github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-04-30 04:04:30 +02:00
Code Issues Packages Projects Releases Wiki Activity

formating and codacy recommended updates

Browse Source
This commit is contained in:
Jeremy Long
2017-02-17 12:59:17 -05:00
parent 71724461a9
commit 960a2e27ab
35 changed files with 149 additions and 153 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
dependency-check-core/src/main/java/org/owasp/dependencycheck/AnalysisTask.java
View File

@@ -119,7 +119,7 @@ class AnalysisTask implements Callable<Void> {
*
* @return whether or not the analyzer can analyze the dependency
*/
boolean shouldAnalyze() {
protected boolean shouldAnalyze() {
if (analyzer instanceof FileTypeAnalyzer) {
final FileTypeAnalyzer fileTypeAnalyzer = (FileTypeAnalyzer) analyzer;
return fileTypeAnalyzer.accept(dependency.getActualFile());

2
dependency-check-core/src/main/java/org/owasp/dependencycheck/Engine.java
View File

@@ -557,7 +557,7 @@ public class Engine implements FileFilter {
* @param analyzer the analyzer to execute
* @throws ExceptionCollection thrown if exceptions occurred during analysis
*/
void executeAnalysisTasks(Analyzer analyzer, List<Throwable> exceptions) throws ExceptionCollection {
protected void executeAnalysisTasks(Analyzer analyzer, List<Throwable> exceptions) throws ExceptionCollection {
LOGGER.debug("Starting {}", analyzer.getName());
final List<AnalysisTask> analysisTasks = getAnalysisTasks(analyzer, exceptions);
final ExecutorService executorService = getExecutorService(analyzer);

10
dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/CPEAnalyzer.java
View File

@@ -70,26 +70,26 @@ public class CPEAnalyzer extends AbstractAnalyzer {
/**
* The maximum number of query results to return.
*/
static final int MAX_QUERY_RESULTS = 25;
private static final int MAX_QUERY_RESULTS = 25;
/**
* The weighting boost to give terms when constructing the Lucene query.
*/
static final String WEIGHTING_BOOST = "^5";
private static final String WEIGHTING_BOOST = "^5";
/**
* A string representation of a regular expression defining characters
* utilized within the CPE Names.
*/
static final String CLEANSE_CHARACTER_RX = "[^A-Za-z0-9 ._-]";
private static final String CLEANSE_CHARACTER_RX = "[^A-Za-z0-9 ._-]";
/**
* A string representation of a regular expression used to remove all but
* alpha characters.
*/
static final String CLEANSE_NONALPHA_RX = "[^A-Za-z]*";
private static final String CLEANSE_NONALPHA_RX = "[^A-Za-z]*";
/**
* The additional size to add to a new StringBuilder to account for extra
* data that will be written into the string.
*/
static final int STRING_BUILDER_BUFFER = 20;
private static final int STRING_BUILDER_BUFFER = 20;
/**
* The CPE in memory index.
*/

2
dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/DependencyBundlingAnalyzer.java
View File

@@ -384,7 +384,7 @@ public class DependencyBundlingAnalyzer extends AbstractAnalyzer {
* @return a boolean indicating whether or not the left dependency should be
* considered the "core" version.
*/
boolean isCore(Dependency left, Dependency right) {
protected boolean isCore(Dependency left, Dependency right) {
final String leftName = left.getFileName().toLowerCase();
final String rightName = right.getFileName().toLowerCase();

2
dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/NvdCveAnalyzer.java
View File

@@ -47,7 +47,7 @@ public class NvdCveAnalyzer extends AbstractAnalyzer {
/**
* The maximum number of query results to return.
*/
static final int MAX_QUERY_RESULTS = 100;
private static final int MAX_QUERY_RESULTS = 100;
/**
* The CVE Index.
*/

2
dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/OpenSSLAnalyzer.java
View File

@@ -102,7 +102,7 @@ public class OpenSSLAnalyzer extends AbstractFileTypeAnalyzer {
* @param openSSLVersionConstant The open SSL version
* @return the version of openssl
*/
static String getOpenSSLVersion(long openSSLVersionConstant) {
protected static String getOpenSSLVersion(long openSSLVersionConstant) {
final long major = openSSLVersionConstant >>> MAJOR_OFFSET;
final long minor = (openSSLVersionConstant & MINOR_MASK) >>> MINOR_OFFSET;
final long fix = (openSSLVersionConstant & FIX_MASK) >>> FIX_OFFSET;

2
dependency-check-core/src/main/java/org/owasp/dependencycheck/data/cpe/IndexEntry.java
View File

@@ -31,7 +31,7 @@ public class IndexEntry implements Serializable {
/**
* the serial version uid.
*/
static final long serialVersionUID = 8011924485946326934L;
private static final long serialVersionUID = 8011924485946326934L;
/**
* The vendor name.
*/

5
dependency-check-core/src/main/java/org/owasp/dependencycheck/data/lucene/TokenPairConcatenatingFilter.java
View File

@@ -156,10 +156,7 @@ public final class TokenPairConcatenatingFilter extends TokenFilter {
if ((this.previousWord == null) ? (other.previousWord != null) : !this.previousWord.equals(other.previousWord)) {
return false;
}
if (this.words != other.words && (this.words == null || !this.words.equals(other.words))) {
return false;
}
return true;
return !(this.words != other.words && (this.words == null || !this.words.equals(other.words)));
}
}

6
dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/CveDB.java
View File

@@ -259,7 +259,7 @@ public class CveDB {
*
* @return the properties from the database
*/
synchronized Properties getProperties() {
public synchronized Properties getProperties() {
final Properties prop = new Properties();
PreparedStatement ps = null;
ResultSet rs = null;
@@ -285,7 +285,7 @@ public class CveDB {
* @param key the property key
* @param value the property value
*/
synchronized void saveProperty(String key, String value) {
public synchronized void saveProperty(String key, String value) {
try {
try {
final PreparedStatement mergeProperty = getConnection().prepareStatement(statementBundle.getString("MERGE_PROPERTY"));
@@ -703,7 +703,7 @@ public class CveDB {
* analyzed
* @return true if the identified version is affected, otherwise false
*/
Entry<String, Boolean> getMatchingSoftware(Map<String, Boolean> vulnerableSoftware, String vendor, String product,
protected Entry<String, Boolean> getMatchingSoftware(Map<String, Boolean> vulnerableSoftware, String vendor, String product,
DependencyVersion identifiedVersion) {
final boolean isVersionTwoADifferentProduct = "apache".equals(vendor) && "struts".equals(product);

4
dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/NvdCveUpdater.java
View File

@@ -125,7 +125,7 @@ public class NvdCveUpdater extends BaseUpdater implements CachedWebDataSource {
}
}
void initializeExecutorServices() {
protected void initializeExecutorServices() {
processingExecutorService = Executors.newFixedThreadPool(PROCESSING_THREAD_POOL_SIZE);
downloadExecutorService = Executors.newFixedThreadPool(DOWNLOAD_THREAD_POOL_SIZE);
LOGGER.debug("#download threads: {}", DOWNLOAD_THREAD_POOL_SIZE);
@@ -280,7 +280,7 @@ public class NvdCveUpdater extends BaseUpdater implements CachedWebDataSource {
* @throws UpdateException Is thrown if there is an issue with the last
* updated properties file
*/
final UpdateableNvdCve getUpdatesNeeded() throws MalformedURLException, DownloadFailedException, UpdateException {
protected final UpdateableNvdCve getUpdatesNeeded() throws MalformedURLException, DownloadFailedException, UpdateException {
LOGGER.info("starting getUpdatesNeeded() ...");
UpdateableNvdCve updates;
try {

5
dependency-check-core/src/main/java/org/owasp/dependencycheck/dependency/Identifier.java
View File

@@ -191,10 +191,7 @@ public class Identifier implements Serializable, Comparable<Identifier> {
if ((this.value == null) ? (other.value != null) : !this.value.equals(other.value)) {
return false;
}
if ((this.type == null) ? (other.type != null) : !this.type.equals(other.type)) {
return false;
}
return true;
return !((this.type == null) ? (other.type != null) : !this.type.equals(other.type));
}
@Override

5
dependency-check-core/src/main/java/org/owasp/dependencycheck/dependency/Reference.java
View File

@@ -119,10 +119,7 @@ public class Reference implements Serializable, Comparable<Reference> {
if ((this.url == null) ? (other.url != null) : !this.url.equals(other.url)) {
return false;
}
if ((this.source == null) ? (other.source != null) : !this.source.equals(other.source)) {
return false;
}
return true;
return !((this.source == null) ? (other.source != null) : !this.source.equals(other.source));
}
@Override

5
dependency-check-core/src/main/java/org/owasp/dependencycheck/dependency/Vulnerability.java
View File

@@ -374,10 +374,7 @@ public class Vulnerability implements Serializable, Comparable<Vulnerability> {
return false;
}
final Vulnerability other = (Vulnerability) obj;
if ((this.name == null) ? (other.name != null) : !this.name.equals(other.name)) {
return false;
}
return true;
return !((this.name == null) ? (other.name != null) : !this.name.equals(other.name));
}
@Override

1
dependency-check-core/src/main/java/org/owasp/dependencycheck/reporting/VelocityLoggerRedirect.java
View File

@@ -107,6 +107,7 @@ public class VelocityLoggerRedirect implements LogChute {
break;
default:
LOGGER.info(message, t);
break;
}
}

5
dependency-check-core/src/main/java/org/owasp/dependencycheck/utils/Pair.java
View File

@@ -119,9 +119,6 @@ public class Pair<L, R> {
if (this.left != other.left && (this.left == null || !this.left.equals(other.left))) {
return false;
}
if (this.right != other.right && (this.right == null || !this.right.equals(other.right))) {
return false;
}
return true;
return !(this.right != other.right && (this.right == null || !this.right.equals(other.right)));
}
}

5
dependency-check-core/src/main/java/org/owasp/dependencycheck/xml/pom/License.java
View File

@@ -117,10 +117,7 @@ public class License {
if ((this.url == null) ? (other.url != null) : !this.url.equals(other.url)) {
return false;
}
if ((this.name == null) ? (other.name != null) : !this.name.equals(other.name)) {
return false;
}
return true;
return !((this.name == null) ? (other.name != null) : !this.name.equals(other.name));
}
/**

5
dependency-check-core/src/main/java/org/owasp/dependencycheck/xml/suppression/PropertyType.java
View File

@@ -163,10 +163,7 @@ public class PropertyType {
if (this.regex != other.regex) {
return false;
}
if (this.caseSensitive != other.caseSensitive) {
return false;
}
return true;
return this.caseSensitive == other.caseSensitive;
}
/**

135
dependency-check-core/src/main/java/org/owasp/dependencycheck/xml/suppression/SuppressionRule.java
View File

@@ -35,6 +35,38 @@ public class SuppressionRule {
*/
private PropertyType filePath;
/**
* The SHA1 hash.
*/
private String sha1;
/**
* A list of CPEs to suppression
*/
private List<PropertyType> cpe = new ArrayList<>();
/**
* The list of cvssBelow scores.
*/
private List<Float> cvssBelow = new ArrayList<>();
/**
* The list of CWE entries to suppress.
*/
private List<String> cwe = new ArrayList<>();
/**
* The list of CVE entries to suppress.
*/
private List<String> cve = new ArrayList<>();
/**
* A Maven GAV to suppression.
*/
private PropertyType gav = null;
/**
* A flag indicating whether or not the suppression rule is a core/base rule
* that should not be included in the resulting report in the "suppressed"
* section.
*/
private boolean base;
/**
* Get the value of filePath.
*
@@ -52,10 +84,6 @@ public class SuppressionRule {
public void setFilePath(PropertyType filePath) {
this.filePath = filePath;
}
/**
* The sha1 hash.
*/
private String sha1;
/**
* Get the value of sha1.
@@ -67,40 +95,36 @@ public class SuppressionRule {
}
/**
* Set the value of sha1.
* Set the value of SHA1.
*
* @param sha1 new value of sha1
* @param sha1 new value of SHA1
*/
public void setSha1(String sha1) {
this.sha1 = sha1;
}
/**
* A list of CPEs to suppression
*/
private List<PropertyType> cpe = new ArrayList<PropertyType>();
/**
* Get the value of cpe.
* Get the value of CPE.
*
* @return the value of cpe
* @return the value of CPE
*/
public List<PropertyType> getCpe() {
return cpe;
}
/**
* Set the value of cpe.
* Set the value of CPE.
*
* @param cpe new value of cpe
* @param cpe new value of CPE
*/
public void setCpe(List<PropertyType> cpe) {
this.cpe = cpe;
}
/**
* Adds the cpe to the cpe list.
* Adds the CPE to the CPE list.
*
* @param cpe the cpe to add
* @param cpe the CPE to add
*/
public void addCpe(PropertyType cpe) {
this.cpe.add(cpe);
@@ -114,10 +138,6 @@ public class SuppressionRule {
public boolean hasCpe() {
return !cpe.isEmpty();
}
/**
* The list of cvssBelow scores.
*/
private List<Float> cvssBelow = new ArrayList<Float>();
/**
* Get the value of cvssBelow.
@@ -138,49 +158,45 @@ public class SuppressionRule {
}
/**
* Adds the cvss to the cvssBelow list.
* Adds the CVSS to the cvssBelow list.
*
* @param cvss the cvss to add
* @param cvss the CVSS to add
*/
public void addCvssBelow(Float cvss) {
this.cvssBelow.add(cvss);
}
/**
* Returns whether or not this suppression rule has cvss suppressions.
* Returns whether or not this suppression rule has CVSS suppressions.
*
* @return whether or not this suppression rule has cvss suppressions
* @return whether or not this suppression rule has CVSS suppressions
*/
public boolean hasCvssBelow() {
return !cvssBelow.isEmpty();
}
/**
* The list of cwe entries to suppress.
*/
private List<String> cwe = new ArrayList<String>();
/**
* Get the value of cwe.
* Get the value of CWE.
*
* @return the value of cwe
* @return the value of CWE
*/
public List<String> getCwe() {
return cwe;
}
/**
* Set the value of cwe.
* Set the value of CWE.
*
* @param cwe new value of cwe
* @param cwe new value of CWE
*/
public void setCwe(List<String> cwe) {
this.cwe = cwe;
}
/**
* Adds the cwe to the cwe list.
* Adds the CWE to the CWE list.
*
* @param cwe the cwe to add
* @param cwe the CWE to add
*/
public void addCwe(String cwe) {
this.cwe.add(cwe);
@@ -194,33 +210,29 @@ public class SuppressionRule {
public boolean hasCwe() {
return !cwe.isEmpty();
}
/**
* The list of cve entries to suppress.
*/
private List<String> cve = new ArrayList<String>();
/**
* Get the value of cve.
* Get the value of CVE.
*
* @return the value of cve
* @return the value of CVE
*/
public List<String> getCve() {
return cve;
}
/**
* Set the value of cve.
* Set the value of CVE.
*
* @param cve new value of cve
* @param cve new value of CVE
*/
public void setCve(List<String> cve) {
this.cve = cve;
}
/**
* Adds the cve to the cve list.
* Adds the CVE to the CVE list.
*
* @param cve the cve to add
* @param cve the CVE to add
*/
public void addCve(String cve) {
this.cve.add(cve);
@@ -234,15 +246,11 @@ public class SuppressionRule {
public boolean hasCve() {
return !cve.isEmpty();
}
/**
* A Maven GAV to suppression.
*/
private PropertyType gav = null;
/**
* Get the value of Maven GAV.
*
* @return the value of gav
* @return the value of GAV
*/
public PropertyType getGav() {
return gav;
@@ -251,7 +259,7 @@ public class SuppressionRule {
/**
* Set the value of Maven GAV.
*
* @param gav new value of Maven gav
* @param gav new value of Maven GAV
*/
public void setGav(PropertyType gav) {
this.gav = gav;
@@ -266,12 +274,6 @@ public class SuppressionRule {
return gav != null;
}
/**
* A flag indicating whether or not the suppression rule is a core/base rule that should not be included in the resulting
* report in the "suppressed" section.
*/
private boolean base;
/**
* Get the value of base.
*
@@ -291,8 +293,9 @@ public class SuppressionRule {
}
/**
* Processes a given dependency to determine if any CPE, CVE, CWE, or CVSS scores should be suppressed. If any should be, they
* are removed from the dependency.
* Processes a given dependency to determine if any CPE, CVE, CWE, or CVSS
* scores should be suppressed. If any should be, they are removed from the
* dependency.
*
* @param dependency a project dependency to analyze
*/
@@ -375,23 +378,26 @@ public class SuppressionRule {
}
/**
* Identifies if the cpe specified by the cpe suppression rule does not specify a version.
* Identifies if the cpe specified by the cpe suppression rule does not
* specify a version.
*
* @param c a suppression rule identifier
* @return true if the property type does not specify a version; otherwise false
* @return true if the property type does not specify a version; otherwise
* false
*/
boolean cpeHasNoVersion(PropertyType c) {
protected boolean cpeHasNoVersion(PropertyType c) {
return !c.isRegex() && countCharacter(c.getValue(), ':') <= 3;
}
/**
* Counts the number of occurrences of the character found within the string.
* Counts the number of occurrences of the character found within the
* string.
*
* @param str the string to check
* @param c the character to count
* @return the number of times the character is found in the string
*/
int countCharacter(String str, char c) {
private int countCharacter(String str, char c) {
int count = 0;
int pos = str.indexOf(c) + 1;
while (pos > 0) {
@@ -402,7 +408,8 @@ public class SuppressionRule {
}
/**
* Determines if the cpeEntry specified as a PropertyType matches the given Identifier.
* Determines if the cpeEntry specified as a PropertyType matches the given
* Identifier.
*
* @param identifierType the type of identifier ("cpe", "maven", etc.)
* @param suppressionEntry a suppression rule entry