mirror of
https://github.com/ysoftdevs/DependencyCheck.git
synced 2026-04-22 08:18:45 +02:00
use try with resources
This commit is contained in:
@@ -247,28 +247,12 @@ public class JarAnalyzer extends AbstractFileTypeAnalyzer {
|
||||
* @return whether or not evidence was added to the dependency
|
||||
*/
|
||||
protected boolean analyzePOM(Dependency dependency, List<ClassNameInformation> classes, Engine engine) throws AnalysisException {
|
||||
JarFile jar = null;
|
||||
List<String> pomEntries;
|
||||
try {
|
||||
jar = new JarFile(dependency.getActualFilePath());
|
||||
pomEntries = retrievePomListing(jar);
|
||||
} catch (IOException ex) {
|
||||
LOGGER.warn("Unable to read JarFile '{}'.", dependency.getActualFilePath());
|
||||
LOGGER.trace("", ex);
|
||||
if (jar != null) {
|
||||
try {
|
||||
jar.close();
|
||||
} catch (IOException ex1) {
|
||||
LOGGER.trace("", ex1);
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
try (JarFile jar = new JarFile(dependency.getActualFilePath())) {
|
||||
List<String> pomEntries = retrievePomListing(jar);
|
||||
if (pomEntries != null && pomEntries.size() <= 1) {
|
||||
try {
|
||||
String path = null;
|
||||
String path;
|
||||
File pomFile;
|
||||
Properties pomProperties = null;
|
||||
File pomFile = null;
|
||||
if (pomEntries.size() == 1) {
|
||||
path = pomEntries.get(0);
|
||||
pomFile = extractPom(path, jar);
|
||||
@@ -282,20 +266,10 @@ public class JarAnalyzer extends AbstractFileTypeAnalyzer {
|
||||
if (pom != null && pomProperties != null) {
|
||||
pom.processProperties(pomProperties);
|
||||
}
|
||||
if (pom != null) {
|
||||
return setPomEvidence(dependency, pom, classes);
|
||||
}
|
||||
return false;
|
||||
return pom != null && setPomEvidence(dependency, pom, classes);
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
} finally {
|
||||
try {
|
||||
jar.close();
|
||||
} catch (IOException ex) {
|
||||
LOGGER.trace("", ex);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
//reported possible null dereference on pomEntries is on a non-feasible path
|
||||
@@ -328,9 +302,8 @@ public class JarAnalyzer extends AbstractFileTypeAnalyzer {
|
||||
LOGGER.trace("", ex);
|
||||
}
|
||||
}
|
||||
try {
|
||||
jar.close();
|
||||
} catch (IOException ex) {
|
||||
LOGGER.warn("Unable to read JarFile '{}'.", dependency.getActualFilePath());
|
||||
LOGGER.trace("", ex);
|
||||
}
|
||||
return false;
|
||||
@@ -437,11 +410,11 @@ public class JarAnalyzer extends AbstractFileTypeAnalyzer {
|
||||
* otherwise false
|
||||
*/
|
||||
public static boolean setPomEvidence(Dependency dependency, Model pom, List<ClassNameInformation> classes) {
|
||||
if (pom == null) {
|
||||
return false;
|
||||
}
|
||||
boolean foundSomething = false;
|
||||
boolean addAsIdentifier = true;
|
||||
if (pom == null) {
|
||||
return foundSomething;
|
||||
}
|
||||
String groupid = pom.getGroupId();
|
||||
String parentGroupId = pom.getParentGroupId();
|
||||
String artifactid = pom.getArtifactId();
|
||||
|
||||
Reference in New Issue
Block a user