From a9af15f6f838a1da99281cde98e99f4ac0313a51 Mon Sep 17 00:00:00 2001 From: Jeremy Long Date: Sat, 21 Jan 2017 08:47:52 -0500 Subject: [PATCH] checkstyle/pmd suggested corrections --- .../main/java/org/owasp/dependencycheck/Engine.java | 3 +-- .../analyzer/AbstractSuppressionAnalyzer.java | 2 +- .../owasp/dependencycheck/analyzer/JarAnalyzer.java | 2 +- .../analyzer/VersionFilterAnalyzer.java | 11 ++++++----- .../owasp/dependencycheck/data/update/CpeUpdater.java | 5 ----- .../dependencycheck/data/update/nvd/DownloadTask.java | 3 --- .../dependencycheck/reporting/ReportGenerator.java | 2 +- .../xml/suppression/SuppressionParser.java | 3 +-- .../maven/BaseDependencyCheckMojo.java | 2 -- .../org/owasp/dependencycheck/utils/Checksum.java | 2 +- 10 files changed, 12 insertions(+), 23 deletions(-) diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/Engine.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/Engine.java index 79b744a27..85aafc32f 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/Engine.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/Engine.java @@ -528,8 +528,7 @@ public class Engine implements FileFilter { final long analyzerDurationMillis = System.currentTimeMillis() - analyzerStart; final long analyzerDurationSeconds = TimeUnit.MILLISECONDS.toSeconds(analyzerDurationMillis); LOGGER.info("Finished {} ({} seconds)", analyzer.getName(), analyzerDurationSeconds); - } - else { + } else { LOGGER.debug("Skipping {} (not enabled)", analyzer.getName()); } } diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/AbstractSuppressionAnalyzer.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/AbstractSuppressionAnalyzer.java index 0a770fff3..450e8f5ae 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/AbstractSuppressionAnalyzer.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/AbstractSuppressionAnalyzer.java @@ -107,7 +107,7 @@ public abstract class AbstractSuppressionAnalyzer extends AbstractAnalyzer { final SuppressionParser parser = new SuppressionParser(); File file = null; try { - InputStream in = this.getClass().getClassLoader().getResourceAsStream("dependencycheck-base-suppression.xml"); + final InputStream in = this.getClass().getClassLoader().getResourceAsStream("dependencycheck-base-suppression.xml"); rules = parser.parseSuppressionRules(in); } catch (SAXException ex) { throw new SuppressionParseException("Unable to parse the base suppression data file", ex); diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java index 766c87eed..49cc45277 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java @@ -243,7 +243,7 @@ public class JarAnalyzer extends AbstractFileTypeAnalyzer { final boolean addPackagesAsEvidence = !(hasManifest && hasPOM); analyzePackageNames(classNames, dependency, addPackagesAsEvidence); } catch (IOException ex) { - throw new AnalysisException("Exception occurred reading the JAR file (" + dependency.getFileName() +").", ex); + throw new AnalysisException("Exception occurred reading the JAR file (" + dependency.getFileName() + ").", ex); } } diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/VersionFilterAnalyzer.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/VersionFilterAnalyzer.java index 8a5f807c8..adbf4cc7b 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/VersionFilterAnalyzer.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/VersionFilterAnalyzer.java @@ -100,20 +100,21 @@ public class VersionFilterAnalyzer extends AbstractAnalyzer { for (Evidence e : dependency.getVersionEvidence()) { if ("file".equals(e.getSource()) && "version".equals(e.getName())) { fileVersion = e.getValue(Boolean.FALSE); - } else if (("nexus".equals(e.getSource()) || "central".equals(e.getSource()) || "pom".equals(e.getSource())) && "version".equals(e.getName())) { + } else if (("nexus".equals(e.getSource()) || "central".equals(e.getSource()) + || "pom".equals(e.getSource())) && "version".equals(e.getName())) { pomVersion = e.getValue(Boolean.FALSE); } } if (fileVersion != null && pomVersion != null) { - DependencyVersion dvFile = new DependencyVersion(fileVersion); - DependencyVersion dvPom = new DependencyVersion(pomVersion); + final DependencyVersion dvFile = new DependencyVersion(fileVersion); + final DependencyVersion dvPom = new DependencyVersion(pomVersion); if (dvPom.equals(dvFile)) { LOGGER.debug("filtering evidence from {}", dependency.getFileName()); - EvidenceCollection versionEvidence = dependency.getVersionEvidence(); + final EvidenceCollection versionEvidence = dependency.getVersionEvidence(); synchronized (versionEvidence) { final Iterator itr = versionEvidence.iterator(); while (itr.hasNext()) { - Evidence e = itr.next(); + final Evidence e = itr.next(); if (!("version".equals(e.getName()) && ("file".equals(e.getSource()) || "nexus".equals(e.getSource()) diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/CpeUpdater.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/CpeUpdater.java index 4ddc7e418..9abeafa7a 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/CpeUpdater.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/CpeUpdater.java @@ -18,17 +18,12 @@ package org.owasp.dependencycheck.data.update; import java.io.File; -import java.io.FileInputStream; -import java.io.FileNotFoundException; -import java.io.FileOutputStream; import java.io.IOException; import java.net.MalformedURLException; import java.net.URL; import java.util.List; -import java.util.zip.GZIPInputStream; import javax.xml.parsers.ParserConfigurationException; import javax.xml.parsers.SAXParser; -import org.apache.commons.io.FileUtils; import static org.owasp.dependencycheck.data.nvdcve.DatabaseProperties.LAST_CPE_UPDATE; import org.owasp.dependencycheck.data.update.cpe.CPEHandler; import org.owasp.dependencycheck.data.update.cpe.Cpe; diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/nvd/DownloadTask.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/nvd/DownloadTask.java index bf6012d08..10d96b934 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/nvd/DownloadTask.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/nvd/DownloadTask.java @@ -20,15 +20,12 @@ package org.owasp.dependencycheck.data.update.nvd; import java.io.File; import java.io.FileInputStream; import java.io.FileNotFoundException; -import java.io.FileOutputStream; import java.io.IOException; import java.io.InputStream; import java.net.URL; import java.util.concurrent.Callable; import java.util.concurrent.ExecutorService; import java.util.concurrent.Future; -import java.util.zip.GZIPInputStream; -import org.apache.commons.io.FileUtils; import org.owasp.dependencycheck.data.nvdcve.CveDB; import org.owasp.dependencycheck.data.update.exception.UpdateException; import org.owasp.dependencycheck.utils.DownloadFailedException; diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/reporting/ReportGenerator.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/reporting/ReportGenerator.java index 419cbd891..4847a43bf 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/reporting/ReportGenerator.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/reporting/ReportGenerator.java @@ -105,7 +105,7 @@ public class ReportGenerator { velocityEngine.init(); final EscapeTool enc = new EscapeTool(); - final DateTime dt = new DateTime();//.now(); + final DateTime dt = new DateTime(); final DateTimeFormatter dateFormat = DateTimeFormat.forPattern("MMM d, yyyy 'at' HH:mm:ss z"); final DateTimeFormatter dateFormatXML = DateTimeFormat.forPattern("yyyy-MM-dd'T'HH:mm:ss.SSSZ"); diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/xml/suppression/SuppressionParser.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/xml/suppression/SuppressionParser.java index 4440d3406..88a37dbe8 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/xml/suppression/SuppressionParser.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/xml/suppression/SuppressionParser.java @@ -100,7 +100,6 @@ public class SuppressionParser { } } - /** * Parses the given XML stream and returns a list of the suppression rules * contained. @@ -113,7 +112,7 @@ public class SuppressionParser { public List parseSuppressionRules(InputStream inputStream) throws SuppressionParseException, SAXException { return parseSuppressionRules(inputStream, SUPPRESSION_SCHEMA); } - + /** * Parses the given XML stream and returns a list of the suppression rules * contained. diff --git a/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java b/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java index f2ed3b615..fab600c23 100644 --- a/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java +++ b/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java @@ -19,7 +19,6 @@ package org.owasp.dependencycheck.maven; import java.io.BufferedOutputStream; import java.io.File; -import java.io.FileInputStream; import java.io.FileNotFoundException; import java.io.FileOutputStream; import java.io.IOException; @@ -61,7 +60,6 @@ import org.owasp.dependencycheck.dependency.Vulnerability; import org.owasp.dependencycheck.exception.ExceptionCollection; import org.owasp.dependencycheck.exception.ReportException; import org.owasp.dependencycheck.reporting.ReportGenerator; -import org.owasp.dependencycheck.utils.ExpectedOjectInputStream; import org.owasp.dependencycheck.utils.Settings; import org.sonatype.plexus.components.sec.dispatcher.DefaultSecDispatcher; import org.sonatype.plexus.components.sec.dispatcher.SecDispatcher; diff --git a/dependency-check-utils/src/main/java/org/owasp/dependencycheck/utils/Checksum.java b/dependency-check-utils/src/main/java/org/owasp/dependencycheck/utils/Checksum.java index 09fb9eed1..09d88c290 100644 --- a/dependency-check-utils/src/main/java/org/owasp/dependencycheck/utils/Checksum.java +++ b/dependency-check-utils/src/main/java/org/owasp/dependencycheck/utils/Checksum.java @@ -68,7 +68,7 @@ public final class Checksum { ch = fis.getChannel(); final ByteBuffer buf = ByteBuffer.allocateDirect(8192); int b = ch.read(buf); - while ((b != -1) && (b != 0)) { + while (b != -1 && b != 0) { buf.flip(); final byte[] bytes = new byte[b]; buf.get(bytes);