formating and codacy recommended updates

dependency-check-core/src/main/java/org/owasp/dependencycheck/AnalysisTask.java

@@ -119,7 +119,7 @@ class AnalysisTask implements Callable<Void> {
      *
      * @return whether or not the analyzer can analyze the dependency
      */
-    boolean shouldAnalyze() {
+    protected boolean shouldAnalyze() {
         if (analyzer instanceof FileTypeAnalyzer) {
             final FileTypeAnalyzer fileTypeAnalyzer = (FileTypeAnalyzer) analyzer;
             return fileTypeAnalyzer.accept(dependency.getActualFile());

dependency-check-core/src/main/java/org/owasp/dependencycheck/Engine.java

@@ -557,7 +557,7 @@ public class Engine implements FileFilter {
      * @param analyzer the analyzer to execute
      * @throws ExceptionCollection thrown if exceptions occurred during analysis
      */
-    void executeAnalysisTasks(Analyzer analyzer, List<Throwable> exceptions) throws ExceptionCollection {
+    protected void executeAnalysisTasks(Analyzer analyzer, List<Throwable> exceptions) throws ExceptionCollection {
         LOGGER.debug("Starting {}", analyzer.getName());
         final List<AnalysisTask> analysisTasks = getAnalysisTasks(analyzer, exceptions);
         final ExecutorService executorService = getExecutorService(analyzer);

dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/CPEAnalyzer.java

@@ -70,26 +70,26 @@ public class CPEAnalyzer extends AbstractAnalyzer {
     /**
      * The maximum number of query results to return.
      */
-    static final int MAX_QUERY_RESULTS = 25;
+    private static final int MAX_QUERY_RESULTS = 25;
     /**
      * The weighting boost to give terms when constructing the Lucene query.
      */
-    static final String WEIGHTING_BOOST = "^5";
+    private static final String WEIGHTING_BOOST = "^5";
     /**
      * A string representation of a regular expression defining characters
      * utilized within the CPE Names.
      */
-    static final String CLEANSE_CHARACTER_RX = "[^A-Za-z0-9 ._-]";
+    private static final String CLEANSE_CHARACTER_RX = "[^A-Za-z0-9 ._-]";
     /**
      * A string representation of a regular expression used to remove all but
      * alpha characters.
      */
-    static final String CLEANSE_NONALPHA_RX = "[^A-Za-z]*";
+    private static final String CLEANSE_NONALPHA_RX = "[^A-Za-z]*";
     /**
      * The additional size to add to a new StringBuilder to account for extra
      * data that will be written into the string.
      */
-    static final int STRING_BUILDER_BUFFER = 20;
+    private static final int STRING_BUILDER_BUFFER = 20;
     /**
      * The CPE in memory index.
      */

dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/DependencyBundlingAnalyzer.java

@@ -384,7 +384,7 @@ public class DependencyBundlingAnalyzer extends AbstractAnalyzer {
      * @return a boolean indicating whether or not the left dependency should be
      * considered the "core" version.
      */
-    boolean isCore(Dependency left, Dependency right) {
+    protected boolean isCore(Dependency left, Dependency right) {
         final String leftName = left.getFileName().toLowerCase();
         final String rightName = right.getFileName().toLowerCase();
 

dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/NvdCveAnalyzer.java

@@ -47,7 +47,7 @@ public class NvdCveAnalyzer extends AbstractAnalyzer {
     /**
      * The maximum number of query results to return.
      */
-    static final int MAX_QUERY_RESULTS = 100;
+    private static final int MAX_QUERY_RESULTS = 100;
     /**
      * The CVE Index.
      */

dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/OpenSSLAnalyzer.java

@@ -102,7 +102,7 @@ public class OpenSSLAnalyzer extends AbstractFileTypeAnalyzer {
      * @param openSSLVersionConstant The open SSL version
      * @return the version of openssl
      */
-    static String getOpenSSLVersion(long openSSLVersionConstant) {
+    protected static String getOpenSSLVersion(long openSSLVersionConstant) {
         final long major = openSSLVersionConstant >>> MAJOR_OFFSET;
         final long minor = (openSSLVersionConstant & MINOR_MASK) >>> MINOR_OFFSET;
         final long fix = (openSSLVersionConstant & FIX_MASK) >>> FIX_OFFSET;

dependency-check-core/src/main/java/org/owasp/dependencycheck/data/cpe/IndexEntry.java

@@ -31,7 +31,7 @@ public class IndexEntry implements Serializable {
     /**
      * the serial version uid.
      */
-    static final long serialVersionUID = 8011924485946326934L;
+    private static final long serialVersionUID = 8011924485946326934L;
     /**
      * The vendor name.
      */

dependency-check-core/src/main/java/org/owasp/dependencycheck/data/lucene/TokenPairConcatenatingFilter.java

@@ -156,10 +156,7 @@ public final class TokenPairConcatenatingFilter extends TokenFilter {
         if ((this.previousWord == null) ? (other.previousWord != null) : !this.previousWord.equals(other.previousWord)) {
             return false;
         }
-        if (this.words != other.words && (this.words == null || !this.words.equals(other.words))) {
+        return !(this.words != other.words && (this.words == null || !this.words.equals(other.words)));
-            return false;
-        }
-        return true;
     }
 
 }

dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/CveDB.java

@@ -259,7 +259,7 @@ public class CveDB {
      *
      * @return the properties from the database
      */
-    synchronized Properties getProperties() {
+    public synchronized Properties getProperties() {
         final Properties prop = new Properties();
         PreparedStatement ps = null;
         ResultSet rs = null;
@@ -285,7 +285,7 @@ public class CveDB {
      * @param key the property key
      * @param value the property value
      */
-    synchronized void saveProperty(String key, String value) {
+    public synchronized void saveProperty(String key, String value) {
         try {
             try {
                 final PreparedStatement mergeProperty = getConnection().prepareStatement(statementBundle.getString("MERGE_PROPERTY"));
@@ -703,7 +703,7 @@ public class CveDB {
      * analyzed
      * @return true if the identified version is affected, otherwise false
      */
-    Entry<String, Boolean> getMatchingSoftware(Map<String, Boolean> vulnerableSoftware, String vendor, String product,
+    protected Entry<String, Boolean> getMatchingSoftware(Map<String, Boolean> vulnerableSoftware, String vendor, String product,
             DependencyVersion identifiedVersion) {
 
         final boolean isVersionTwoADifferentProduct = "apache".equals(vendor) && "struts".equals(product);

dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/NvdCveUpdater.java

@@ -125,7 +125,7 @@ public class NvdCveUpdater extends BaseUpdater implements CachedWebDataSource {
         }
     }
 
-    void initializeExecutorServices() {
+    protected void initializeExecutorServices() {
         processingExecutorService = Executors.newFixedThreadPool(PROCESSING_THREAD_POOL_SIZE);
         downloadExecutorService = Executors.newFixedThreadPool(DOWNLOAD_THREAD_POOL_SIZE);
         LOGGER.debug("#download   threads: {}", DOWNLOAD_THREAD_POOL_SIZE);
@@ -280,7 +280,7 @@ public class NvdCveUpdater extends BaseUpdater implements CachedWebDataSource {
      * @throws UpdateException Is thrown if there is an issue with the last
      * updated properties file
      */
-    final UpdateableNvdCve getUpdatesNeeded() throws MalformedURLException, DownloadFailedException, UpdateException {
+    protected final UpdateableNvdCve getUpdatesNeeded() throws MalformedURLException, DownloadFailedException, UpdateException {
         LOGGER.info("starting getUpdatesNeeded() ...");
         UpdateableNvdCve updates;
         try {

dependency-check-core/src/main/java/org/owasp/dependencycheck/dependency/Identifier.java

@@ -191,10 +191,7 @@ public class Identifier implements Serializable, Comparable<Identifier> {
         if ((this.value == null) ? (other.value != null) : !this.value.equals(other.value)) {
             return false;
         }
-        if ((this.type == null) ? (other.type != null) : !this.type.equals(other.type)) {
+        return !((this.type == null) ? (other.type != null) : !this.type.equals(other.type));
-            return false;
-        }
-        return true;
     }
 
     @Override

dependency-check-core/src/main/java/org/owasp/dependencycheck/dependency/Reference.java

@@ -119,10 +119,7 @@ public class Reference implements Serializable, Comparable<Reference> {
         if ((this.url == null) ? (other.url != null) : !this.url.equals(other.url)) {
             return false;
         }
-        if ((this.source == null) ? (other.source != null) : !this.source.equals(other.source)) {
+        return !((this.source == null) ? (other.source != null) : !this.source.equals(other.source));
-            return false;
-        }
-        return true;
     }
 
     @Override

dependency-check-core/src/main/java/org/owasp/dependencycheck/dependency/Vulnerability.java

@@ -374,10 +374,7 @@ public class Vulnerability implements Serializable, Comparable<Vulnerability> {
             return false;
         }
         final Vulnerability other = (Vulnerability) obj;
-        if ((this.name == null) ? (other.name != null) : !this.name.equals(other.name)) {
+        return !((this.name == null) ? (other.name != null) : !this.name.equals(other.name));
-            return false;
-        }
-        return true;
     }
 
     @Override

dependency-check-core/src/main/java/org/owasp/dependencycheck/reporting/VelocityLoggerRedirect.java

@@ -107,6 +107,7 @@ public class VelocityLoggerRedirect implements LogChute {
                 break;
             default:
                 LOGGER.info(message, t);
+                break;
         }
     }
 

dependency-check-core/src/main/java/org/owasp/dependencycheck/utils/Pair.java

@@ -119,9 +119,6 @@ public class Pair<L, R> {
         if (this.left != other.left && (this.left == null || !this.left.equals(other.left))) {
             return false;
         }
-        if (this.right != other.right && (this.right == null || !this.right.equals(other.right))) {
+        return !(this.right != other.right && (this.right == null || !this.right.equals(other.right)));
-            return false;
-        }
-        return true;
     }
 }

dependency-check-core/src/main/java/org/owasp/dependencycheck/xml/pom/License.java

@@ -117,10 +117,7 @@ public class License {
         if ((this.url == null) ? (other.url != null) : !this.url.equals(other.url)) {
             return false;
         }
-        if ((this.name == null) ? (other.name != null) : !this.name.equals(other.name)) {
+        return !((this.name == null) ? (other.name != null) : !this.name.equals(other.name));
-            return false;
-        }
-        return true;
     }
 
     /**

dependency-check-core/src/main/java/org/owasp/dependencycheck/xml/suppression/PropertyType.java

@@ -163,10 +163,7 @@ public class PropertyType {
         if (this.regex != other.regex) {
             return false;
         }
-        if (this.caseSensitive != other.caseSensitive) {
+        return this.caseSensitive == other.caseSensitive;
-            return false;
-        }
-        return true;
     }
 
     /**

dependency-check-core/src/main/java/org/owasp/dependencycheck/xml/suppression/SuppressionRule.java

@@ -35,6 +35,38 @@ public class SuppressionRule {
      */
     private PropertyType filePath;
 
+    /**
+     * The SHA1 hash.
+     */
+    private String sha1;
+    /**
+     * A list of CPEs to suppression
+     */
+    private List<PropertyType> cpe = new ArrayList<>();
+    /**
+     * The list of cvssBelow scores.
+     */
+    private List<Float> cvssBelow = new ArrayList<>();
+    /**
+     * The list of CWE entries to suppress.
+     */
+    private List<String> cwe = new ArrayList<>();
+    /**
+     * The list of CVE entries to suppress.
+     */
+    private List<String> cve = new ArrayList<>();
+    /**
+     * A Maven GAV to suppression.
+     */
+    private PropertyType gav = null;
+
+    /**
+     * A flag indicating whether or not the suppression rule is a core/base rule
+     * that should not be included in the resulting report in the "suppressed"
+     * section.
+     */
+    private boolean base;
+
     /**
      * Get the value of filePath.
      *
@@ -52,10 +84,6 @@ public class SuppressionRule {
     public void setFilePath(PropertyType filePath) {
         this.filePath = filePath;
     }
-    /**
-     * The sha1 hash.
-     */
-    private String sha1;
 
     /**
      * Get the value of sha1.
@@ -67,40 +95,36 @@ public class SuppressionRule {
     }
 
     /**
-     * Set the value of sha1.
+     * Set the value of SHA1.
      *
-     * @param sha1 new value of sha1
+     * @param sha1 new value of SHA1
      */
     public void setSha1(String sha1) {
         this.sha1 = sha1;
     }
-    /**
-     * A list of CPEs to suppression
-     */
-    private List<PropertyType> cpe = new ArrayList<PropertyType>();
 
     /**
-     * Get the value of cpe.
+     * Get the value of CPE.
      *
-     * @return the value of cpe
+     * @return the value of CPE
      */
     public List<PropertyType> getCpe() {
         return cpe;
     }
 
     /**
-     * Set the value of cpe.
+     * Set the value of CPE.
      *
-     * @param cpe new value of cpe
+     * @param cpe new value of CPE
      */
     public void setCpe(List<PropertyType> cpe) {
         this.cpe = cpe;
     }
 
     /**
-     * Adds the cpe to the cpe list.
+     * Adds the CPE to the CPE list.
      *
-     * @param cpe the cpe to add
+     * @param cpe the CPE to add
      */
     public void addCpe(PropertyType cpe) {
         this.cpe.add(cpe);
@@ -114,10 +138,6 @@ public class SuppressionRule {
     public boolean hasCpe() {
         return !cpe.isEmpty();
     }
-    /**
-     * The list of cvssBelow scores.
-     */
-    private List<Float> cvssBelow = new ArrayList<Float>();
 
     /**
      * Get the value of cvssBelow.
@@ -138,49 +158,45 @@ public class SuppressionRule {
     }
 
     /**
-     * Adds the cvss to the cvssBelow list.
+     * Adds the CVSS to the cvssBelow list.
      *
-     * @param cvss the cvss to add
+     * @param cvss the CVSS to add
      */
     public void addCvssBelow(Float cvss) {
         this.cvssBelow.add(cvss);
     }
 
     /**
-     * Returns whether or not this suppression rule has cvss suppressions.
+     * Returns whether or not this suppression rule has CVSS suppressions.
      *
-     * @return whether or not this suppression rule has cvss suppressions
+     * @return whether or not this suppression rule has CVSS suppressions
      */
     public boolean hasCvssBelow() {
         return !cvssBelow.isEmpty();
     }
-    /**
-     * The list of cwe entries to suppress.
-     */
-    private List<String> cwe = new ArrayList<String>();
 
     /**
-     * Get the value of cwe.
+     * Get the value of CWE.
      *
-     * @return the value of cwe
+     * @return the value of CWE
      */
     public List<String> getCwe() {
         return cwe;
     }
 
     /**
-     * Set the value of cwe.
+     * Set the value of CWE.
      *
-     * @param cwe new value of cwe
+     * @param cwe new value of CWE
      */
     public void setCwe(List<String> cwe) {
         this.cwe = cwe;
     }
 
     /**
-     * Adds the cwe to the cwe list.
+     * Adds the CWE to the CWE list.
      *
-     * @param cwe the cwe to add
+     * @param cwe the CWE to add
      */
     public void addCwe(String cwe) {
         this.cwe.add(cwe);
@@ -194,33 +210,29 @@ public class SuppressionRule {
     public boolean hasCwe() {
         return !cwe.isEmpty();
     }
-    /**
-     * The list of cve entries to suppress.
-     */
-    private List<String> cve = new ArrayList<String>();
 
     /**
-     * Get the value of cve.
+     * Get the value of CVE.
      *
-     * @return the value of cve
+     * @return the value of CVE
      */
     public List<String> getCve() {
         return cve;
     }
 
     /**
-     * Set the value of cve.
+     * Set the value of CVE.
      *
-     * @param cve new value of cve
+     * @param cve new value of CVE
      */
     public void setCve(List<String> cve) {
         this.cve = cve;
     }
 
     /**
-     * Adds the cve to the cve list.
+     * Adds the CVE to the CVE list.
      *
-     * @param cve the cve to add
+     * @param cve the CVE to add
      */
     public void addCve(String cve) {
         this.cve.add(cve);
@@ -234,15 +246,11 @@ public class SuppressionRule {
     public boolean hasCve() {
         return !cve.isEmpty();
     }
-    /**
-     * A Maven GAV to suppression.
-     */
-    private PropertyType gav = null;
 
     /**
      * Get the value of Maven GAV.
      *
-     * @return the value of gav
+     * @return the value of GAV
      */
     public PropertyType getGav() {
         return gav;
@@ -251,7 +259,7 @@ public class SuppressionRule {
     /**
      * Set the value of Maven GAV.
      *
-     * @param gav new value of Maven gav
+     * @param gav new value of Maven GAV
      */
     public void setGav(PropertyType gav) {
         this.gav = gav;
@@ -266,12 +274,6 @@ public class SuppressionRule {
         return gav != null;
     }
 
-    /**
-     * A flag indicating whether or not the suppression rule is a core/base rule that should not be included in the resulting
-     * report in the "suppressed" section.
-     */
-    private boolean base;
-
     /**
      * Get the value of base.
      *
@@ -291,8 +293,9 @@ public class SuppressionRule {
     }
 
     /**
-     * Processes a given dependency to determine if any CPE, CVE, CWE, or CVSS scores should be suppressed. If any should be, they
+     * Processes a given dependency to determine if any CPE, CVE, CWE, or CVSS
-     * are removed from the dependency.
+     * scores should be suppressed. If any should be, they are removed from the
+     * dependency.
      *
      * @param dependency a project dependency to analyze
      */
@@ -375,23 +378,26 @@ public class SuppressionRule {
     }
 
     /**
-     * Identifies if the cpe specified by the cpe suppression rule does not specify a version.
+     * Identifies if the cpe specified by the cpe suppression rule does not
+     * specify a version.
      *
      * @param c a suppression rule identifier
-     * @return true if the property type does not specify a version; otherwise false
+     * @return true if the property type does not specify a version; otherwise
+     * false
      */
-    boolean cpeHasNoVersion(PropertyType c) {
+    protected boolean cpeHasNoVersion(PropertyType c) {
         return !c.isRegex() && countCharacter(c.getValue(), ':') <= 3;
     }
 
     /**
-     * Counts the number of occurrences of the character found within the string.
+     * Counts the number of occurrences of the character found within the
+     * string.
      *
      * @param str the string to check
      * @param c the character to count
      * @return the number of times the character is found in the string
      */
-    int countCharacter(String str, char c) {
+    private int countCharacter(String str, char c) {
         int count = 0;
         int pos = str.indexOf(c) + 1;
         while (pos > 0) {
@@ -402,7 +408,8 @@ public class SuppressionRule {
     }
 
     /**
-     * Determines if the cpeEntry specified as a PropertyType matches the given Identifier.
+     * Determines if the cpeEntry specified as a PropertyType matches the given
+     * Identifier.
      *
      * @param identifierType the type of identifier ("cpe", "maven", etc.)
      * @param suppressionEntry a suppression rule entry

dependency-check-core/src/test/java/org/owasp/dependencycheck/AnalysisTaskTest.java

@@ -17,13 +17,13 @@ import org.owasp.dependencycheck.utils.Settings;
 public class AnalysisTaskTest extends BaseTest {
 
     @Mocked
-    FileTypeAnalyzer fileTypeAnalyzer;
+    private FileTypeAnalyzer fileTypeAnalyzer;
 
     @Mocked
-    Dependency dependency;
+    private Dependency dependency;
 
     @Mocked
-    Engine engine;
+    private Engine engine;
 
 
     @Test

dependency-check-core/src/test/java/org/owasp/dependencycheck/BaseDBTestCase.java

@@ -25,7 +25,6 @@ import java.io.FileOutputStream;
 import java.util.zip.ZipEntry;
 import java.util.zip.ZipInputStream;
 import org.junit.Before;
-import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.utils.Settings;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -54,10 +53,10 @@ public abstract class BaseDBTestCase extends BaseTest {
             f.delete();
         }
 
-        java.io.File dataPath = Settings.getDataDirectory();
+        File dataPath = Settings.getDataDirectory();
         String fileName = Settings.getString(Settings.KEYS.DB_FILE_NAME);
         LOGGER.trace("DB file name {}", fileName);
-        java.io.File dataFile = new File(dataPath, fileName);
+        File dataFile = new File(dataPath, fileName);
         LOGGER.trace("Ensuring {} exists", dataFile.toString());
         if (!dataPath.exists() || !dataFile.exists()) {
             LOGGER.trace("Extracting database to {}", dataPath.toString());

dependency-check-core/src/test/java/org/owasp/dependencycheck/EngineTest.java

@@ -46,9 +46,11 @@ public class EngineTest extends BaseDBTestCase {
     @Mocked
     private AnalysisTask analysisTask;
 
-
     /**
      * Test of scanFile method, of class Engine.
+     *
+     * @throws org.owasp.dependencycheck.data.nvdcve.DatabaseException thrown is
+     * there is an exception
      */
     @Test
     public void testScanFile() throws DatabaseException {
@@ -64,30 +66,34 @@ public class EngineTest extends BaseDBTestCase {
         Dependency secondDwr = instance.scanFile(file);
 
         assertEquals(2, instance.getDependencies().size());
-        assertTrue(dwr == secondDwr);
+        assertEquals(dwr, secondDwr);
     }
 
     @Test(expected = ExceptionCollection.class)
     public void exceptionDuringAnalysisTaskExecutionIsFatal() throws DatabaseException, ExceptionCollection {
         final ExecutorService executorService = Executors.newFixedThreadPool(3);
         final Engine instance = new Engine();
-        final List<Throwable> exceptions = new ArrayList<Throwable>();
+        final List<Throwable> exceptions = new ArrayList<>();
 
-        new Expectations() {{
+        new Expectations() {
-            analysisTask.call();
+            {
-            result = new IllegalStateException("Analysis task execution threw an exception");
+                analysisTask.call();
-        }};
+                result = new IllegalStateException("Analysis task execution threw an exception");
+            }
+        };
 
-        final List<AnalysisTask> failingAnalysisTask = new ArrayList<AnalysisTask>();
+        final List<AnalysisTask> failingAnalysisTask = new ArrayList<>();
         failingAnalysisTask.add(analysisTask);
 
-        new Expectations(instance) {{
+        new Expectations(instance) {
-            instance.getExecutorService(analyzer);
+            {
-            result = executorService;
+                instance.getExecutorService(analyzer);
+                result = executorService;
 
-            instance.getAnalysisTasks(analyzer, exceptions);
+                instance.getAnalysisTasks(analyzer, exceptions);
-            result = failingAnalysisTask;
+                result = failingAnalysisTask;
-        }};
+            }
+        };
 
         instance.executeAnalysisTasks(analyzer, exceptions);
 

dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/AssemblyAnalyzerTest.java

@@ -49,7 +49,7 @@ public class AssemblyAnalyzerTest extends BaseTest {
 
     private static final String LOG_KEY = "org.slf4j.simpleLogger.org.owasp.dependencycheck.analyzer.AssemblyAnalyzer";
 
-    AssemblyAnalyzer analyzer;
+    private AssemblyAnalyzer analyzer;
 
     /**
      * Sets up the analyzer.

dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/AutoconfAnalyzerTest.java

@@ -43,7 +43,7 @@ public class AutoconfAnalyzerTest extends BaseTest {
     /**
      * The analyzer to test.
      */
-    AutoconfAnalyzer analyzer;
+    private AutoconfAnalyzer analyzer;
 
     private void assertCommonEvidence(Dependency result, String product,
             String version, String vendor) {

dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/CMakeAnalyzerTest.java

@@ -53,7 +53,7 @@ public class CMakeAnalyzerTest extends BaseDBTestCase {
     /**
      * The package analyzer to test.
      */
-    CMakeAnalyzer analyzer;
+    private CMakeAnalyzer analyzer;
 
     /**
      * Setup the CmakeAnalyzer.

dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/ComposerLockAnalyzerTest.java

@@ -47,7 +47,7 @@ public class ComposerLockAnalyzerTest extends BaseDBTestCase {
     /**
      * The analyzer to test.
      */
-    ComposerLockAnalyzer analyzer;
+    private ComposerLockAnalyzer analyzer;
 
     /**
      * Correctly setup the analyzer for testing.

dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/DependencyBundlingAnalyzerTest.java

@@ -34,7 +34,7 @@ import static org.junit.Assert.assertTrue;
 public class DependencyBundlingAnalyzerTest extends BaseTest {
 
     @Mocked
-    Engine engineMock;
+    private Engine engineMock;
 
     /**
      * Test of getName method, of class DependencyBundlingAnalyzer.

dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/NodePackageAnalyzerTest.java

@@ -40,7 +40,7 @@ public class NodePackageAnalyzerTest extends BaseTest {
     /**
      * The analyzer to test.
      */
-    NodePackageAnalyzer analyzer;
+    private NodePackageAnalyzer analyzer;
 
     /**
      * Correctly setup the analyzer for testing.

dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/RubyBundleAuditAnalyzerTest.java

@@ -57,7 +57,7 @@ public class RubyBundleAuditAnalyzerTest extends BaseDBTestCase {
     /**
      * The analyzer to test.
      */
-    RubyBundleAuditAnalyzer analyzer;
+    private RubyBundleAuditAnalyzer analyzer;
 
     /**
      * Correctly setup the analyzer for testing.

dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/RubyGemspecAnalyzerTest.java

@@ -40,7 +40,7 @@ public class RubyGemspecAnalyzerTest extends BaseTest {
     /**
      * The analyzer to test.
      */
-    RubyGemspecAnalyzer analyzer;
+    private RubyGemspecAnalyzer analyzer;
 
     /**
      * Correctly setup the analyzer for testing.

dependency-check-core/src/test/java/org/owasp/dependencycheck/data/nvdcve/DatabasePropertiesIntegrationTest.java

@@ -20,6 +20,7 @@ package org.owasp.dependencycheck.data.nvdcve;
 import org.owasp.dependencycheck.BaseDBTestCase;
 import java.util.Properties;
 import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
 import static org.junit.Assert.assertTrue;
 import org.junit.Test;
 import org.owasp.dependencycheck.data.update.nvd.NvdCveInfo;
@@ -40,8 +41,7 @@ public class DatabasePropertiesIntegrationTest extends BaseDBTestCase {
             cveDB = new CveDB();
             cveDB.open();
             DatabaseProperties instance = cveDB.getDatabaseProperties();
-            boolean expResult = false;
+            assertNotNull(instance);
-            boolean result = instance.isEmpty();
             //no exception means the call worked... whether or not it is empty depends on if the db is new
             //assertEquals(expResult, result);
         } finally {

dependency-check-core/src/test/java/org/owasp/dependencycheck/data/update/NvdCveUpdaterIntegrationTest.java

@@ -18,8 +18,10 @@
 package org.owasp.dependencycheck.data.update;
 
 import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.fail;
 import org.junit.Test;
 import org.owasp.dependencycheck.BaseTest;
+import org.owasp.dependencycheck.data.update.exception.UpdateException;
 import org.owasp.dependencycheck.data.update.nvd.UpdateableNvdCve;
 
 /**
@@ -38,9 +40,13 @@ import org.owasp.dependencycheck.data.update.nvd.UpdateableNvdCve;
      * Test of update method.
      */
     @Test
-    public void testUpdate() throws Exception {
+    public void testUpdate() {
-        NvdCveUpdater instance = getUpdater();
+        try {
-        instance.update();
+            NvdCveUpdater instance = getUpdater();
+            instance.update();
+        } catch (UpdateException ex) {
+            fail(ex.getMessage());
+        }
     }
 
     /**

dependency-check-core/src/test/java/org/owasp/dependencycheck/data/update/nvd/NvdCve_1_2_HandlerTest.java

@@ -23,9 +23,7 @@ import java.util.List;
 import java.util.Map;
 import javax.xml.parsers.SAXParser;
 import javax.xml.parsers.SAXParserFactory;
-
+import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
-
 import org.junit.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.dependency.VulnerableSoftware;
@@ -47,6 +45,6 @@ public class NvdCve_1_2_HandlerTest  extends BaseTest {
         NvdCve12Handler instance = new NvdCve12Handler();
         saxParser.parse(file, instance);
         Map<String, List<VulnerableSoftware>> results = instance.getVulnerabilities();
-        assertTrue("No vulnerable software identified with a previous version in 2012 CVE 1.2?", !results.isEmpty());
+        assertFalse("No vulnerable software identified with a previous version in 2012 CVE 1.2?", results.isEmpty());
     }
 }

dependency-check-core/src/test/java/org/owasp/dependencycheck/xml/pom/ModelTest.java

@@ -48,9 +48,10 @@ public class ModelTest extends BaseTest {
      */
     @Test
     public void testSetName() {
-        String name = "";
+        String name = "name";
         Model instance = new Model();
         instance.setName(name);
+        assertEquals("name", instance.getName());
     }
 
     /**
@@ -209,9 +210,10 @@ public class ModelTest extends BaseTest {
      */
     @Test
     public void testSetParentArtifactId() {
-        String parentArtifactId = "";
+        String parentArtifactId = "something";
         Model instance = new Model();
         instance.setParentArtifactId(parentArtifactId);
+        assertNotNull(instance.getParentArtifactId());
     }
 
     /**
@@ -231,9 +233,10 @@ public class ModelTest extends BaseTest {
      */
     @Test
     public void testSetParentVersion() {
-        String parentVersion = "";
+        String parentVersion = "1.0";
         Model instance = new Model();
         instance.setParentVersion(parentVersion);
+        assertNotNull(instance.getParentVersion());
     }
 
     /**
@@ -257,6 +260,7 @@ public class ModelTest extends BaseTest {
         License license = new License("name", "url");
         Model instance = new Model();
         instance.addLicense(license);
+        assertNotNull(instance.getLicenses());
     }
 
     /**

dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java

@@ -983,10 +983,7 @@ public abstract class BaseDependencyCheckMojo extends AbstractMojo implements Ma
         if (skipProvidedScope && org.apache.maven.artifact.Artifact.SCOPE_PROVIDED.equals(scope)) {
             return true;
         }
-        if (skipRuntimeScope && !org.apache.maven.artifact.Artifact.SCOPE_RUNTIME.equals(scope)) {
+        return skipRuntimeScope && !org.apache.maven.artifact.Artifact.SCOPE_RUNTIME.equals(scope);
-            return true;
-        }
-        return false;
     }
 
     /**

dependency-check-utils/src/test/java/org/owasp/dependencycheck/utils/ChecksumTest.java

@@ -26,7 +26,6 @@ import static org.junit.Assert.fail;
 import org.junit.Rule;
 import org.junit.Test;
 import org.junit.rules.ExpectedException;
-import org.owasp.dependencycheck.utils.Checksum;
 
 /**
  *