github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-03-25 18:41:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

checkstyle corrections

Browse Source
This commit is contained in:
Jeremy Long
2017-11-20 06:55:36 -05:00
parent e4b7f7aa8f
commit 5ebc2dc244
3 changed files with 9 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/DependencyBundlingAnalyzer.java
View File

@@ -464,6 +464,7 @@ public class DependencyBundlingAnalyzer extends AbstractDependencyComparingAnaly
/** /**
* Determine if the dependency ecosystem is equal in the given dependencies. * Determine if the dependency ecosystem is equal in the given dependencies.
* *
* @param ecoSystem the ecosystem to validate against
* @param dependency a dependency to compare * @param dependency a dependency to compare
* @param nextDependency a dependency to compare * @param nextDependency a dependency to compare
* @return true if the ecosystem is equal in both dependencies; otherwise * @return true if the ecosystem is equal in both dependencies; otherwise

4
dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/NodePackageAnalyzer.java
View File

@@ -102,10 +102,10 @@ public class NodePackageAnalyzer extends AbstractFileTypeAnalyzer {
protected void prepareFileTypeAnalyzer(Engine engine) throws InitializationException { protected void prepareFileTypeAnalyzer(Engine engine) throws InitializationException {
if (engine.getMode() != Mode.EVIDENCE_COLLECTION) { if (engine.getMode() != Mode.EVIDENCE_COLLECTION) {
try { try {
Settings settings = engine.getSettings(); final Settings settings = engine.getSettings();
final String[] tmp = settings.getArray(Settings.KEYS.ECOSYSTEM_SKIP_NVDCVE); final String[] tmp = settings.getArray(Settings.KEYS.ECOSYSTEM_SKIP_NVDCVE);
if (tmp != null) { if (tmp != null) {
List<String> skipEcosystems = Arrays.asList(tmp); final List<String> skipEcosystems = Arrays.asList(tmp);
if (skipEcosystems.contains(DEPENDENCY_ECOSYSTEM) if (skipEcosystems.contains(DEPENDENCY_ECOSYSTEM)
&& !settings.getBoolean(Settings.KEYS.ANALYZER_NSP_PACKAGE_ENABLED)) { && !settings.getBoolean(Settings.KEYS.ANALYZER_NSP_PACKAGE_ENABLED)) {
LOGGER.debug("NodePackageAnalyzer enabled without a corresponding vulnerability analyzer"); LOGGER.debug("NodePackageAnalyzer enabled without a corresponding vulnerability analyzer");

7
dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/NvdCveAnalyzer.java
View File

@@ -20,7 +20,6 @@ package org.owasp.dependencycheck.analyzer;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Arrays; import java.util.Arrays;
import java.util.List; import java.util.List;
import java.util.Set;
import javax.annotation.concurrent.ThreadSafe; import javax.annotation.concurrent.ThreadSafe;
import org.owasp.dependencycheck.Engine; import org.owasp.dependencycheck.Engine;
import org.owasp.dependencycheck.analyzer.exception.AnalysisException; import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
@@ -46,7 +45,11 @@ public class NvdCveAnalyzer extends AbstractAnalyzer {
* The Logger for use throughout the class * The Logger for use throughout the class
*/ */
private static final org.slf4j.Logger LOGGER = LoggerFactory.getLogger(NvdCveAnalyzer.class); private static final org.slf4j.Logger LOGGER = LoggerFactory.getLogger(NvdCveAnalyzer.class);
/**
* The list of ecosystems to skip during analysis. These are skipped because
* there is generally a more accurate vulnerability analyzer in the
* pipeline.
*/
private List<String> skipEcosystems; private List<String> skipEcosystems;
/** /**