github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-03-20 16:24:11 +01:00
Code Issues Packages Projects Releases Wiki Activity

sonar, checkstyle, etc. suggested changes

Browse Source
This commit is contained in:
Jeremy Long
2017-06-23 06:26:18 -04:00
parent 9b289e619a
commit b9e9c837c8
13 changed files with 52 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
dependency-check-ant/src/test/java/org/owasp/dependencycheck/taskdefs/DependencyCheckTaskTest.java
View File

@@ -139,7 +139,7 @@ public class DependencyCheckTaskTest {
public void testSuppressingSingle() { public void testSuppressingSingle() {
// GIVEN an ant task with a vulnerability using the legacy property // GIVEN an ant task with a vulnerability using the legacy property
final String antTaskName = "suppression-single"; final String antTaskName = "suppression-single";
// WHEN executing the ant task // WHEN executing the ant task
buildFileRule.executeTarget(antTaskName); buildFileRule.executeTarget(antTaskName);
@@ -157,9 +157,9 @@ public class DependencyCheckTaskTest {
// GIVEN an ant task with a vulnerability using multiple was to configure the suppression file // GIVEN an ant task with a vulnerability using multiple was to configure the suppression file
final String antTaskName = "suppression-multiple"; final String antTaskName = "suppression-multiple";
// WHEN executing the ant task // WHEN executing the ant task
buildFileRule.executeTarget(antTaskName); buildFileRule.executeTarget(antTaskName);
// THEN the ant task executed without error // THEN the ant task executed without error
final File report = new File("target/suppression-multiple-report.html"); final File report = new File("target/suppression-multiple-report.html");
assertTrue("Expected the DependencyCheck report to be generated", report.exists()); assertTrue("Expected the DependencyCheck report to be generated", report.exists());

6
dependency-check-cli/src/main/java/org/owasp/dependencycheck/App.java
View File

@@ -65,7 +65,7 @@ public class App {
Settings.initialize(); Settings.initialize();
final App app = new App(); final App app = new App();
exitCode = app.run(args); exitCode = app.run(args);
LOGGER.debug("Exit code: " + exitCode); LOGGER.debug("Exit code: {}", exitCode);
} finally { } finally {
Settings.cleanup(true); Settings.cleanup(true);
} }
@@ -244,7 +244,7 @@ public class App {
throw ex; throw ex;
} }
} }
if (exCol != null && exCol.getExceptions().size() > 0) { if (exCol != null && !exCol.getExceptions().isEmpty()) {
throw exCol; throw exCol;
} }
return determineReturnCode(engine, cvssFailScore); return determineReturnCode(engine, cvssFailScore);
@@ -270,7 +270,7 @@ public class App {
for (Dependency dep : engine.getDependencies()) { for (Dependency dep : engine.getDependencies()) {
if (!dep.getVulnerabilities().isEmpty()) { if (!dep.getVulnerabilities().isEmpty()) {
for (Vulnerability vuln : dep.getVulnerabilities()) { for (Vulnerability vuln : dep.getVulnerabilities()) {
LOGGER.debug("VULNERABILITY FOUND " + dep.getDisplayFileName()); LOGGER.debug("VULNERABILITY FOUND {}", dep.getDisplayFileName());
if (vuln.getCvssScore() > cvssFailScore) { if (vuln.getCvssScore() > cvssFailScore) {
retCode = 1; retCode = 1;
} }

14
dependency-check-cli/src/main/java/org/owasp/dependencycheck/CliParser.java
View File

@@ -197,9 +197,8 @@ public final class CliParser {
final String msg = String.format("Invalid '%s' argument: '%s'%nUnable to scan paths that start with '//'.", argumentName, path); final String msg = String.format("Invalid '%s' argument: '%s'%nUnable to scan paths that start with '//'.", argumentName, path);
throw new FileNotFoundException(msg); throw new FileNotFoundException(msg);
} else if ((path.endsWith("/*") && !path.endsWith("**/*")) || (path.endsWith("\\*") && path.endsWith("**\\*"))) { } else if ((path.endsWith("/*") && !path.endsWith("**/*")) || (path.endsWith("\\*") && path.endsWith("**\\*"))) {
final String msg = String.format("Possibly incorrect path '%s' from argument '%s' because it ends with a slash star; " LOGGER.warn("Possibly incorrect path '{}' from argument '{}' because it ends with a slash star; "
+ "dependency-check uses ant-style paths", path, argumentName); + "dependency-check uses ant-style paths", path, argumentName);
LOGGER.warn(msg);
} }
} }
@@ -222,10 +221,9 @@ public final class CliParser {
* Adds the standard command line options to the given options collection. * Adds the standard command line options to the given options collection.
* *
* @param options a collection of command line arguments * @param options a collection of command line arguments
* @throws IllegalArgumentException thrown if there is an exception
*/ */
@SuppressWarnings("static-access") @SuppressWarnings("static-access")
private void addStandardOptions(final Options options) throws IllegalArgumentException { private void addStandardOptions(final Options options) {
final Option help = new Option(ARGUMENT.HELP_SHORT, ARGUMENT.HELP, false, final Option help = new Option(ARGUMENT.HELP_SHORT, ARGUMENT.HELP, false,
"Print this message."); "Print this message.");
@@ -327,10 +325,9 @@ public final class CliParser {
* help messages. * help messages.
* *
* @param options a collection of command line arguments * @param options a collection of command line arguments
* @throws IllegalArgumentException thrown if there is an exception
*/ */
@SuppressWarnings("static-access") @SuppressWarnings("static-access")
private void addAdvancedOptions(final Options options) throws IllegalArgumentException { private void addAdvancedOptions(final Options options) {
final Option cve12Base = Option.builder().argName("url").hasArg().longOpt(ARGUMENT.CVE_BASE_12) final Option cve12Base = Option.builder().argName("url").hasArg().longOpt(ARGUMENT.CVE_BASE_12)
.desc("Base URL for each years CVE 1.2, the %d will be replaced with the year. ") .desc("Base URL for each years CVE 1.2, the %d will be replaced with the year. ")
@@ -508,10 +505,9 @@ public final class CliParser {
* existing scripts. * existing scripts.
* *
* @param options a collection of command line arguments * @param options a collection of command line arguments
* @throws IllegalArgumentException thrown if there is an exception
*/ */
@SuppressWarnings({"static-access", "deprecation"}) @SuppressWarnings({"static-access", "deprecation"})
private void addDeprecatedOptions(final Options options) throws IllegalArgumentException { private void addDeprecatedOptions(final Options options) {
final Option proxyServer = Option.builder().argName("url").hasArg().longOpt(ARGUMENT.PROXY_URL) final Option proxyServer = Option.builder().argName("url").hasArg().longOpt(ARGUMENT.PROXY_URL)
.desc("The proxy url argument is deprecated, use proxyserver instead.") .desc("The proxy url argument is deprecated, use proxyserver instead.")
@@ -906,7 +902,7 @@ public final class CliParser {
String name = line.getOptionValue(ARGUMENT.PROJECT); String name = line.getOptionValue(ARGUMENT.PROJECT);
if (name == null && appName != null) { if (name == null && appName != null) {
name = appName; name = appName;
LOGGER.warn("The '" + ARGUMENT.APP_NAME + "' argument should no longer be used; use '" + ARGUMENT.PROJECT + "' instead."); LOGGER.warn("The '{}' argument should no longer be used; use '{}' instead.", ARGUMENT.APP_NAME, ARGUMENT.PROJECT);
} }
return name; return name;
} }

8
dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/CMakeAnalyzer.java
View File

@@ -170,7 +170,7 @@ public class CMakeAnalyzer extends AbstractFileTypeAnalyzer {
"Found project command match with %d groups: %s", "Found project command match with %d groups: %s",
m.groupCount(), m.group(0))); m.groupCount(), m.group(0)));
final String group = m.group(1); final String group = m.group(1);
LOGGER.debug("Group 1: " + group); LOGGER.debug("Group 1: {}", group);
dependency.getProductEvidence().addEvidence(name, "Project", dependency.getProductEvidence().addEvidence(name, "Project",
group, Confidence.HIGH); group, Confidence.HIGH);
} }
@@ -202,8 +202,8 @@ public class CMakeAnalyzer extends AbstractFileTypeAnalyzer {
m.groupCount(), m.group(0)); m.groupCount(), m.group(0));
String product = m.group(1); String product = m.group(1);
final String version = m.group(2); final String version = m.group(2);
LOGGER.debug("Group 1: " + product); LOGGER.debug("Group 1: {}", product);
LOGGER.debug("Group 2: " + version); LOGGER.debug("Group 2: {}", version);
final String aliasPrefix = "ALIASOF_"; final String aliasPrefix = "ALIASOF_";
if (product.startsWith(aliasPrefix)) { if (product.startsWith(aliasPrefix)) {
product = product.replaceFirst(aliasPrefix, ""); product = product.replaceFirst(aliasPrefix, "");
@@ -231,7 +231,7 @@ public class CMakeAnalyzer extends AbstractFileTypeAnalyzer {
currentDep.getVersionEvidence().addEvidence(source, "Version", currentDep.getVersionEvidence().addEvidence(source, "Version",
version, Confidence.MEDIUM); version, Confidence.MEDIUM);
} }
LOGGER.debug(String.format("Found %d matches.", count)); LOGGER.debug("Found {} matches.", count);
} }
@Override @Override

2
dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/NspAnalyzer.java
View File

@@ -103,7 +103,7 @@ public class NspAnalyzer extends AbstractFileTypeAnalyzer {
*/ */
@Override @Override
public void initializeFileTypeAnalyzer() throws InitializationException { public void initializeFileTypeAnalyzer() throws InitializationException {
LOGGER.debug("Initializing " + getName()); LOGGER.debug("Initializing {}", getName());
final String searchUrl = Settings.getString(Settings.KEYS.ANALYZER_NSP_URL, DEFAULT_URL); final String searchUrl = Settings.getString(Settings.KEYS.ANALYZER_NSP_URL, DEFAULT_URL);
try { try {
searcher = new NspSearch(new URL(searchUrl)); searcher = new NspSearch(new URL(searchUrl));

26
dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/RubyBundleAuditAnalyzer.java
View File

@@ -119,7 +119,7 @@ public class RubyBundleAuditAnalyzer extends AbstractFileTypeAnalyzer {
if (bundleAuditPath != null) { if (bundleAuditPath != null) {
bundleAudit = new File(bundleAuditPath); bundleAudit = new File(bundleAuditPath);
if (!bundleAudit.isFile()) { if (!bundleAudit.isFile()) {
LOGGER.warn("Supplied `bundleAudit` path is incorrect: " + bundleAuditPath); LOGGER.warn("Supplied `bundleAudit` path is incorrect: {}", bundleAuditPath);
bundleAudit = null; bundleAudit = null;
} }
} }
@@ -129,7 +129,7 @@ public class RubyBundleAuditAnalyzer extends AbstractFileTypeAnalyzer {
final ProcessBuilder builder = new ProcessBuilder(args); final ProcessBuilder builder = new ProcessBuilder(args);
builder.directory(folder); builder.directory(folder);
try { try {
LOGGER.info("Launching: " + args + " from " + folder); LOGGER.info("Launching: {} from {}",args, folder);
return builder.start(); return builder.start();
} catch (IOException ioe) { } catch (IOException ioe) {
throw new AnalysisException("bundle-audit initialization failure; this error can be ignored if you are not analyzing Ruby. " throw new AnalysisException("bundle-audit initialization failure; this error can be ignored if you are not analyzing Ruby. "
@@ -183,7 +183,7 @@ public class RubyBundleAuditAnalyzer extends AbstractFileTypeAnalyzer {
} else { } else {
try (BufferedReader reader = new BufferedReader(new InputStreamReader(process.getErrorStream(), "UTF-8"))) { try (BufferedReader reader = new BufferedReader(new InputStreamReader(process.getErrorStream(), "UTF-8"))) {
if (!reader.ready()) { if (!reader.ready()) {
LOGGER.warn("Bundle-audit error stream unexpectedly not ready. Disabling " + ANALYZER_NAME); LOGGER.warn("Bundle-audit error stream unexpectedly not ready. Disabling {}", ANALYZER_NAME);
setEnabled(false); setEnabled(false);
throw new InitializationException("Bundle-audit error stream unexpectedly not ready."); throw new InitializationException("Bundle-audit error stream unexpectedly not ready.");
} else { } else {
@@ -204,8 +204,8 @@ public class RubyBundleAuditAnalyzer extends AbstractFileTypeAnalyzer {
} }
if (isEnabled()) { if (isEnabled()) {
LOGGER.info(ANALYZER_NAME + " is enabled. It is necessary to manually run \"bundle-audit update\" " LOGGER.info("{} is enabled. It is necessary to manually run \"bundle-audit update\" "
+ "occasionally to keep its database up to date."); + "occasionally to keep its database up to date.",ANALYZER_NAME);
} }
} }
@@ -274,15 +274,15 @@ public class RubyBundleAuditAnalyzer extends AbstractFileTypeAnalyzer {
for (FileTypeAnalyzer analyzer : engine.getFileTypeAnalyzers()) { for (FileTypeAnalyzer analyzer : engine.getFileTypeAnalyzers()) {
if (analyzer instanceof RubyBundlerAnalyzer) { if (analyzer instanceof RubyBundlerAnalyzer) {
((RubyBundlerAnalyzer) analyzer).setEnabled(false); ((RubyBundlerAnalyzer) analyzer).setEnabled(false);
LOGGER.info("Disabled " + RubyBundlerAnalyzer.class.getName() + " to avoid noisy duplicate results."); LOGGER.info("Disabled {} to avoid noisy duplicate results.",RubyBundlerAnalyzer.class.getName());
} else if (analyzer instanceof RubyGemspecAnalyzer) { } else if (analyzer instanceof RubyGemspecAnalyzer) {
((RubyGemspecAnalyzer) analyzer).setEnabled(false); ((RubyGemspecAnalyzer) analyzer).setEnabled(false);
LOGGER.info("Disabled " + className + " to avoid noisy duplicate results."); LOGGER.info("Disabled {} to avoid noisy duplicate results.",className);
failed = false; failed = false;
} }
} }
if (failed) { if (failed) {
LOGGER.warn("Did not find " + className + '.'); LOGGER.warn("Did not find {}.",className);
} }
needToDisableGemspecAnalyzer = false; needToDisableGemspecAnalyzer = false;
} }
@@ -342,7 +342,7 @@ public class RubyBundleAuditAnalyzer extends AbstractFileTypeAnalyzer {
map.put(gem, createDependencyForGem(engine, parentName, fileName, filePath, gem)); map.put(gem, createDependencyForGem(engine, parentName, fileName, filePath, gem));
} }
dependency = map.get(gem); dependency = map.get(gem);
LOGGER.debug(String.format("bundle-audit (%s): %s", parentName, nextLine)); LOGGER.debug("bundle-audit ({}): {}", parentName, nextLine);
} else if (nextLine.startsWith(VERSION)) { } else if (nextLine.startsWith(VERSION)) {
vulnerability = createVulnerability(parentName, dependency, gem, nextLine); vulnerability = createVulnerability(parentName, dependency, gem, nextLine);
} else if (nextLine.startsWith(ADVISORY)) { } else if (nextLine.startsWith(ADVISORY)) {
@@ -380,7 +380,7 @@ public class RubyBundleAuditAnalyzer extends AbstractFileTypeAnalyzer {
if (null != dependency) { if (null != dependency) {
dependency.getVulnerabilities().add(vulnerability); // needed to wait for vulnerability name to avoid NPE dependency.getVulnerabilities().add(vulnerability); // needed to wait for vulnerability name to avoid NPE
} }
LOGGER.debug(String.format("bundle-audit (%s): %s", parentName, nextLine)); LOGGER.debug("bundle-audit ({}): {}", parentName, nextLine);
} }
/** /**
@@ -399,7 +399,7 @@ public class RubyBundleAuditAnalyzer extends AbstractFileTypeAnalyzer {
ref.setUrl(url); ref.setUrl(url);
vulnerability.getReferences().add(ref); vulnerability.getReferences().add(ref);
} }
LOGGER.debug(String.format("bundle-audit (%s): %s", parentName, nextLine)); LOGGER.debug("bundle-audit ({}): {}", parentName, nextLine);
} }
/** /**
@@ -430,7 +430,7 @@ public class RubyBundleAuditAnalyzer extends AbstractFileTypeAnalyzer {
} }
vulnerability.setCvssScore(score); vulnerability.setCvssScore(score);
} }
LOGGER.debug(String.format("bundle-audit (%s): %s", parentName, nextLine)); LOGGER.debug("bundle-audit ({}): {}", parentName, nextLine);
} }
/** /**
@@ -462,7 +462,7 @@ public class RubyBundleAuditAnalyzer extends AbstractFileTypeAnalyzer {
vulnerability.setCvssConfidentialityImpact("-"); vulnerability.setCvssConfidentialityImpact("-");
vulnerability.setCvssIntegrityImpact("-"); vulnerability.setCvssIntegrityImpact("-");
} }
LOGGER.debug(String.format("bundle-audit (%s): %s", parentName, nextLine)); LOGGER.debug("bundle-audit ({}): {}", parentName, nextLine);
return vulnerability; return vulnerability;
} }

3
dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/ConnectionFactory.java
View File

@@ -154,8 +154,7 @@ public final class ConnectionFactory {
try { try {
conn = DriverManager.getConnection(connectionString, userName, password); conn = DriverManager.getConnection(connectionString, userName, password);
Settings.setString(Settings.KEYS.DB_CONNECTION_STRING, connectionString); Settings.setString(Settings.KEYS.DB_CONNECTION_STRING, connectionString);
LOGGER.debug( LOGGER.debug("Unable to start the database in server mode; reverting to single user mode");
"Unable to start the database in server mode; reverting to single user mode");
} catch (SQLException sqlex) { } catch (SQLException sqlex) {
LOGGER.debug("Unable to connect to the database", ex); LOGGER.debug("Unable to connect to the database", ex);
throw new DatabaseException("Unable to connect to the database"); throw new DatabaseException("Unable to connect to the database");

12
dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/NvdCveUpdater.java
View File

@@ -128,14 +128,14 @@ public class NvdCveUpdater implements CachedWebDataSource {
} catch (IOException ex) { } catch (IOException ex) {
LOGGER.trace("Expected error as another thread has likely locked the file", ex); LOGGER.trace("Expected error as another thread has likely locked the file", ex);
} finally { } finally {
if (lock==null && ulFile!=null) { if (lock == null && ulFile != null) {
ulFile.close(); ulFile.close();
} }
} }
if (lock == null || !lock.isValid()) { if (lock == null || !lock.isValid()) {
try { try {
LOGGER.debug(String.format("Sleeping thread %s for 5 seconds because we could not obtain the update lock.", LOGGER.debug("Sleeping thread {} for 5 seconds because we could not obtain the update lock.",
Thread.currentThread().getName())); Thread.currentThread().getName());
Thread.sleep(5000); Thread.sleep(5000);
} catch (InterruptedException ex) { } catch (InterruptedException ex) {
LOGGER.trace("ignorable error, sleep was interrupted.", ex); LOGGER.trace("ignorable error, sleep was interrupted.", ex);
@@ -161,11 +161,9 @@ public class NvdCveUpdater implements CachedWebDataSource {
} catch (MalformedURLException ex) { } catch (MalformedURLException ex) {
throw new UpdateException("NVD CVE properties files contain an invalid URL, unable to update the data to use the most current data.", ex); throw new UpdateException("NVD CVE properties files contain an invalid URL, unable to update the data to use the most current data.", ex);
} catch (DownloadFailedException ex) { } catch (DownloadFailedException ex) {
LOGGER.warn( LOGGER.warn("Unable to download the NVD CVE data; the results may not include the most recent CPE/CVEs from the NVD.");
"Unable to download the NVD CVE data; the results may not include the most recent CPE/CVEs from the NVD.");
if (Settings.getString(Settings.KEYS.PROXY_SERVER) == null) { if (Settings.getString(Settings.KEYS.PROXY_SERVER) == null) {
LOGGER.info( LOGGER.info("If you are behind a proxy you may need to configure dependency-check to use the proxy.");
"If you are behind a proxy you may need to configure dependency-check to use the proxy.");
} }
throw new UpdateException("Unable to download the NVD CVE data.", ex); throw new UpdateException("Unable to download the NVD CVE data.", ex);
} catch (DatabaseException ex) { } catch (DatabaseException ex) {

3
dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/nvd/DownloadTask.java
View File

@@ -169,8 +169,7 @@ public class DownloadTask implements Callable<Future<ProcessTask>> {
} catch (DownloadFailedException ex) { } catch (DownloadFailedException ex) {
LOGGER.warn("Download Failed for NVD CVE - {}\nSome CVEs may not be reported.", nvdCveInfo.getId()); LOGGER.warn("Download Failed for NVD CVE - {}\nSome CVEs may not be reported.", nvdCveInfo.getId());
if (Settings.getString(Settings.KEYS.PROXY_SERVER) == null) { if (Settings.getString(Settings.KEYS.PROXY_SERVER) == null) {
LOGGER.info( LOGGER.info("If you are behind a proxy you may need to configure dependency-check to use the proxy.");
"If you are behind a proxy you may need to configure dependency-check to use the proxy.");
} }
LOGGER.debug("", ex); LOGGER.debug("", ex);
return null; return null;

9
dependency-check-core/src/main/java/org/owasp/dependencycheck/dependency/EvidenceCollection.java
View File

@@ -263,9 +263,12 @@ public class EvidenceCollection implements Serializable, Iterable<Evidence> {
//TODO consider changing the regex to only compare alpha-numeric (i.e. strip everything else) //TODO consider changing the regex to only compare alpha-numeric (i.e. strip everything else)
String item = e.getValue(); String item = e.getValue();
if (item != null) { if (item != null) {
final String value = urlCorrection(item.toLowerCase()).replaceAll("[\\s_-]", ""); final String uc = urlCorrection(item.toLowerCase());
if (value.contains(textToTest)) { if (uc != null) {
return true; final String value = uc.replaceAll("[\\s_-]", "");
if (value.contains(textToTest)) {
return true;
}
} }
} }
} }

2
dependency-check-core/src/main/java/org/owasp/dependencycheck/dependency/Vulnerability.java
View File

@@ -538,6 +538,7 @@ public class Vulnerability implements Serializable, Comparable<Vulnerability> {
/** /**
* Retruns the source that identified the vulnerability. * Retruns the source that identified the vulnerability.
*
* @return the source * @return the source
*/ */
public Source getSource() { public Source getSource() {
@@ -546,6 +547,7 @@ public class Vulnerability implements Serializable, Comparable<Vulnerability> {
/** /**
* Sets the source that identified the vulnerability. * Sets the source that identified the vulnerability.
*
* @param source the source * @param source the source
*/ */
public void setSource(Source source) { public void setSource(Source source) {

2
dependency-check-core/src/main/java/org/owasp/dependencycheck/utils/UrlStringUtils.java
View File

@@ -31,6 +31,7 @@ import java.util.regex.Pattern;
* @author Jeremy Long * @author Jeremy Long
*/ */
public final class UrlStringUtils { public final class UrlStringUtils {
/** /**
* A regular expression to test if a string contains a URL. * A regular expression to test if a string contains a URL.
*/ */
@@ -51,6 +52,7 @@ public final class UrlStringUtils {
*/ */
private UrlStringUtils() { private UrlStringUtils() {
} }
/** /**
* Tests if the text provided contains a URL. This is somewhat limited * Tests if the text provided contains a URL. This is somewhat limited
* search in that it only looks for (ftp|http|https):// * search in that it only looks for (ftp|http|https)://

12
dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/RubyBundleAuditAnalyzerTest.java
View File

@@ -197,37 +197,37 @@ public class RubyBundleAuditAnalyzerTest extends BaseDBTestCase {
return; return;
} }
List<Dependency> dependencies = engine.getDependencies(); List<Dependency> dependencies = engine.getDependencies();
LOGGER.info(dependencies.size() + " dependencies found."); LOGGER.info("{} dependencies found.", dependencies.size());
Iterator<Dependency> dIterator = dependencies.iterator(); Iterator<Dependency> dIterator = dependencies.iterator();
while (dIterator.hasNext()) { while (dIterator.hasNext()) {
Dependency dept = dIterator.next(); Dependency dept = dIterator.next();
LOGGER.info("dept path: " + dept.getActualFilePath()); LOGGER.info("dept path: {}", dept.getActualFilePath());
Set<Identifier> identifiers = dept.getIdentifiers(); Set<Identifier> identifiers = dept.getIdentifiers();
Iterator<Identifier> idIterator = identifiers.iterator(); Iterator<Identifier> idIterator = identifiers.iterator();
while (idIterator.hasNext()) { while (idIterator.hasNext()) {
Identifier id = idIterator.next(); Identifier id = idIterator.next();
LOGGER.info(" Identifier: " + id.getValue() + ", type=" + id.getType() + ", url=" + id.getUrl() + ", conf=" + id.getConfidence()); LOGGER.info(" Identifier: {}, type={}, url={}, conf={}", id.getValue(), id.getType(), id.getUrl(), id.getConfidence());
} }
Set<Evidence> prodEv = dept.getProductEvidence().getEvidence(); Set<Evidence> prodEv = dept.getProductEvidence().getEvidence();
Iterator<Evidence> it = prodEv.iterator(); Iterator<Evidence> it = prodEv.iterator();
while (it.hasNext()) { while (it.hasNext()) {
Evidence e = it.next(); Evidence e = it.next();
LOGGER.info(" prod: name=" + e.getName() + ", value=" + e.getValue() + ", source=" + e.getSource() + ", confidence=" + e.getConfidence()); LOGGER.info(" prod: name={}, value={}, source={}, confidence={}", e.getName(), e.getValue(), e.getSource(), e.getConfidence());
} }
Set<Evidence> versionEv = dept.getVersionEvidence().getEvidence(); Set<Evidence> versionEv = dept.getVersionEvidence().getEvidence();
Iterator<Evidence> vIt = versionEv.iterator(); Iterator<Evidence> vIt = versionEv.iterator();
while (vIt.hasNext()) { while (vIt.hasNext()) {
Evidence e = vIt.next(); Evidence e = vIt.next();
LOGGER.info(" version: name=" + e.getName() + ", value=" + e.getValue() + ", source=" + e.getSource() + ", confidence=" + e.getConfidence()); LOGGER.info(" version: name={}, value={}, source={}, confidence={}", e.getName(), e.getValue(), e.getSource(), e.getConfidence());
} }
Set<Evidence> vendorEv = dept.getVendorEvidence().getEvidence(); Set<Evidence> vendorEv = dept.getVendorEvidence().getEvidence();
Iterator<Evidence> vendorIt = vendorEv.iterator(); Iterator<Evidence> vendorIt = vendorEv.iterator();
while (vendorIt.hasNext()) { while (vendorIt.hasNext()) {
Evidence e = vendorIt.next(); Evidence e = vendorIt.next();
LOGGER.info(" vendor: name=" + e.getName() + ", value=" + e.getValue() + ", source=" + e.getSource() + ", confidence=" + e.getConfidence()); LOGGER.info(" vendor: name={}, value={}, source={}, confidence={}", e.getName(), e.getValue(), e.getSource(), e.getConfidence());
} }
} }
} }