can clear any left over state if this analyzer is re-used.

src/main/java/org/owasp/dependencycheck/data/lucene/SearchVersionAnalyzer.java

@@ -42,7 +42,7 @@ public class SearchVersionAnalyzer extends Analyzer {
     /**
      * The Lucene Version used.
      */
-    private Version version;
+    private final Version version;
 
     /**
      * Creates a new SearchVersionAnalyzer.

src/main/java/org/owasp/dependencycheck/data/lucene/TokenPairConcatenatingFilter.java

@@ -50,7 +50,7 @@ public final class TokenPairConcatenatingFilter extends TokenFilter {
     /**
      * A list of words parsed.
      */
-    private LinkedList<String> words;
+    private final LinkedList<String> words;
 
     /**
      * Constructs a new TokenPairConcatenatingFilter.

src/main/java/org/owasp/dependencycheck/data/lucene/VersionAnalyzer.java

@@ -42,7 +42,7 @@ public class VersionAnalyzer extends Analyzer {
     /**
      * The Lucene Version used.
      */
-    private Version version;
+    private final Version version;
 
     /**
      * Creates a new VersionAnalyzer.

src/main/java/org/owasp/dependencycheck/data/lucene/VersionTokenizingFilter.java

@@ -41,7 +41,7 @@ public final class VersionTokenizingFilter extends TokenFilter {
     /**
      * A collection of tokens to add to the stream.
      */
-    private LinkedList<String> tokens;
+    private final LinkedList<String> tokens;
 
     /**
      * Constructs a new VersionTokenizingFilter.

src/main/java/org/owasp/dependencycheck/data/nvdcve/xml/DatabaseUpdater.java

@@ -166,8 +166,8 @@ public class DatabaseUpdater implements CachedWebDataSource {
      * @param file the file containing the NVD CVE XML
      * @param oldVersion contains the file containing the NVD CVE XML 1.2
      * @throws ParserConfigurationException is thrown if there is a parser configuration exception
-     * @throws SAXException is thrown if there is a saxexception
-     * @throws IOException is thrown if there is a ioexception
+     * @throws SAXException is thrown if there is a SAXException
+     * @throws IOException is thrown if there is a IOException
      * @throws SQLException is thrown if there is a sql exception
      * @throws DatabaseException is thrown if there is a database exception
      */

src/main/java/org/owasp/dependencycheck/data/nvdcve/xml/NvdCve12Handler.java

@@ -69,7 +69,7 @@ public class NvdCve12Handler extends DefaultHandler {
     /**
      * The current element.
      */
-    private Element current = new Element();
+    private final Element current = new Element();
     /**
      * a map of vulnerabilities.
      */

src/main/java/org/owasp/dependencycheck/data/nvdcve/xml/NvdCve20Handler.java

@@ -49,7 +49,7 @@ public class NvdCve20Handler extends DefaultHandler {
     /**
      * the current element.
      */
-    private Element current = new Element();
+    private final Element current = new Element();
     /**
      * the text of the node.
      */

src/main/java/org/owasp/dependencycheck/dependency/Dependency.java

@@ -72,15 +72,15 @@ public class Dependency implements Comparable<Dependency> {
     /**
      * A collection of vendor evidence.
      */
-    private EvidenceCollection vendorEvidence;
+    private final EvidenceCollection vendorEvidence;
     /**
      * A collection of product evidence.
      */
-    private EvidenceCollection productEvidence;
+    private final EvidenceCollection productEvidence;
     /**
      * A collection of version evidence.
      */
-    private EvidenceCollection versionEvidence;
+    private final EvidenceCollection versionEvidence;
 
     /**
      * Constructs a new Dependency object.
@@ -379,8 +379,8 @@ public class Dependency implements Comparable<Dependency> {
         if (str == null) {
             return false;
         }
-
-        if (vendorEvidence.containsUsedString(str)) {
+        return versionEvidence.containsUsedString(str) || productEvidence.containsUsedString(str) || vendorEvidence.containsUsedString(str);
+        /*if (vendorEvidence.containsUsedString(str)) {
             return true;
         }
         if (productEvidence.containsUsedString(str)) {
@@ -390,6 +390,7 @@ public class Dependency implements Comparable<Dependency> {
             return true;
         }
         return false;
+        */
     }
     /**
      * A list of vulnerabilities for this dependency.

src/main/java/org/owasp/dependencycheck/dependency/EvidenceCollection.java

@@ -94,11 +94,11 @@ public class EvidenceCollection implements Iterable<Evidence> {
     /**
      * A collection of evidence.
      */
-    private Set<Evidence> list;
+    private final Set<Evidence> list;
     /**
      * A collection of strings used to adjust Lucene's term weighting.
      */
-    private Set<String> weightedStrings;
+    private final Set<String> weightedStrings;
 
     /**
      * Creates a new EvidenceCollection.

src/main/java/org/owasp/dependencycheck/reporting/ReportGenerator.java

@@ -69,11 +69,11 @@ public class ReportGenerator {
     /**
      * The Velocity Engine.
      */
-    private VelocityEngine engine;
+    private final VelocityEngine engine;
     /**
      * The Velocity Engine Context.
      */
-    private Context context;
+    private final Context context;
 
     /**
      * Constructs a new ReportGenerator.

src/main/java/org/owasp/dependencycheck/utils/CliParser.java

@@ -44,7 +44,7 @@ public final class CliParser {
     /**
      * The options for the command line parser.
      */
-    private Options options = createCommandLineOptions();
+    private final Options options = createCommandLineOptions();
     /**
      * Indicates whether the arguments are valid.
      */

src/main/java/org/owasp/dependencycheck/utils/DependencyVersion.java

@@ -33,7 +33,7 @@ import org.apache.commons.lang.StringUtils;
  * versionParts[2] = 3;
  * </code></p>
  * <p>Note, the parser contained in this class expects the version numbers to be
- * separated by periods. If a different seperator is used the parser will likely
+ * separated by periods. If a different separator is used the parser will likely
  * fail.</p>
  * @author Jeremy Long (jeremy.long@owasp.org)
  */

src/main/java/org/owasp/dependencycheck/utils/Filter.java

@@ -31,7 +31,7 @@ public abstract class Filter<T> {
 
     private class FilterIterator implements Iterator<T> {
 
-        private Iterator<T> iterator;
+        private final Iterator<T> iterator;
         private T next;
 
         private FilterIterator(Iterator<T> iterator) {

src/test/java/org/owasp/dependencycheck/data/cpe/IndexTest.java

@@ -28,6 +28,7 @@ import org.junit.AfterClass;
 import org.junit.Before;
 import org.junit.BeforeClass;
 import org.junit.Test;
+import static org.junit.Assert.*;
 
 
 /**
@@ -61,7 +62,8 @@ public class IndexTest {
         try {
             instance.open();
         } catch (IOException ex) {
-            Assert.fail(ex.getMessage());
+            assertNull(ex.getMessage(), ex);
+            //Assert.fail(ex.getMessage());
         }
         instance.close();
     }
@@ -76,6 +78,6 @@ public class IndexTest {
         Directory result = index.getDirectory();
 
         String exp = File.separatorChar + "target" + File.separatorChar + "data" + File.separatorChar + "cpe";
-        Assert.assertTrue(result.toString().contains(exp));
+        assertTrue(result.toString().contains(exp));
     }
 }

src/test/java/org/owasp/dependencycheck/utils/DependencyVersionUtilTest.java

@@ -72,9 +72,9 @@ public class DependencyVersionUtilTest {
 
         String[] failingNames = { "no-version-identified.jar", "somelib-04aug2000r7-dev.jar", "no.version15.jar",
             "lib_1.0_spec-1.1.jar", "lib-api_1.0_spec-1.0.1.jar" };
-        for (int i = 0; i < failingNames.length; i++) {
-            final DependencyVersion version = DependencyVersionUtil.parseVersionFromFileName(failingNames[i]);
-            assertNull("Found version in name that should have failed \"" + failingNames[i] + "\".", version);
+        for (String failingName : failingNames) {
+            final DependencyVersion version = DependencyVersionUtil.parseVersionFromFileName(failingName);
+            assertNull("Found version in name that should have failed \"" + failingName + "\".", version);
         }
     }
 }