minor checkstyle updates

Former-commit-id: 937ba487b5a25de622f81fa9bdc54daf0e15c18e

dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/NvdCveAnalyzer.java

@@ -23,12 +23,9 @@ import java.sql.SQLException;
 import java.util.List;
 import java.util.Set;
 import org.owasp.dependencycheck.Engine;
-import org.owasp.dependencycheck.analyzer.AnalysisException;
-import org.owasp.dependencycheck.analyzer.AnalysisPhase;
 import org.owasp.dependencycheck.dependency.Dependency;
 import org.owasp.dependencycheck.dependency.Vulnerability;
 import org.owasp.dependencycheck.dependency.Identifier;
-import org.owasp.dependencycheck.analyzer.Analyzer;
 import org.owasp.dependencycheck.data.nvdcve.CveDB;
 import org.owasp.dependencycheck.data.nvdcve.DatabaseException;
 

dependency-check-core/src/main/java/org/owasp/dependencycheck/concurrency/DirectoryLockException.java

@@ -25,6 +25,9 @@ package org.owasp.dependencycheck.concurrency;
  */
 public class DirectoryLockException extends Exception {
 
+    /**
+     * Default serial version UID.
+     */
     private static final long serialVersionUID = 1L;
 
     /**

dependency-check-core/src/main/java/org/owasp/dependencycheck/concurrency/DirectorySpinLock.java

@@ -219,7 +219,7 @@ public class DirectorySpinLock implements Closeable /*, AutoCloseable*/ {
     /**
      * Releases any locks and closes the underlying channel.
      *
-     * @throws IOException
+     * @throws IOException if an IO Exception occurs
      */
     @Override
     public void close() throws IOException {

dependency-check-core/src/main/java/org/owasp/dependencycheck/concurrency/InvalidDirectoryException.java

@@ -25,6 +25,9 @@ package org.owasp.dependencycheck.concurrency;
  */
 public class InvalidDirectoryException extends Exception {
 
+    /**
+     * Default serial version UID.
+     */
     private static final long serialVersionUID = 1L;
 
     /**

dependency-check-core/src/main/java/org/owasp/dependencycheck/concurrency/package-info.java

@@ -0,0 +1,11 @@
+/**
+ * <html>
+ * <head>
+ * <title>org.owasp.dependencycheck.concurrency</title>
+ * </head>
+ * <body>
+ * Contains classes used to create shared and exclusive locks on directories.
+ * </body>
+ * </html>
+ */
+package org.owasp.dependencycheck.concurrency;

dependency-check-core/src/main/java/org/owasp/dependencycheck/data/cpe/BaseIndex.java

@@ -36,11 +36,20 @@ public abstract class BaseIndex {
     /**
      * The Lucene directory containing the index.
      */
-    protected Directory directory;
+    private Directory directory;
     /**
      * Indicates whether or not the Lucene Index is open.
      */
-    protected boolean indexOpen = false;
+    private boolean indexOpen = false;
+
+    /**
+     * Gets the directory.
+     *
+     * @return the directory
+     */
+    public Directory getDirectory() {
+        return directory;
+    }
 
     /**
      * Opens the CPE Index.

dependency-check-core/src/main/java/org/owasp/dependencycheck/data/cpe/CpeIndexReader.java

@@ -79,7 +79,7 @@ public class CpeIndexReader extends BaseIndex {
     public void open() throws IOException {
         //TODO add spinlock (shared)
         super.open();
-        indexReader = DirectoryReader.open(directory);
+        indexReader = DirectoryReader.open(getDirectory());
         indexSearcher = new IndexSearcher(indexReader);
         searchingAnalyzer = createSearchingAnalyzer();
         queryParser = new QueryParser(Version.LUCENE_43, Fields.DOCUMENT_KEY, searchingAnalyzer);

dependency-check-core/src/main/java/org/owasp/dependencycheck/data/cpe/CpeIndexWriter.java

@@ -63,7 +63,7 @@ public class CpeIndexWriter extends BaseIndex {
         super.open();
         indexingAnalyzer = createIndexingAnalyzer();
         final IndexWriterConfig conf = new IndexWriterConfig(Version.LUCENE_43, indexingAnalyzer);
-        indexWriter = new IndexWriter(directory, conf);
+        indexWriter = new IndexWriter(getDirectory(), conf);
     }
 
     /**

dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/NvdCve20Handler.java

@@ -25,8 +25,6 @@ import java.util.logging.Level;
 import java.util.logging.Logger;
 import org.apache.lucene.index.CorruptIndexException;
 import org.owasp.dependencycheck.data.cpe.CpeIndexWriter;
-import org.owasp.dependencycheck.data.nvdcve.CveDB;
-import org.owasp.dependencycheck.data.nvdcve.DatabaseException;
 import org.owasp.dependencycheck.dependency.Reference;
 import org.owasp.dependencycheck.dependency.Vulnerability;
 import org.owasp.dependencycheck.dependency.VulnerableSoftware;

dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/DataStoreMetaInfo.java

@@ -104,7 +104,7 @@ public class DataStoreMetaInfo {
      * Loads the data's meta properties.
      */
     private void loadProperties() {
-        File file = getPropertiesFile();
+        final File file = getPropertiesFile();
         if (file.exists()) {
             InputStream is = null;
             try {

dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/DatabaseUpdater.java

@@ -54,6 +54,7 @@ import static org.owasp.dependencycheck.data.update.DataStoreMetaInfo.BATCH;
 import static org.owasp.dependencycheck.data.update.DataStoreMetaInfo.MODIFIED;
 
 /**
+ * Class responsible for updating the CPE and NVDCVE data stores.
  *
  * @author Jeremy Long (jeremy.long@owasp.org)
  */
@@ -74,7 +75,7 @@ public class DatabaseUpdater implements CachedWebDataSource {
     /**
      * A flag indicating whether or not the batch update should be performed.
      */
-    protected boolean doBatchUpdate;
+    private boolean doBatchUpdate;
 
     /**
      * Get the value of doBatchUpdate
@@ -266,6 +267,12 @@ public class DatabaseUpdater implements CachedWebDataSource {
         }
     }
 
+    /**
+     * Performs the batch update based on the configured batch update URL.
+     *
+     * @throws UpdateException thrown if there is an exception during the update
+     * process
+     */
     private void performBatchUpdate() throws UpdateException {
         if (properties.isBatchUpdateMode() && doBatchUpdate) {
             final String batchSrc = Settings.getString(Settings.KEYS.BATCH_UPDATE_URL);
@@ -419,7 +426,7 @@ public class DatabaseUpdater implements CachedWebDataSource {
                     }
                 }
 
-                NvdCveInfo batchInfo = currentlyPublished.get(BATCH);
+                final NvdCveInfo batchInfo = currentlyPublished.get(BATCH);
                 if (properties.isBatchUpdateMode() && batchInfo != null) {
                     final long lastUpdated = Long.parseLong(properties.getProperty(DataStoreMetaInfo.BATCH, "0"));
                     if (lastUpdated != batchInfo.getTimestamp()) {
@@ -477,7 +484,8 @@ public class DatabaseUpdater implements CachedWebDataSource {
                     }
                 }
             } catch (NumberFormatException ex) {
-                Logger.getLogger(DataStoreMetaInfo.class.getName()).log(Level.WARNING, "An invalid schema version or timestamp exists in the data.properties file.");
+                final String msg = "An invalid schema version or timestamp exists in the data.properties file.";
+                Logger.getLogger(DataStoreMetaInfo.class.getName()).log(Level.WARNING, msg);
                 Logger.getLogger(DataStoreMetaInfo.class.getName()).log(Level.FINE, null, ex);
                 setDoBatchUpdate(properties.isBatchUpdateMode());
             }
@@ -521,7 +529,7 @@ public class DatabaseUpdater implements CachedWebDataSource {
         final Map<String, NvdCveInfo> map = new TreeMap<String, NvdCveInfo>();
         String retrieveUrl = Settings.getString(Settings.KEYS.CVE_MODIFIED_20_URL);
         if (retrieveUrl == null && properties.isBatchUpdateMode()) {
-            NvdCveInfo item = new NvdCveInfo();
+            final NvdCveInfo item = new NvdCveInfo();
             retrieveUrl = Settings.getString(Settings.KEYS.BATCH_UPDATE_URL);
             if (retrieveUrl == null) {
                 final String msg = "Invalid configuration - neither the modified or batch update URLs are specified in the configuration.";

dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/NvdCveInfo.java

@@ -20,6 +20,8 @@ package org.owasp.dependencycheck.data.update;
 
 /**
  * A pojo that contains the Url and timestamp of the current NvdCve XML files.
+ *
+ * @author Jeremy Long (jeremy.long@owasp.org)
  */
 public class NvdCveInfo {
 

dependency-check-core/src/main/java/org/owasp/dependencycheck/utils/FileUtils.java

@@ -32,7 +32,6 @@ import java.util.logging.Logger;
 import java.util.zip.ZipEntry;
 import java.util.zip.ZipInputStream;
 import org.owasp.dependencycheck.Engine;
-import org.owasp.dependencycheck.analyzer.AnalysisException;
 import org.owasp.dependencycheck.analyzer.ArchiveAnalyzer;
 
 /**
@@ -81,8 +80,11 @@ public final class FileUtils {
                 delete(c);
             }
         }
-        if (!file.delete()) {
+        if (!org.apache.commons.io.FileUtils.deleteQuietly(file)) {
+            //if (!file.delete()) {
             throw new FileNotFoundException("Failed to delete file: " + file);
+        } else {
+            file.deleteOnExit();
         }
     }
 
@@ -102,7 +104,8 @@ public final class FileUtils {
                 delete(c);
             }
         }
-        if (!file.delete()) {
+        if (!org.apache.commons.io.FileUtils.deleteQuietly(file)) {
+            //if (!file.delete()) {
             if (deleteOnExit) {
                 file.deleteOnExit();
             } else {