github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-15 08:13:43 +01:00
Code Issues Packages Projects Releases Wiki Activity

code cleanup

Browse Source
This commit is contained in:
Jeremy Long
2017-03-10 16:40:22 -05:00
parent 046f4605f9
commit a61bba2f72
14 changed files with 16 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
dependency-check-ant/pom.xml
View File

@@ -288,7 +288,7 @@ Copyright (c) 2013 - Jeremy Long. All Rights Reserved.
<version>${reporting.pmd-plugin.version}</version>
<configuration>
<targetJdk>1.6</targetJdk>
<linkXref>true</linkXref>
<linkXRef>true</linkXRef>
<sourceEncoding>utf-8</sourceEncoding>
<excludes>
<exclude>**/generated/*.java</exclude>

2
dependency-check-cli/pom.xml
View File

@@ -196,7 +196,7 @@ Copyright (c) 2012 - Jeremy Long. All Rights Reserved.
<version>${reporting.pmd-plugin.version}</version>
<configuration>
<targetJdk>1.6</targetJdk>
<linkXref>true</linkXref>
<linkXRef>true</linkXRef>
<sourceEncoding>utf-8</sourceEncoding>
<excludes>
<exclude>**/generated/*.java</exclude>

2
dependency-check-core/pom.xml
View File

@@ -244,7 +244,7 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
<version>${reporting.pmd-plugin.version}</version>
<configuration>
<targetJdk>1.6</targetJdk>
<linkXref>true</linkXref>
<linkXRef>true</linkXRef>
<sourceEncoding>utf-8</sourceEncoding>
<excludes>
<exclude>**/generated/*.java</exclude>

3
dependency-check-core/src/main/java/org/owasp/dependencycheck/Engine.java
View File

@@ -630,7 +630,7 @@ public class Engine implements FileFilter {
* @throws InitializationException thrown when there is a problem
* initializing the analyzer
*/
protected Analyzer initializeAnalyzer(Analyzer analyzer) throws InitializationException {
protected void initializeAnalyzer(Analyzer analyzer) throws InitializationException {
try {
LOGGER.debug("Initializing {}", analyzer.getName());
analyzer.initialize();
@@ -653,7 +653,6 @@ public class Engine implements FileFilter {
}
throw new InitializationException("Unexpected Exception", ex);
}
return analyzer;
}
/**

3
dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/ArchiveAnalyzer.java
View File

@@ -347,8 +347,7 @@ public class ArchiveAnalyzer extends AbstractFileTypeAnalyzer {
* @return any dependencies that weren't known to the engine before
*/
private static List<Dependency> findMoreDependencies(Engine engine, File file) {
final List<Dependency> added = engine.scan(file);
return added;
return engine.scan(file);
}
/**

6
dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/NexusAnalyzer.java
View File

@@ -87,10 +87,6 @@ public class NexusAnalyzer extends AbstractFileTypeAnalyzer {
*/
private static final String SUPPORTED_EXTENSIONS = "jar";
/**
* Whether or not the Nexus analyzer should use a proxy if configured.
*/
private boolean useProxy;
/**
* The Nexus Search to be set up for this analyzer.
*/
@@ -148,7 +144,7 @@ public class NexusAnalyzer extends AbstractFileTypeAnalyzer {
LOGGER.debug("Initializing Nexus Analyzer");
LOGGER.debug("Nexus Analyzer enabled: {}", isEnabled());
if (isEnabled()) {
useProxy = useProxy();
boolean useProxy = useProxy();
final String searchUrl = Settings.getString(Settings.KEYS.ANALYZER_NEXUS_URL);
LOGGER.debug("Nexus Analyzer URL: {}", searchUrl);
try {

8
dependency-check-core/src/main/java/org/owasp/dependencycheck/data/composer/ComposerLockParser.java
View File

@@ -42,11 +42,6 @@ public class ComposerLockParser {
*/
private final JsonReader jsonReader;
/**
* The input stream we'll read
*/
private final InputStream inputStream; // NOPMD - it gets set in the constructor, read later
/**
* The List of ComposerDependencies found
*/
@@ -58,13 +53,12 @@ public class ComposerLockParser {
private static final Logger LOGGER = LoggerFactory.getLogger(ComposerLockParser.class);
/**
* Createas a ComposerLockParser from a JsonReader and an InputStream.
* Creates a ComposerLockParser from a JsonReader and an InputStream.
*
* @param inputStream the InputStream to parse
*/
public ComposerLockParser(InputStream inputStream) {
LOGGER.info("Creating a ComposerLockParser");
this.inputStream = inputStream;
this.jsonReader = Json.createReader(inputStream);
this.composerDependencies = new ArrayList<>();
}

2
dependency-check-maven/pom.xml
View File

@@ -155,7 +155,7 @@ Copyright (c) 2013 Jeremy Long. All Rights Reserved.
<version>${reporting.pmd-plugin.version}</version>
<configuration>
<targetJdk>1.6</targetJdk>
<linkXref>true</linkXref>
<linkXRef>true</linkXRef>
<sourceEncoding>utf-8</sourceEncoding>
<excludes>
<exclude>**/generated/**/*.java</exclude>

3
dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java
View File

@@ -608,8 +608,7 @@ public abstract class BaseDependencyCheckMojo extends AbstractMojo implements Ma
final Object obj = current.getContextValue(getDataFileContextKey());
if (obj != null) {
if (obj instanceof String) {
final File f = new File((String) obj);
return f;
return new File((String) obj);
}
} else if (getLog().isDebugEnabled()) {
getLog().debug("Context value not found");

2
dependency-check-utils/pom.xml
View File

@@ -120,7 +120,7 @@ Copyright (c) 2014 - Jeremy Long. All Rights Reserved.
<version>${reporting.pmd-plugin.version}</version>
<configuration>
<targetJdk>1.6</targetJdk>
<linkXref>true</linkXref>
<linkXRef>true</linkXRef>
<sourceEncoding>utf-8</sourceEncoding>
<excludes>
<exclude>**/org/owasp/dependencycheck/org/apache/**/*.java</exclude>

2
dependency-check-utils/src/main/java/org/owasp/dependencycheck/utils/ExpectedOjectInputStream.java
View File

@@ -36,7 +36,7 @@ public class ExpectedOjectInputStream extends ObjectInputStream {
/**
* The list of fully qualified class names that are able to be deserialized.
*/
private List<String> expected = new ArrayList<>();
private final List<String> expected = new ArrayList<>();
/**
* Constructs a new ExpectedOjectInputStream that can be used to securely deserialize an object by restricting the classes

3
dependency-check-utils/src/main/java/org/owasp/dependencycheck/utils/Settings.java
View File

@@ -784,8 +784,7 @@ public final class Settings {
* @return the property from the properties file
*/
public static String getString(String key, String defaultValue) {
final String str = System.getProperty(key, LOCAL_SETTINGS.get().props.getProperty(key, defaultValue));
return str;
return System.getProperty(key, LOCAL_SETTINGS.get().props.getProperty(key, defaultValue));
}
/**

3
dependency-check-utils/src/main/java/org/owasp/dependencycheck/utils/XmlUtils.java
View File

@@ -120,8 +120,7 @@ public final class XmlUtils {
factory.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true);
factory.setFeature("http://xml.org/sax/features/external-general-entities", false);
factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
final DocumentBuilder db = factory.newDocumentBuilder();
return db;
return factory.newDocumentBuilder();
}
/**

3
src/site/markdown/general/internals.md
View File

@@ -15,6 +15,9 @@ a list of vulnerable software:
<vuln:product>cpe:/a:vmware:springsource_spring_security:3.1.2</vuln:product>
<vuln:product>cpe:/a:vmware:springsource_spring_security:2.0.4</vuln:product>
<vuln:product>cpe:/a:vmware:springsource_spring_security:3.0.1</vuln:product>
</vuln:vulnerable-software-list>
...
</entry>
```
These CPE entries are read "cpe:/[Entry Type]:[Vendor]:[Product]:[Version]:[Revision]:...". The CPE data is collected