From 6642c23761b6460d7ff922b7413c318494c8dc86 Mon Sep 17 00:00:00 2001
From: Will Stranathan <will@thestranathans.com>
Date: Tue, 22 Apr 2014 20:50:06 -0400
Subject: [PATCH] Updated PMD configuration to work with all the projects.

Former-commit-id: 80b9aac40019ef95d95ac5dcd3cb417290c37d7e
---
 .../dc-rules => dc-rules}/dcrules.xml         |  0
 dependency-check-ant/pom.xml                  |  9 ++++++
 .../taskdefs/DependencyCheckTask.java         | 25 ++++++++--------
 dependency-check-cli/pom.xml                  |  8 ++++-
 .../java/org/owasp/dependencycheck/App.java   | 29 +++++++++++--------
 dependency-check-core/pom.xml                 |  2 +-
 dependency-check-maven/pom.xml                |  8 ++++-
 7 files changed, 54 insertions(+), 27 deletions(-)
 rename {dependency-check-core/dc-rules => dc-rules}/dcrules.xml (100%)

diff --git a/dependency-check-core/dc-rules/dcrules.xml b/dc-rules/dcrules.xml
similarity index 100%
rename from dependency-check-core/dc-rules/dcrules.xml
rename to dc-rules/dcrules.xml
diff --git a/dependency-check-ant/pom.xml b/dependency-check-ant/pom.xml
index 6bcf22af6..7e4232947 100644
--- a/dependency-check-ant/pom.xml
+++ b/dependency-check-ant/pom.xml
@@ -412,6 +412,15 @@ Copyright (c) 2013 - Jeremy Long. All Rights Reserved.
                                 <targetJdk>1.6</targetJdk>
                                 <linkXref>true</linkXref>
                                 <sourceEncoding>utf-8</sourceEncoding>
+                                <excludes>
+                                    <exclude>**/generated/*.java</exclude>
+                                </excludes>
+                                <rulesets>
+                                    <ruleset>../dc-rules/dcrules.xml</ruleset>
+                                    <ruleset>/rulesets/java/basic.xml</ruleset>
+                                    <ruleset>/rulesets/java/imports.xml</ruleset>
+                                    <ruleset>/rulesets/java/unusedcode.xml</ruleset>
+                                </rulesets>
                             </configuration>
                         </plugin>
                         <plugin>
diff --git a/dependency-check-ant/src/main/java/org/owasp/dependencycheck/taskdefs/DependencyCheckTask.java b/dependency-check-ant/src/main/java/org/owasp/dependencycheck/taskdefs/DependencyCheckTask.java
index 0756fe5fe..e6a0579c8 100644
--- a/dependency-check-ant/src/main/java/org/owasp/dependencycheck/taskdefs/DependencyCheckTask.java
+++ b/dependency-check-ant/src/main/java/org/owasp/dependencycheck/taskdefs/DependencyCheckTask.java
@@ -62,6 +62,10 @@ public class DependencyCheckTask extends Task {
      * System specific new line character.
      */
     private static final String NEW_LINE = System.getProperty("line.separator", "\n").intern();
+    /**
+     * The logger.
+     */
+    private static final Logger LOGGER = Logger.getLogger(DependencyCheckTask.class.getName());
 
     /**
      * Construct a new DependencyCheckTask.
@@ -882,7 +886,7 @@ public class DependencyCheckTask extends Task {
                     cve.open();
                     prop = cve.getDatabaseProperties();
                 } catch (DatabaseException ex) {
-                    Logger.getLogger(DependencyCheckTask.class.getName()).log(Level.FINE, "Unable to retrieve DB Properties", ex);
+                    LOGGER.log(Level.FINE, "Unable to retrieve DB Properties", ex);
                 } finally {
                     if (cve != null) {
                         cve.close();
@@ -898,18 +902,15 @@ public class DependencyCheckTask extends Task {
                     showSummary(engine.getDependencies());
                 }
             } catch (IOException ex) {
-                Logger.getLogger(DependencyCheckTask.class.getName()).log(Level.FINE,
-                        "Unable to generate dependency-check report", ex);
+                LOGGER.log(Level.FINE, "Unable to generate dependency-check report", ex);
                 throw new BuildException("Unable to generate dependency-check report", ex);
             } catch (Exception ex) {
-                Logger.getLogger(DependencyCheckTask.class.getName()).log(Level.FINE,
-                        "An exception occurred; unable to continue task", ex);
+                LOGGER.log(Level.FINE, "An exception occurred; unable to continue task", ex);
                 throw new BuildException("An exception occurred; unable to continue task", ex);
             }
         } catch (DatabaseException ex) {
-            Logger.getLogger(DependencyCheckTask.class.getName()).log(Level.SEVERE,
-                    "Unable to connect to the dependency-check database; analysis has stopped");
-            Logger.getLogger(DependencyCheckTask.class.getName()).log(Level.FINE, "", ex);
+            LOGGER.log(Level.SEVERE, "Unable to connect to the dependency-check database; analysis has stopped");
+            LOGGER.log(Level.FINE, "", ex);
         } finally {
             Settings.cleanup();
             if (engine != null) {
@@ -943,14 +944,14 @@ public class DependencyCheckTask extends Task {
             taskProperties = this.getClass().getClassLoader().getResourceAsStream(PROPERTIES_FILE);
             Settings.mergeProperties(taskProperties);
         } catch (IOException ex) {
-            Logger.getLogger(DependencyCheckTask.class.getName()).log(Level.WARNING, "Unable to load the dependency-check ant task.properties file.");
-            Logger.getLogger(DependencyCheckTask.class.getName()).log(Level.FINE, null, ex);
+            LOGGER.log(Level.WARNING, "Unable to load the dependency-check ant task.properties file.");
+            LOGGER.log(Level.FINE, null, ex);
         } finally {
             if (taskProperties != null) {
                 try {
                     taskProperties.close();
                 } catch (IOException ex) {
-                    Logger.getLogger(DependencyCheckTask.class.getName()).log(Level.FINEST, null, ex);
+                    LOGGER.log(Level.FINEST, null, ex);
                 }
             }
         }
@@ -1100,7 +1101,7 @@ public class DependencyCheckTask extends Task {
             final String msg = String.format("%n%n"
                     + "One or more dependencies were identified with known vulnerabilities:%n%n%s"
                     + "%n%nSee the dependency-check report for more details.%n%n", summary.toString());
-            Logger.getLogger(DependencyCheckTask.class.getName()).log(Level.WARNING, msg);
+            LOGGER.log(Level.WARNING, msg);
         }
     }
 
diff --git a/dependency-check-cli/pom.xml b/dependency-check-cli/pom.xml
index 866cd8ba2..ef017c737 100644
--- a/dependency-check-cli/pom.xml
+++ b/dependency-check-cli/pom.xml
@@ -257,7 +257,7 @@ Copyright (c) 2012 - Jeremy Long. All Rights Reserved.
                         <plugin>
                             <groupId>org.apache.maven.plugins</groupId>
                             <artifactId>maven-pmd-plugin</artifactId>
-                            <version>3.0.1</version>
+                            <version>3.1</version>
                             <configuration>
                                 <targetJdk>1.6</targetJdk>
                                 <linkXref>true</linkXref>
@@ -265,6 +265,12 @@ Copyright (c) 2012 - Jeremy Long. All Rights Reserved.
                                 <excludes>
                                     <exclude>**/generated/*.java</exclude>
                                 </excludes>
+                                <rulesets>
+                                  <ruleset>../dc-rules/dcrules.xml</ruleset>
+                                  <ruleset>/rulesets/java/basic.xml</ruleset>
+                                  <ruleset>/rulesets/java/imports.xml</ruleset>
+                                  <ruleset>/rulesets/java/unusedcode.xml</ruleset>
+                                </rulesets>
                             </configuration>
                         </plugin>
                         <plugin>
diff --git a/dependency-check-cli/src/main/java/org/owasp/dependencycheck/App.java b/dependency-check-cli/src/main/java/org/owasp/dependencycheck/App.java
index 084303425..ecfaa478b 100644
--- a/dependency-check-cli/src/main/java/org/owasp/dependencycheck/App.java
+++ b/dependency-check-cli/src/main/java/org/owasp/dependencycheck/App.java
@@ -45,7 +45,12 @@ public class App {
      * The location of the log properties configuration file.
      */
     private static final String LOG_PROPERTIES_FILE = "log.properties";
-
+    
+    /**
+     * The logger.
+     */
+    private static final Logger LOGGER = Logger.getLogger(App.class.getName());
+    
     /**
      * The main method for the application.
      *
@@ -115,7 +120,7 @@ public class App {
                 cve.open();
                 prop = cve.getDatabaseProperties();
             } catch (DatabaseException ex) {
-                Logger.getLogger(App.class.getName()).log(Level.FINE, "Unable to retrieve DB Properties", ex);
+                LOGGER.log(Level.FINE, "Unable to retrieve DB Properties", ex);
             } finally {
                 if (cve != null) {
                     cve.close();
@@ -125,15 +130,15 @@ public class App {
             try {
                 report.generateReports(reportDirectory, outputFormat);
             } catch (IOException ex) {
-                Logger.getLogger(App.class.getName()).log(Level.SEVERE, "There was an IO error while attempting to generate the report.");
-                Logger.getLogger(App.class.getName()).log(Level.FINE, null, ex);
+                LOGGER.log(Level.SEVERE, "There was an IO error while attempting to generate the report.");
+                LOGGER.log(Level.FINE, null, ex);
             } catch (Throwable ex) {
-                Logger.getLogger(App.class.getName()).log(Level.SEVERE, "There was an error while attempting to generate the report.");
-                Logger.getLogger(App.class.getName()).log(Level.FINE, null, ex);
+                LOGGER.log(Level.SEVERE, "There was an error while attempting to generate the report.");
+                LOGGER.log(Level.FINE, null, ex);
             }
         } catch (DatabaseException ex) {
-            Logger.getLogger(App.class.getName()).log(Level.SEVERE, "Unable to connect to the dependency-check database; analysis has stopped");
-            Logger.getLogger(App.class.getName()).log(Level.FINE, "", ex);
+            LOGGER.log(Level.SEVERE, "Unable to connect to the dependency-check database; analysis has stopped");
+            LOGGER.log(Level.FINE, "", ex);
         } finally {
             Settings.cleanup();
             if (scanner != null) {
@@ -180,12 +185,12 @@ public class App {
                 Settings.mergeProperties(propertiesFile);
             } catch (FileNotFoundException ex) {
                 final String msg = String.format("Unable to load properties file '%s'", propertiesFile.getPath());
-                Logger.getLogger(App.class.getName()).log(Level.SEVERE, msg);
-                Logger.getLogger(App.class.getName()).log(Level.FINE, null, ex);
+                LOGGER.log(Level.SEVERE, msg);
+                LOGGER.log(Level.FINE, null, ex);
             } catch (IOException ex) {
                 final String msg = String.format("Unable to find properties file '%s'", propertiesFile.getPath());
-                Logger.getLogger(App.class.getName()).log(Level.SEVERE, msg);
-                Logger.getLogger(App.class.getName()).log(Level.FINE, null, ex);
+                LOGGER.log(Level.SEVERE, msg);
+                LOGGER.log(Level.FINE, null, ex);
             }
         }
         // We have to wait until we've merged the properties before attempting to set whether we use
diff --git a/dependency-check-core/pom.xml b/dependency-check-core/pom.xml
index 20185e7b1..ec1e1fd43 100644
--- a/dependency-check-core/pom.xml
+++ b/dependency-check-core/pom.xml
@@ -366,7 +366,7 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
                                     <exclude>**/generated/*.java</exclude>
                                 </excludes>
                                 <rulesets>
-                                  <ruleset>dc-rules/dcrules.xml</ruleset>
+                                  <ruleset>../dc-rules/dcrules.xml</ruleset>
                                   <ruleset>/rulesets/java/basic.xml</ruleset>
                                   <ruleset>/rulesets/java/imports.xml</ruleset>
                                   <ruleset>/rulesets/java/unusedcode.xml</ruleset>
diff --git a/dependency-check-maven/pom.xml b/dependency-check-maven/pom.xml
index 0877ab3a4..c6de44701 100644
--- a/dependency-check-maven/pom.xml
+++ b/dependency-check-maven/pom.xml
@@ -233,7 +233,7 @@ Copyright (c) 2013 Jeremy Long. All Rights Reserved.
                         <plugin>
                             <groupId>org.apache.maven.plugins</groupId>
                             <artifactId>maven-pmd-plugin</artifactId>
-                            <version>3.0.1</version>
+                            <version>3.1</version>
                             <configuration>
                                 <targetJdk>1.6</targetJdk>
                                 <linkXref>true</linkXref>
@@ -241,6 +241,12 @@ Copyright (c) 2013 Jeremy Long. All Rights Reserved.
                                 <excludes>
                                     <exclude>**/generated/*.java</exclude>
                                 </excludes>
+                                <rulesets>
+                                  <ruleset>../dc-rules/dcrules.xml</ruleset>
+                                  <ruleset>/rulesets/java/basic.xml</ruleset>
+                                  <ruleset>/rulesets/java/imports.xml</ruleset>
+                                  <ruleset>/rulesets/java/unusedcode.xml</ruleset>
+                                </rulesets>
                             </configuration>
                         </plugin>
                         <plugin>