diff --git a/dependency-check-ant/src/main/java/org/owasp/dependencycheck/taskdefs/Check.java b/dependency-check-ant/src/main/java/org/owasp/dependencycheck/taskdefs/Check.java index 86268a2d2..6c38786d4 100644 --- a/dependency-check-ant/src/main/java/org/owasp/dependencycheck/taskdefs/Check.java +++ b/dependency-check-ant/src/main/java/org/owasp/dependencycheck/taskdefs/Check.java @@ -18,7 +18,6 @@ package org.owasp.dependencycheck.taskdefs; import java.io.File; -import java.io.IOException; import java.util.List; import org.apache.tools.ant.BuildException; import org.apache.tools.ant.Project; diff --git a/dependency-check-ant/src/main/java/org/owasp/dependencycheck/taskdefs/Purge.java b/dependency-check-ant/src/main/java/org/owasp/dependencycheck/taskdefs/Purge.java index 5316a44c8..3bc335fb0 100644 --- a/dependency-check-ant/src/main/java/org/owasp/dependencycheck/taskdefs/Purge.java +++ b/dependency-check-ant/src/main/java/org/owasp/dependencycheck/taskdefs/Purge.java @@ -78,7 +78,7 @@ public class Purge extends Task { private boolean failOnError = true; /** - * Get the value of failOnError + * Get the value of failOnError. * * @return the value of failOnError */ @@ -87,7 +87,7 @@ public class Purge extends Task { } /** - * Set the value of failOnError + * Set the value of failOnError. * * @param failOnError new value of failOnError */ diff --git a/dependency-check-cli/src/main/java/org/owasp/dependencycheck/App.java b/dependency-check-cli/src/main/java/org/owasp/dependencycheck/App.java index 6e1d0f8dd..af8b2271b 100644 --- a/dependency-check-cli/src/main/java/org/owasp/dependencycheck/App.java +++ b/dependency-check-cli/src/main/java/org/owasp/dependencycheck/App.java @@ -37,7 +37,6 @@ import org.owasp.dependencycheck.utils.Settings; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import ch.qos.logback.core.FileAppender; -import java.util.logging.Level; import org.owasp.dependencycheck.data.update.exception.UpdateException; import org.owasp.dependencycheck.exception.ExceptionCollection; import org.owasp.dependencycheck.exception.ReportException; @@ -77,6 +76,7 @@ public class App { * Main CLI entry-point into the application. * * @param args the command line arguments + * @return the exit code to return */ public int run(String[] args) { int exitCode = 0; @@ -170,13 +170,13 @@ public class App { exitCode = -12; } catch (ExceptionCollection ex) { if (ex.isFatal()) { - exitCode =-13; + exitCode = -13; LOGGER.error("One or more fatal errors occured"); } else { - exitCode =-14; - } + exitCode = -14; + } for (Throwable e : ex.getExceptions()) { - LOGGER.error(e.getMessage()); + LOGGER.error(e.getMessage()); } } } else { @@ -301,6 +301,10 @@ public class App { /** * Only executes the update phase of dependency-check. + * + * @throws UpdateException thrown if there is an error updating + * @throws DatabaseException thrown if a fatal error occurred and a + * connection to the database could not be established */ private void runUpdateOnly() throws UpdateException, DatabaseException { Engine engine = null; diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/Engine.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/Engine.java index 82e60467b..5560c4adc 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/Engine.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/Engine.java @@ -333,7 +333,7 @@ public class Engine implements FileFilter { * during analysis */ public void analyzeDependencies() throws ExceptionCollection { - List exceptions = new ArrayList(); + final List exceptions = new ArrayList(); boolean autoUpdate = true; try { autoUpdate = Settings.getBoolean(Settings.KEYS.AUTO_UPDATE); @@ -359,7 +359,7 @@ public class Engine implements FileFilter { LOGGER.error("{}\n\nUnable to continue dependency-check analysis.", ex.getMessage()); LOGGER.debug("", ex); exceptions.add(ex); - throw new ExceptionCollection("Unable to continue dependency-check analysis.",exceptions, true); + throw new ExceptionCollection("Unable to continue dependency-check analysis.", exceptions, true); } catch (DatabaseException ex) { LOGGER.error("{}\n\nUnable to continue dependency-check analysis.", ex.getMessage()); LOGGER.debug("", ex); @@ -480,7 +480,7 @@ public class Engine implements FileFilter { * Cycles through the cached web data sources and calls update on all of * them. * - * @throws UpdateException + * @throws UpdateException thrown if the operation fails */ public void doUpdates() throws UpdateException { LOGGER.info("Checking for updates"); diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/agent/DependencyCheckScanAgent.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/agent/DependencyCheckScanAgent.java index 038644a3e..56ab93810 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/agent/DependencyCheckScanAgent.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/agent/DependencyCheckScanAgent.java @@ -845,8 +845,8 @@ public class DependencyCheckScanAgent { * Executes the Dependency-Check on the dependent libraries. * * @return the Engine used to scan the dependencies. - * @throws org.owasp.dependencycheck.data.nvdcve.DatabaseException thrown if - * there is an exception connecting to the database + * @throws ExceptionCollection a collection of one or more exceptions that + * occurred during analysis. */ private Engine executeDependencyCheck() throws ExceptionCollection { populateSettings(); diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/ArchiveAnalyzer.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/ArchiveAnalyzer.java index 5a14171c7..470d13e2a 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/ArchiveAnalyzer.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/ArchiveAnalyzer.java @@ -367,7 +367,7 @@ public class ArchiveAnalyzer extends AbstractFileTypeAnalyzer { final String archiveExt = FileUtils.getFileExtension(archive.getName()).toLowerCase(); try { if (ZIPPABLES.contains(archiveExt)) { - BufferedInputStream in = new BufferedInputStream(fis); + final BufferedInputStream in = new BufferedInputStream(fis); ensureReadableJar(archiveExt, in); extractArchive(new ZipArchiveInputStream(in), destination, engine); } else if ("tar".equals(archiveExt)) { @@ -413,7 +413,7 @@ public class ArchiveAnalyzer extends AbstractFileTypeAnalyzer { private void ensureReadableJar(final String archiveExt, BufferedInputStream in) throws IOException { if ("jar".equals(archiveExt) && in.markSupported()) { in.mark(7); - byte[] b = new byte[7]; + final byte[] b = new byte[7]; in.read(b); if (b[0] == '#' && b[1] == '!' diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/CPEAnalyzer.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/CPEAnalyzer.java index 815881155..f66ec39bd 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/CPEAnalyzer.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/CPEAnalyzer.java @@ -574,15 +574,13 @@ public class CPEAnalyzer implements Analyzer { final String url = String.format(NVD_SEARCH_URL, URLEncoder.encode(vs.getName(), "UTF-8")); final IdentifierMatch match = new IdentifierMatch("cpe", vs.getName(), url, IdentifierConfidence.EXACT_MATCH, conf); collected.add(match); - } else //TODO the following isn't quite right is it? need to think about this guessing game a bit more. - { - if (evVer.getVersionParts().size() <= dbVer.getVersionParts().size() - && evVer.matchesAtLeastThreeLevels(dbVer)) { - if (bestGuessConf == null || bestGuessConf.compareTo(conf) > 0) { - if (bestGuess.getVersionParts().size() < dbVer.getVersionParts().size()) { - bestGuess = dbVer; - bestGuessConf = conf; - } + } else//TODO the following isn't quite right is it? need to think about this guessing game a bit more. + if (evVer.getVersionParts().size() <= dbVer.getVersionParts().size() + && evVer.matchesAtLeastThreeLevels(dbVer)) { + if (bestGuessConf == null || bestGuessConf.compareTo(conf) > 0) { + if (bestGuess.getVersionParts().size() < dbVer.getVersionParts().size()) { + bestGuess = dbVer; + bestGuessConf = conf; } } } diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/HintAnalyzer.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/HintAnalyzer.java index b4ebcbfe0..8bce5cd25 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/HintAnalyzer.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/HintAnalyzer.java @@ -32,7 +32,6 @@ import org.owasp.dependencycheck.dependency.Dependency; import org.owasp.dependencycheck.dependency.Evidence; import org.owasp.dependencycheck.exception.InitializationException; import org.owasp.dependencycheck.xml.suppression.PropertyType; -import org.owasp.dependencycheck.xml.suppression.SuppressionParseException; import org.owasp.dependencycheck.utils.DownloadFailedException; import org.owasp.dependencycheck.utils.Downloader; import org.owasp.dependencycheck.utils.FileUtils; @@ -279,7 +278,7 @@ public class HintAnalyzer extends AbstractAnalyzer implements Analyzer { /** * Loads the hint rules file. * - * @throws SuppressionParseException thrown if the XML cannot be parsed. + * @throws HintParseException thrown if the XML cannot be parsed. */ private void loadHintRules() throws HintParseException { final HintParser parser = new HintParser(); @@ -327,7 +326,7 @@ public class HintAnalyzer extends AbstractAnalyzer implements Analyzer { if (file != null) { try { - Hints newHints = parser.parseHints(file); + final Hints newHints = parser.parseHints(file); hints.getHintRules().addAll(newHints.getHintRules()); hints.getVendorDuplicatingHintRules().addAll(newHints.getVendorDuplicatingHintRules()); LOGGER.debug("{} hint rules were loaded.", hints.getHintRules().size()); diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java index 9d952c14c..fed1824a9 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java @@ -39,7 +39,6 @@ import java.util.jar.Attributes; import java.util.jar.JarEntry; import java.util.jar.JarFile; import java.util.jar.Manifest; -import java.util.logging.Level; import java.util.regex.Pattern; import java.util.zip.ZipEntry; import org.apache.commons.compress.utils.IOUtils; @@ -646,9 +645,7 @@ public class JarAnalyzer extends AbstractFileTypeAnalyzer { * @return whether evidence was identified parsing the manifest * @throws IOException if there is an issue reading the JAR file */ - protected boolean parseManifest(Dependency dependency, - List classInformation) - throws IOException { + protected boolean parseManifest(Dependency dependency, List classInformation) throws IOException { boolean foundSomething = false; JarFile jar = null; try { @@ -667,7 +664,6 @@ public class JarAnalyzer extends AbstractFileTypeAnalyzer { final EvidenceCollection vendorEvidence = dependency.getVendorEvidence(); final EvidenceCollection productEvidence = dependency.getProductEvidence(); final EvidenceCollection versionEvidence = dependency.getVersionEvidence(); - String source = "Manifest"; String specificationVersion = null; boolean hasImplementationVersion = false; @@ -784,7 +780,6 @@ public class JarAnalyzer extends AbstractFileTypeAnalyzer { } } } - for (Map.Entry item : manifest.getEntries().entrySet()) { final String name = item.getKey(); source = "manifest: " + name; diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/RubyBundleAuditAnalyzer.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/RubyBundleAuditAnalyzer.java index 9b63eaa6c..8c5d0efed 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/RubyBundleAuditAnalyzer.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/RubyBundleAuditAnalyzer.java @@ -52,6 +52,9 @@ import org.owasp.dependencycheck.exception.InitializationException; @Experimental public class RubyBundleAuditAnalyzer extends AbstractFileTypeAnalyzer { + /** + * The logger. + */ private static final Logger LOGGER = LoggerFactory.getLogger(RubyBundleAuditAnalyzer.class); /** @@ -150,7 +153,7 @@ public class RubyBundleAuditAnalyzer extends AbstractFileTypeAnalyzer { setEnabled(false); cvedb.close(); cvedb = null; - String msg = String.format("Exception from bundle-audit process: %s. Disabling %s", ae.getCause(), ANALYZER_NAME); + final String msg = String.format("Exception from bundle-audit process: %s. Disabling %s", ae.getCause(), ANALYZER_NAME); throw new InitializationException(msg, ae); } catch (IOException ex) { setEnabled(false); @@ -162,12 +165,12 @@ public class RubyBundleAuditAnalyzer extends AbstractFileTypeAnalyzer { exitValue = process.waitFor(); } catch (InterruptedException ex) { setEnabled(false); - String msg = String.format("Bundle-audit process was interupted. Disabling %s", ANALYZER_NAME); + final String msg = String.format("Bundle-audit process was interupted. Disabling %s", ANALYZER_NAME); throw new InitializationException(msg); } if (0 == exitValue) { setEnabled(false); - String msg = String.format("Unexpected exit code from bundle-audit process. Disabling %s: %s", ANALYZER_NAME, exitValue); + final String msg = String.format("Unexpected exit code from bundle-audit process. Disabling %s: %s", ANALYZER_NAME, exitValue); throw new InitializationException(msg); } else { BufferedReader reader = null; diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/cpe/CpeMemoryIndex.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/cpe/CpeMemoryIndex.java index 666a2ffbe..692e4c4be 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/cpe/CpeMemoryIndex.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/cpe/CpeMemoryIndex.java @@ -48,8 +48,8 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; /** - * An in memory lucene index that contains the vendor/product combinations from the CPE (application) identifiers within the NVD - * CVE data. + * An in memory lucene index that contains the vendor/product combinations from + * the CPE (application) identifiers within the NVD CVE data. * * @author Jeremy Long */ @@ -144,19 +144,6 @@ public final class CpeMemoryIndex { return openState; } - /** - * Creates the indexing analyzer for the CPE Index. - * - * @return the CPE Analyzer. - * @deprecated the search field analyzer must be used to include the token concatenating filter. - */ - @Deprecated - private Analyzer createIndexingAnalyzer() { - final Map fieldAnalyzers = new HashMap(); - fieldAnalyzers.put(Fields.DOCUMENT_KEY, new KeywordAnalyzer()); - return new PerFieldAnalyzerWrapper(new FieldAnalyzer(LuceneUtils.CURRENT_VERSION), fieldAnalyzers); - } - /** * Creates an Analyzer for searching the CPE Index. * @@ -275,7 +262,8 @@ public final class CpeMemoryIndex { * @param maxQueryResults the maximum number of documents to return * @return the TopDocs found by the search * @throws ParseException thrown when the searchString is invalid - * @throws IOException is thrown if there is an issue with the underlying Index + * @throws IOException is thrown if there is an issue with the underlying + * Index */ public TopDocs search(String searchString, int maxQueryResults) throws ParseException, IOException { if (searchString == null || searchString.trim().isEmpty()) { diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/lucene/FieldAnalyzer.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/lucene/FieldAnalyzer.java index 534259f07..0736c9fb0 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/lucene/FieldAnalyzer.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/lucene/FieldAnalyzer.java @@ -34,7 +34,7 @@ import org.apache.lucene.util.Version; * index the CPE fields vendor and product.

* * @author Jeremy Long - * @Deprecated the field analyzer should not be used, instead use the + * @deprecated the field analyzer should not be used, instead use the * SearchFieldAnalyzer so that the token analyzing filter is used. */ @Deprecated diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/CveDB.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/CveDB.java index fc920956c..48388a983 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/CveDB.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/CveDB.java @@ -68,17 +68,16 @@ public class CveDB { private ResourceBundle statementBundle = null; /** - * Creates a new CveDB object and opens the database - * connection. Note, the connection must be closed by the caller by calling - * the close method. ======= Does the underlying connection support batch - * operations? + * Creates a new CveDB object and opens the database connection. Note, the + * connection must be closed by the caller by calling the close method. + * ======= Does the underlying connection support batch operations? */ private boolean batchSupported; /** * Creates a new CveDB object and opens the database connection. Note, the * connection must be closed by the caller by calling the close method. - * + * * @throws DatabaseException thrown if there is an exception opening the * database. */ diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/cpe/CPEHandler.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/cpe/CPEHandler.java index 24293b969..4c778e7b2 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/cpe/CPEHandler.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/cpe/CPEHandler.java @@ -43,9 +43,10 @@ public class CPEHandler extends DefaultHandler { /** * The Starts with expression to filter CVE entries by CPE. */ - private static final String CPE_STARTS_WITH = Settings.getString(Settings.KEYS.CVE_CPE_STARTS_WITH_FILTER,"cpe:/a:"); + private static final String CPE_STARTS_WITH = Settings.getString(Settings.KEYS.CVE_CPE_STARTS_WITH_FILTER, "cpe:/a:"); /** - * The text content of the node being processed. This can be used during the end element event. + * The text content of the node being processed. This can be used during the + * end element event. */ private StringBuilder nodeText = null; /** @@ -77,7 +78,8 @@ public class CPEHandler extends DefaultHandler { * @param localName the local name * @param qName the qualified name * @param attributes the attributes - * @throws SAXException thrown if there is an exception processing the element + * @throws SAXException thrown if there is an exception processing the + * element */ @Override public void startElement(String uri, String localName, String qName, Attributes attributes) throws SAXException { @@ -128,7 +130,8 @@ public class CPEHandler extends DefaultHandler { * @param ch the char array * @param start the start position of the data read * @param length the length of the data read - * @throws SAXException thrown if there is an exception processing the characters + * @throws SAXException thrown if there is an exception processing the + * characters */ @Override public void characters(char[] ch, int start, int length) throws SAXException { @@ -138,12 +141,14 @@ public class CPEHandler extends DefaultHandler { } /** - * Handles the end element event. Stores the CPE data in the Cve Database if the cpe item node is ending. + * Handles the end element event. Stores the CPE data in the Cve Database if + * the cpe item node is ending. * * @param uri the element's uri * @param localName the local name * @param qName the qualified name - * @throws SAXException thrown if there is an exception processing the element + * @throws SAXException thrown if there is an exception processing the + * element */ @Override public void endElement(String uri, String localName, String qName) throws SAXException { @@ -182,7 +187,8 @@ public class CPEHandler extends DefaultHandler { // /** - * A simple class to maintain information about the current element while parsing the CPE XML. + * A simple class to maintain information about the current element while + * parsing the CPE XML. */ protected static final class Element { diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/nvd/UpdateableNvdCve.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/nvd/UpdateableNvdCve.java index 0d5762708..6df4e5fa6 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/nvd/UpdateableNvdCve.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/nvd/UpdateableNvdCve.java @@ -36,6 +36,9 @@ import org.slf4j.LoggerFactory; */ public class UpdateableNvdCve implements Iterable, Iterator { + /** + * A reference to the logger. + */ private static final Logger LOGGER = LoggerFactory.getLogger(UpdateableNvdCve.class); /** * A collection of sources of data. diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/exception/ExceptionCollection.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/exception/ExceptionCollection.java index 1d7c65afc..4f5fe058a 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/exception/ExceptionCollection.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/exception/ExceptionCollection.java @@ -140,6 +140,7 @@ public class ExceptionCollection extends Exception { * Adds an exception to the collection. * * @param ex the exception to add + * @param fatal flag indicating if this is a fatal error */ public void addException(Throwable ex, boolean fatal) { addException(ex); @@ -153,7 +154,7 @@ public class ExceptionCollection extends Exception { private boolean fatal = false; /** - * Get the value of fatal + * Get the value of fatal. * * @return the value of fatal */ @@ -162,7 +163,7 @@ public class ExceptionCollection extends Exception { } /** - * Set the value of fatal + * Set the value of fatal. * * @param fatal new value of fatal */ diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/xml/hints/HintHandler.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/xml/hints/HintHandler.java index c5bd0f7b3..9634fb3d2 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/xml/hints/HintHandler.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/xml/hints/HintHandler.java @@ -197,11 +197,11 @@ public class HintHandler extends DefaultHandler { vendorDuplicatingHintRules.add(new VendorDuplicatingHintRule(attr.getValue(VALUE), attr.getValue(DUPLICATE))); } } - + /** * Handles the end element event. * - * @param uri the element's uri + * @param uri the element's URI * @param localName the local name * @param qName the qualified name * @throws SAXException thrown if there is an exception processing the diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/xml/hints/Hints.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/xml/hints/Hints.java index 0240d2fc1..34e465004 100644 --- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/xml/hints/Hints.java +++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/xml/hints/Hints.java @@ -32,7 +32,7 @@ public class Hints { private List hintRules; /** - * Get the value of hintRules + * Get the value of hintRules. * * @return the value of hintRules */ @@ -41,7 +41,7 @@ public class Hints { } /** - * Set the value of hintRules + * Set the value of hintRules. * * @param hintRules new value of hintRules */ @@ -55,7 +55,7 @@ public class Hints { private List vendorDuplicatingHintRules; /** - * Get the value of vendorDuplicatingHintRules + * Get the value of vendorDuplicatingHintRules. * * @return the value of vendorDuplicatingHintRules */ @@ -64,12 +64,11 @@ public class Hints { } /** - * Set the value of vendorDuplicatingHintRules + * Set the value of vendorDuplicatingHintRules. * * @param vendorDuplicatingHintRules new value of vendorDuplicatingHintRules */ public void setVendorDuplicatingHintRules(List vendorDuplicatingHintRules) { this.vendorDuplicatingHintRules = vendorDuplicatingHintRules; } - } diff --git a/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/AggregateMojo.java b/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/AggregateMojo.java index 4b1d35b42..d17854dd0 100644 --- a/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/AggregateMojo.java +++ b/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/AggregateMojo.java @@ -25,7 +25,6 @@ import java.util.HashSet; import java.util.List; import java.util.Locale; import java.util.Set; -import org.apache.maven.MavenExecutionException; import org.apache.maven.plugin.MojoExecutionException; import org.apache.maven.plugin.MojoFailureException; import org.apache.maven.plugins.annotations.LifecyclePhase; @@ -130,9 +129,9 @@ public class AggregateMojo extends BaseDependencyCheckMojo { try { writeReports(engine, current, outputDir); } catch (ReportException ex) { - ExceptionCollection exCol = (ExceptionCollection) engine.getExecutionRoot().getContextValue(AGGREGATE_EXCEPTIONS); + ExceptionCollection exCol = (ExceptionCollection) engine.getExecutionRoot().getContextValue(AGGREGATE_EXCEPTIONS); if (exCol == null) { - exCol = new ExceptionCollection("Error writing aggregate report",ex); + exCol = new ExceptionCollection("Error writing aggregate report", ex); } else { exCol.addException(ex); } diff --git a/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java b/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java index 8869a35ed..3df3f6d75 100644 --- a/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java +++ b/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java @@ -85,12 +85,13 @@ public abstract class BaseDependencyCheckMojo extends AbstractMojo implements Ma /** * Returns if the mojo should fail the build if an exception occurs. + * * @return whether or not the mojo should fail the build */ protected boolean isFailOnError() { return failOnError; } - + /** * The Maven Project Object. */ @@ -1079,8 +1080,8 @@ public abstract class BaseDependencyCheckMojo extends AbstractMojo implements Ma * scan data between the "check" and "aggregate" phase. * * @param project the Maven project to read the data file from - * @return a MavenEngine object populated with dependencies if the - * serialized data file exists; otherwise null is returned + * @return a MavenEngine object populated with dependencies if + * the serialized data file exists; otherwise null is returned */ protected List readDataFile(MavenProject project) { final Object oPath = project.getContextValue(this.getDataFileContextKey()); diff --git a/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/CheckMojo.java b/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/CheckMojo.java index 270ceba39..ccada1b5c 100644 --- a/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/CheckMojo.java +++ b/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/CheckMojo.java @@ -106,7 +106,7 @@ public class CheckMojo extends BaseDependencyCheckMojo { writeReports(engine, getProject(), getCorrectOutputDirectory()); } catch (ReportException ex) { if (this.isFailOnError()) { - if (exCol!= null) { + if (exCol != null) { exCol.addException(ex); } else { exCol = new ExceptionCollection("Unable to write the dependency-check report", ex); diff --git a/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/UpdateMojo.java b/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/UpdateMojo.java index 33f8f172d..bedb80a7c 100644 --- a/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/UpdateMojo.java +++ b/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/UpdateMojo.java @@ -111,5 +111,4 @@ public class UpdateMojo extends BaseDependencyCheckMojo { public String getDescription(Locale locale) { return "Updates the local cache of the NVD data from NIST."; } - }