checkstyle/pmd suggested corrections

dependency-check-core/src/main/java/org/owasp/dependencycheck/Engine.java

@@ -528,8 +528,7 @@ public class Engine implements FileFilter {
                     final long analyzerDurationMillis = System.currentTimeMillis() - analyzerStart;
                     final long analyzerDurationSeconds = TimeUnit.MILLISECONDS.toSeconds(analyzerDurationMillis);
                     LOGGER.info("Finished {} ({} seconds)", analyzer.getName(), analyzerDurationSeconds);
-                }
-                else {
+                } else {
                     LOGGER.debug("Skipping {} (not enabled)", analyzer.getName());
                 }
             }

dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/AbstractSuppressionAnalyzer.java

@@ -107,7 +107,7 @@ public abstract class AbstractSuppressionAnalyzer extends AbstractAnalyzer {
         final SuppressionParser parser = new SuppressionParser();
         File file = null;
         try {
-            InputStream in = this.getClass().getClassLoader().getResourceAsStream("dependencycheck-base-suppression.xml");
+            final InputStream in = this.getClass().getClassLoader().getResourceAsStream("dependencycheck-base-suppression.xml");
             rules = parser.parseSuppressionRules(in);
         } catch (SAXException ex) {
             throw new SuppressionParseException("Unable to parse the base suppression data file", ex);

dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java

@@ -243,7 +243,7 @@ public class JarAnalyzer extends AbstractFileTypeAnalyzer {
             final boolean addPackagesAsEvidence = !(hasManifest && hasPOM);
             analyzePackageNames(classNames, dependency, addPackagesAsEvidence);
         } catch (IOException ex) {
-            throw new AnalysisException("Exception occurred reading the JAR file (" + dependency.getFileName() +").", ex);
+            throw new AnalysisException("Exception occurred reading the JAR file (" + dependency.getFileName() + ").", ex);
         }
     }
 

dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/VersionFilterAnalyzer.java

@@ -100,20 +100,21 @@ public class VersionFilterAnalyzer extends AbstractAnalyzer {
         for (Evidence e : dependency.getVersionEvidence()) {
             if ("file".equals(e.getSource()) && "version".equals(e.getName())) {
                 fileVersion = e.getValue(Boolean.FALSE);
-            } else if (("nexus".equals(e.getSource()) || "central".equals(e.getSource()) || "pom".equals(e.getSource())) && "version".equals(e.getName())) {
+            } else if (("nexus".equals(e.getSource()) || "central".equals(e.getSource())
+                    || "pom".equals(e.getSource())) && "version".equals(e.getName())) {
                 pomVersion = e.getValue(Boolean.FALSE);
             }
         }
         if (fileVersion != null && pomVersion != null) {
-            DependencyVersion dvFile = new DependencyVersion(fileVersion);
-            DependencyVersion dvPom = new DependencyVersion(pomVersion);
+            final DependencyVersion dvFile = new DependencyVersion(fileVersion);
+            final DependencyVersion dvPom = new DependencyVersion(pomVersion);
             if (dvPom.equals(dvFile)) {
                 LOGGER.debug("filtering evidence from {}", dependency.getFileName());
-                EvidenceCollection versionEvidence = dependency.getVersionEvidence();
+                final EvidenceCollection versionEvidence = dependency.getVersionEvidence();
                 synchronized (versionEvidence) {
                     final Iterator<Evidence> itr = versionEvidence.iterator();
                     while (itr.hasNext()) {
-                        Evidence e = itr.next();
+                        final Evidence e = itr.next();
                         if (!("version".equals(e.getName())
                                 && ("file".equals(e.getSource())
                                 || "nexus".equals(e.getSource())

dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/CpeUpdater.java

@@ -18,17 +18,12 @@
 package org.owasp.dependencycheck.data.update;
 
 import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
-import java.io.FileOutputStream;
 import java.io.IOException;
 import java.net.MalformedURLException;
 import java.net.URL;
 import java.util.List;
-import java.util.zip.GZIPInputStream;
 import javax.xml.parsers.ParserConfigurationException;
 import javax.xml.parsers.SAXParser;
-import org.apache.commons.io.FileUtils;
 import static org.owasp.dependencycheck.data.nvdcve.DatabaseProperties.LAST_CPE_UPDATE;
 import org.owasp.dependencycheck.data.update.cpe.CPEHandler;
 import org.owasp.dependencycheck.data.update.cpe.Cpe;

dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/nvd/DownloadTask.java

@@ -20,15 +20,12 @@ package org.owasp.dependencycheck.data.update.nvd;
 import java.io.File;
 import java.io.FileInputStream;
 import java.io.FileNotFoundException;
-import java.io.FileOutputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.net.URL;
 import java.util.concurrent.Callable;
 import java.util.concurrent.ExecutorService;
 import java.util.concurrent.Future;
-import java.util.zip.GZIPInputStream;
-import org.apache.commons.io.FileUtils;
 import org.owasp.dependencycheck.data.nvdcve.CveDB;
 import org.owasp.dependencycheck.data.update.exception.UpdateException;
 import org.owasp.dependencycheck.utils.DownloadFailedException;

dependency-check-core/src/main/java/org/owasp/dependencycheck/reporting/ReportGenerator.java

@@ -105,7 +105,7 @@ public class ReportGenerator {
         velocityEngine.init();
         final EscapeTool enc = new EscapeTool();
 
-        final DateTime dt = new DateTime();//.now();
+        final DateTime dt = new DateTime();
         final DateTimeFormatter dateFormat = DateTimeFormat.forPattern("MMM d, yyyy 'at' HH:mm:ss z");
         final DateTimeFormatter dateFormatXML = DateTimeFormat.forPattern("yyyy-MM-dd'T'HH:mm:ss.SSSZ");
 

dependency-check-core/src/main/java/org/owasp/dependencycheck/xml/suppression/SuppressionParser.java

@@ -100,7 +100,6 @@ public class SuppressionParser {
         }
     }
 
-    
     /**
      * Parses the given XML stream and returns a list of the suppression rules
      * contained.
@@ -113,7 +112,7 @@ public class SuppressionParser {
     public List<SuppressionRule> parseSuppressionRules(InputStream inputStream) throws SuppressionParseException, SAXException {
         return parseSuppressionRules(inputStream, SUPPRESSION_SCHEMA);
     }
-    
+
     /**
      * Parses the given XML stream and returns a list of the suppression rules
      * contained.

dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java

@@ -19,7 +19,6 @@ package org.owasp.dependencycheck.maven;
 
 import java.io.BufferedOutputStream;
 import java.io.File;
-import java.io.FileInputStream;
 import java.io.FileNotFoundException;
 import java.io.FileOutputStream;
 import java.io.IOException;
@@ -61,7 +60,6 @@ import org.owasp.dependencycheck.dependency.Vulnerability;
 import org.owasp.dependencycheck.exception.ExceptionCollection;
 import org.owasp.dependencycheck.exception.ReportException;
 import org.owasp.dependencycheck.reporting.ReportGenerator;
-import org.owasp.dependencycheck.utils.ExpectedOjectInputStream;
 import org.owasp.dependencycheck.utils.Settings;
 import org.sonatype.plexus.components.sec.dispatcher.DefaultSecDispatcher;
 import org.sonatype.plexus.components.sec.dispatcher.SecDispatcher;

dependency-check-utils/src/main/java/org/owasp/dependencycheck/utils/Checksum.java

@@ -68,7 +68,7 @@ public final class Checksum {
             ch = fis.getChannel();
             final ByteBuffer buf = ByteBuffer.allocateDirect(8192);
             int b = ch.read(buf);
-            while ((b != -1) && (b != 0)) {
+            while (b != -1 && b != 0) {
                 buf.flip();
                 final byte[] bytes = new byte[b];
                 buf.get(bytes);