diff --git a/src/main/java/org/owasp/dependencycheck/analyzer/DependencyBundlingAnalyzer.java b/src/main/java/org/owasp/dependencycheck/analyzer/DependencyBundlingAnalyzer.java index c95d676a2..67df47869 100644 --- a/src/main/java/org/owasp/dependencycheck/analyzer/DependencyBundlingAnalyzer.java +++ b/src/main/java/org/owasp/dependencycheck/analyzer/DependencyBundlingAnalyzer.java @@ -107,35 +107,35 @@ public class DependencyBundlingAnalyzer extends AbstractAnalyzer implements Anal public void analyze(Dependency ignore, Engine engine) throws AnalysisException { if (!analyzed) { analyzed = true; - Set dependenciesToRemove = new HashSet(); - ListIterator mainIterator = engine.getDependencies().listIterator(); - //for (Dependency dependencyToCheck : engine.getDependencies()) { + final Set dependenciesToRemove = new HashSet(); + final ListIterator mainIterator = engine.getDependencies().listIterator(); + //for (Dependency nextDependency : engine.getDependencies()) { while (mainIterator.hasNext()) { final Dependency dependency = mainIterator.next(); if (mainIterator.hasNext()) { - ListIterator subIterator = engine.getDependencies().listIterator(mainIterator.nextIndex()); + final ListIterator subIterator = engine.getDependencies().listIterator(mainIterator.nextIndex()); while (subIterator.hasNext()) { - final Dependency dependencyToCheck = subIterator.next(); + final Dependency nextDependency = subIterator.next(); - if (identifiersMatch(dependency, dependencyToCheck) - && hasSameBasePath(dependency, dependencyToCheck)) { + if (identifiersMatch(dependency, nextDependency) + && hasSameBasePath(dependency, nextDependency)) { - if (isCore(dependency, dependencyToCheck)) { - dependency.addRelatedDependency(dependencyToCheck); + if (isCore(dependency, nextDependency)) { + dependency.addRelatedDependency(nextDependency); //move any "related dependencies" to the new "parent" dependency - final Iterator i = dependencyToCheck.getRelatedDependencies().iterator(); + final Iterator i = nextDependency.getRelatedDependencies().iterator(); while (i.hasNext()) { dependency.addRelatedDependency(i.next()); i.remove(); } - dependenciesToRemove.add(dependencyToCheck); + dependenciesToRemove.add(nextDependency); } else { - if (isCore(dependencyToCheck, dependency)) { - dependencyToCheck.addRelatedDependency(dependency); + if (isCore(nextDependency, dependency)) { + nextDependency.addRelatedDependency(dependency); //move any "related dependencies" to the new "parent" dependency final Iterator i = dependency.getRelatedDependencies().iterator(); while (i.hasNext()) { - dependencyToCheck.addRelatedDependency(i.next()); + nextDependency.addRelatedDependency(i.next()); i.remove(); } dependenciesToRemove.add(dependency); diff --git a/src/main/resources/schema/DependencyCheck.xsd b/src/main/resources/schema/DependencyCheck.xsd index 71688d96d..790a27fcb 100644 --- a/src/main/resources/schema/DependencyCheck.xsd +++ b/src/main/resources/schema/DependencyCheck.xsd @@ -7,7 +7,7 @@ - +