removed CPE from database updates

Former-commit-id: 0243c4b17c672afd10f77db9edb8a92ea9eeb764

dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/NvdCve20Handler.java

@@ -24,7 +24,6 @@ import java.util.Map;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 import org.apache.lucene.index.CorruptIndexException;
-import org.owasp.dependencycheck.data.cpe.CpeIndexWriter;
 import org.owasp.dependencycheck.dependency.Reference;
 import org.owasp.dependencycheck.dependency.Vulnerability;
 import org.owasp.dependencycheck.dependency.VulnerableSoftware;
@@ -260,26 +259,8 @@ public class NvdCve20Handler extends DefaultHandler {
                 vuln.updateVulnerableSoftware(vs);
             }
         }
-        for (VulnerableSoftware vs : vuln.getVulnerableSoftware()) {
-            if (cpeIndex != null) {
-                cpeIndex.saveEntry(vs);
-            }
-        }
         cveDB.updateVulnerability(vuln);
     }
-    /**
-     * the cpe index.
-     */
-    private CpeIndexWriter cpeIndex;
-
-    /**
-     * Sets the cpe index writer.
-     *
-     * @param index the CPE Lucene Index
-     */
-    public void setCpeIndex(CpeIndexWriter index) {
-        cpeIndex = index;
-    }
 
     // <editor-fold defaultstate="collapsed" desc="The Element Class that maintains state information about the current node">
     /**

dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/AbstractUpdateTask.java

@@ -30,7 +30,6 @@ import javax.xml.parsers.ParserConfigurationException;
 import javax.xml.parsers.SAXParser;
 import javax.xml.parsers.SAXParserFactory;
 import org.owasp.dependencycheck.data.UpdateException;
-import org.owasp.dependencycheck.data.cpe.CpeIndexWriter;
 import org.owasp.dependencycheck.data.nvdcve.CveDB;
 import org.owasp.dependencycheck.utils.FileUtils;
 import org.owasp.dependencycheck.utils.Settings;
@@ -92,19 +91,6 @@ public abstract class AbstractUpdateTask implements UpdateTask {
     protected CveDB getCveDB() {
         return cveDB;
     }
-    /**
-     * Reference to the Cpe Index.
-     */
-    private CpeIndexWriter cpeIndex = null;
-
-    /**
-     * Returns the CpeIndex.
-     *
-     * @return the CpeIndex
-     */
-    protected CpeIndexWriter getCpeIndex() {
-        return cpeIndex;
-    }
 
     /**
      * Gets whether or not an update is needed.
@@ -199,13 +185,6 @@ public abstract class AbstractUpdateTask implements UpdateTask {
                 Logger.getLogger(AbstractUpdateTask.class.getName()).log(Level.FINEST, "Error closing the cveDB", ignore);
             }
         }
-        if (cpeIndex != null) {
-            try {
-                cpeIndex.close();
-            } catch (Exception ignore) {
-                Logger.getLogger(AbstractUpdateTask.class.getName()).log(Level.FINEST, "Error closing the cpeIndex", ignore);
-            }
-        }
     }
 
     /**
@@ -218,8 +197,6 @@ public abstract class AbstractUpdateTask implements UpdateTask {
         try {
             cveDB = new CveDB();
             cveDB.open();
-            cpeIndex = new CpeIndexWriter();
-            cpeIndex.open();
         } catch (IOException ex) {
             closeDataStores();
             Logger.getLogger(AbstractUpdateTask.class.getName()).log(Level.FINE, "IO Error opening databases", ex);
@@ -269,8 +246,8 @@ public abstract class AbstractUpdateTask implements UpdateTask {
      * @throws ClassNotFoundException thrown if the h2 database driver cannot be
      * loaded
      */
-    protected void importXML(File file, File oldVersion)
+    protected void importXML(File file, File oldVersion) throws ParserConfigurationException,
-            throws ParserConfigurationException, SAXException, IOException, SQLException, DatabaseException, ClassNotFoundException {
+            SAXException, IOException, SQLException, DatabaseException, ClassNotFoundException {
 
         final SAXParserFactory factory = SAXParserFactory.newInstance();
         final SAXParser saxParser = factory.newSAXParser();
@@ -282,7 +259,6 @@ public abstract class AbstractUpdateTask implements UpdateTask {
         final NvdCve20Handler cve20Handler = new NvdCve20Handler();
         cve20Handler.setCveDB(cveDB);
         cve20Handler.setPrevVersionVulnMap(prevVersionVulnMap);
-        cve20Handler.setCpeIndex(cpeIndex);
         saxParser.parse(file, cve20Handler);
     }
 }

dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/DatabaseUpdater.java

@@ -24,9 +24,6 @@ import org.owasp.dependencycheck.data.CachedWebDataSource;
 import java.net.MalformedURLException;
 import java.util.logging.Level;
 import java.util.logging.Logger;
-import org.owasp.dependencycheck.concurrency.DirectoryLockException;
-import org.owasp.dependencycheck.concurrency.DirectorySpinLock;
-import org.owasp.dependencycheck.concurrency.InvalidDirectoryException;
 import org.owasp.dependencycheck.data.UpdateException;
 import org.owasp.dependencycheck.utils.DownloadFailedException;
 import org.owasp.dependencycheck.utils.FileUtils;
@@ -48,24 +45,9 @@ public class DatabaseUpdater implements CachedWebDataSource {
      */
     @Override
     public void update() throws UpdateException {
-        final File dataDir = Settings.getFile(Settings.KEYS.DATA_DIRECTORY);
-        DirectorySpinLock lock = null;
         try {
-            lock = new DirectorySpinLock(dataDir);
-        } catch (InvalidDirectoryException ex) {
-            throw new UpdateException("Unable to obtain lock on the data directory", ex);
-        } catch (DirectoryLockException ex) {
-            throw new UpdateException("Unable to obtain exclusive lock on the data directory", ex);
-        }
-
-        try {
-            lock.obtainSharedLock();
             final UpdateTask task = UpdateTaskFactory.getUpdateTask();
-
-
             if (task.isUpdateNeeded()) {
-                lock.release();
-                lock.obtainExclusiveLock();
                 if (task.shouldDeleteAndRecreate()) {
                     try {
                         deleteExistingData();
@@ -76,10 +58,6 @@ public class DatabaseUpdater implements CachedWebDataSource {
                 }
                 task.update();
             }
-        } catch (DirectoryLockException ex) {
-            Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.WARNING,
-                    "Unable to obtain lock on data directory, unable to update the data to use the most current data.");
-            Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.FINE, null, ex);
         } catch (MalformedURLException ex) {
             Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.WARNING,
                     "NVD CVE properties files contain an invalid URL, unable to update the data to use the most current data.");
@@ -88,10 +66,6 @@ public class DatabaseUpdater implements CachedWebDataSource {
             Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.WARNING,
                     "Unable to download the NVD CVE data, unable to update the data to use the most current data.");
             Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.FINE, null, ex);
-        } finally {
-            if (lock != null) {
-                lock.release();
-            }
         }
     }
 

dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/StandardUpdateTask.java

@@ -110,7 +110,6 @@ public class StandardUpdateTask extends AbstractUpdateTask {
                         importXML(outputPath, outputPath12);
 
                         getCveDB().commit();
-                        getCpeIndex().commit();
                         getProperties().save(cve);
 
                         Logger.getLogger(StandardUpdateTask.class.getName()).log(Level.INFO,