checkstyle corrections, minor restructuring, etc.

dependency-check-core/src/main/java/org/owasp/dependencycheck/reporting/EscapeTool.java

@@ -24,8 +24,9 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 /**
- * An extremely simple wrapper around various escape utils to perform URL and HTML encoding within the reports. This class was
- * created to simplify the velocity configuration and avoid using the "built-in" escape tool.
+ * An extremely simple wrapper around various escape utils to perform URL and
+ * HTML encoding within the reports. This class was created to simplify the
+ * velocity configuration and avoid using the "built-in" escape tool.
  *
  * @author Jeremy Long
  */
@@ -82,7 +83,8 @@ public class EscapeTool {
     }
 
     /**
-     * JSON Encodes the provded text
+     * JSON Encodes the provided text.
+     *
      * @param text the text to encode
      * @return the JSON encoded text
      */

dependency-check-core/src/main/java/org/owasp/dependencycheck/reporting/ReportGenerator.java

@@ -132,18 +132,19 @@ public class ReportGenerator {
      * Constructs a new ReportGenerator.
      *
      * @param applicationName the application name being analyzed
-     * @param applicationVersion the application version being analyzed
-     * @param artifactID the application version being analyzed
-     * @param applicationVersion the application version being analyzed
+     * @param groupID the group id of the project being analyzed
+     * @param artifactID the application id of the project being analyzed
+     * @param version the application version of the project being analyzed
      * @param dependencies the list of dependencies
      * @param analyzers the list of analyzers used
      * @param properties the database properties (containing timestamps of the
      * NVD CVE data)
      */
-    public ReportGenerator(String applicationName, String applicationVersion, String artifactID, String groupID, List<Dependency> dependencies, List<Analyzer> analyzers, DatabaseProperties properties) {
+    public ReportGenerator(String applicationName, String groupID, String artifactID, String version,
+            List<Dependency> dependencies, List<Analyzer> analyzers, DatabaseProperties properties) {
 
         this(applicationName, dependencies, analyzers, properties);
-        context.put("applicationVersion", applicationVersion);
+        context.put("applicationVersion", version);
         context.put("artifactID", artifactID);
         context.put("groupID", groupID);
     }
@@ -216,6 +217,12 @@ public class ReportGenerator {
         }
     }
 
+    /**
+     * Reformats the given JSON file.
+     *
+     * @param pathToJson the path to the JSON file to be reformatted
+     * @throws JsonSyntaxException thrown if the given JSON file is malformed
+     */
     private void pretifyJson(String pathToJson) throws JsonSyntaxException {
         final String outputPath = pathToJson + ".pretty";
         final File in = new File(pathToJson);
@@ -248,7 +255,7 @@ public class ReportGenerator {
     private static void prettyPrint(JsonReader reader, JsonWriter writer) throws IOException {
         writer.setIndent("  ");
         while (true) {
-            JsonToken token = reader.peek();
+            final JsonToken token = reader.peek();
             switch (token) {
                 case BEGIN_ARRAY:
                     reader.beginArray();
@@ -267,19 +274,19 @@ public class ReportGenerator {
                     writer.endObject();
                     break;
                 case NAME:
-                    String name = reader.nextName();
+                    final String name = reader.nextName();
                     writer.name(name);
                     break;
                 case STRING:
-                    String s = reader.nextString();
+                    final String s = reader.nextString();
                     writer.value(s);
                     break;
                 case NUMBER:
-                    String n = reader.nextString();
+                    final String n = reader.nextString();
                     writer.value(new BigDecimal(n));
                     break;
                 case BOOLEAN:
-                    boolean b = reader.nextBoolean();
+                    final boolean b = reader.nextBoolean();
                     writer.value(b);
                     break;
                 case NULL:
@@ -288,6 +295,9 @@ public class ReportGenerator {
                     break;
                 case END_DOCUMENT:
                     return;
+                default:
+                    LOGGER.debug("Unexpected JSON toekn {}", token.toString());
+                    break;
             }
         }
     }

dependency-check-core/src/test/java/org/owasp/dependencycheck/reporting/ReportGeneratorIT.java

@@ -109,8 +109,8 @@ public class ReportGeneratorIT extends BaseDBTestCase {
     }
 
     /**
-     * Generates an XML report containing known vulnerabilities and realistic data and validates the generated XML document
-     * against the XSD.
+     * Generates an XML report containing known vulnerabilities and realistic
+     * data and validates the generated XML document against the XSD.
      *
      * @throws Exception
      */
@@ -118,42 +118,43 @@ public class ReportGeneratorIT extends BaseDBTestCase {
     public void testGenerateXMLReport() {
         try {
             String templateName = "XmlReport";
-            
+
             File f = new File("target/test-reports");
             if (!f.exists()) {
                 f.mkdir();
             }
             String writeTo = "target/test-reports/Report.xml";
             File suppressionFile = BaseTest.getResourceAsFile(this, "incorrectSuppressions.xml");
-            
+
             Settings.setString(Settings.KEYS.SUPPRESSION_FILE, suppressionFile.getAbsolutePath());
-            
+
             //File struts = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
             File struts = BaseTest.getResourceAsFile(this, "struts2-core-2.1.2.jar");
             //File axis = new File(this.getClass().getClassLoader().getResource("axis2-adb-1.4.1.jar").getPath());
             File axis = BaseTest.getResourceAsFile(this, "axis2-adb-1.4.1.jar");
             //File jetty = new File(this.getClass().getClassLoader().getResource("org.mortbay.jetty.jar").getPath());
             File jetty = BaseTest.getResourceAsFile(this, "org.mortbay.jetty.jar");
-            
+
             boolean autoUpdate = Settings.getBoolean(Settings.KEYS.AUTO_UPDATE);
             Settings.setBoolean(Settings.KEYS.AUTO_UPDATE, false);
             Engine engine = new Engine();
             Settings.setBoolean(Settings.KEYS.AUTO_UPDATE, autoUpdate);
-            
+
             engine.scan(struts);
             engine.scan(axis);
             engine.scan(jetty);
             engine.analyzeDependencies();
-            
+
             CveDB cveDB = CveDB.getInstance();
             DatabaseProperties dbProp = cveDB.getDatabaseProperties();
 
-            ReportGenerator generator = new ReportGenerator("Test Report","1.4.7","dependency-check-core","org.owasp", engine.getDependencies(), engine.getAnalyzers(), dbProp);
+            ReportGenerator generator = new ReportGenerator("Test Report", "org.owasp", "dependency-check-core", "1.4.7",
+                    engine.getDependencies(), engine.getAnalyzers(), dbProp);
             generator.generateReport(templateName, writeTo);
             cveDB.close();
-            
+
             engine.cleanup();
-            
+
             InputStream xsdStream = ReportGenerator.class.getClassLoader().getResourceAsStream("schema/dependency-check.1.5.xsd");
             StreamSource xsdSource = new StreamSource(xsdStream);
             StreamSource xmlSource = new StreamSource(new File(writeTo));

dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java

@@ -117,7 +117,7 @@ public abstract class BaseDependencyCheckMojo extends AbstractMojo implements Ma
      * The Maven Session.
      */
     @Parameter(defaultValue = "${session}", readonly = true, required = true)
-    protected MavenSession session;
+    private MavenSession session;
 
     /**
      * Remote repositories which will be searched for artifacts.
@@ -627,7 +627,8 @@ public abstract class BaseDependencyCheckMojo extends AbstractMojo implements Ma
      * @return a collection of exceptions that may have occurred while resolving
      * and scanning the dependencies
      */
-    private ExceptionCollection collectDependencies(Engine engine, MavenProject project, List<DependencyNode> nodes, ProjectBuildingRequest buildingRequest) {
+    private ExceptionCollection collectDependencies(Engine engine, MavenProject project,
+            List<DependencyNode> nodes, ProjectBuildingRequest buildingRequest) {
         ExceptionCollection exCol = null;
         for (DependencyNode dependencyNode : nodes) {
             exCol = collectDependencies(engine, project, dependencyNode.getChildren(), buildingRequest);
@@ -1015,7 +1016,8 @@ public abstract class BaseDependencyCheckMojo extends AbstractMojo implements Ma
                 getLog().debug("Unable to retrieve DB Properties", ex);
             }
         }
-        final ReportGenerator r = new ReportGenerator(p.getName(),p.getVersion(),p.getArtifactId(),p.getGroupId(), engine.getDependencies(), engine.getAnalyzers(), prop);
+        final ReportGenerator r = new ReportGenerator(p.getName(), p.getGroupId(), p.getArtifactId(), p.getVersion(),
+                engine.getDependencies(), engine.getAnalyzers(), prop);
         try {
             r.generateReports(outputDir.getAbsolutePath(), format);
         } catch (ReportException ex) {