From c622ff2b199eeea5de9c31cc1089f4e758a4c0d8 Mon Sep 17 00:00:00 2001
From: Jeremy Long <jeremy.long@gmail.com>
Date: Sun, 2 Apr 2017 08:16:21 -0400
Subject: [PATCH 1/3] converted to using jacoco for code coverage

---
 build-reporting/pom.xml                       |  72 ++++++++++++
 dependency-check-ant/pom.xml                  |  42 -------
 dependency-check-cli/pom.xml                  |  56 ----------
 dependency-check-core/pom.xml                 | 105 +-----------------
 ...gineIntegrationTest.java => EngineIT.java} |   3 +-
 ...rationTest.java => ArchiveAnalyzerIT.java} |   2 +-
 ...ntegrationTest.java => CPEAnalyzerIT.java} |   4 +-
 ...java => DependencyBundlingAnalyzerIT.java} |   2 +-
 ...> VulnerabilitySuppressionAnalyzerIT.java} |   4 +-
 ...CveDBIntegrationTest.java => CveDBIT.java} |  17 ++-
 ...{CveDBMySQLTest.java => CveDBMySqlIT.java} |   4 +-
 ...ionTest.java => DatabasePropertiesIT.java} |   5 +-
 ...egrationTest.java => NvdCveUpdaterIT.java} |   4 +-
 ...rationTest.java => ReportGeneratorIT.java} |   3 +-
 dependency-check-maven/pom.xml                |  17 ---
 dependency-check-utils/pom.xml                |  57 +---------
 ...IntegrationTest.java => DownloaderIT.java} |   3 +-
 pom.xml                                       |  69 ++++++++++--
 18 files changed, 173 insertions(+), 296 deletions(-)
 create mode 100644 build-reporting/pom.xml
 rename dependency-check-core/src/test/java/org/owasp/dependencycheck/{EngineIntegrationTest.java => EngineIT.java} (97%)
 rename dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/{ArchiveAnalyzerIntegrationTest.java => ArchiveAnalyzerIT.java} (99%)
 rename dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/{CPEAnalyzerIntegrationTest.java => CPEAnalyzerIT.java} (98%)
 rename dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/{DependencyBundlingAnalyzerIntegrationTest.java => DependencyBundlingAnalyzerIT.java} (97%)
 rename dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/{VulnerabilitySuppressionAnalyzerIntegrationTest.java => VulnerabilitySuppressionAnalyzerIT.java} (96%)
 rename dependency-check-core/src/test/java/org/owasp/dependencycheck/data/nvdcve/{CveDBIntegrationTest.java => CveDBIT.java} (90%)
 rename dependency-check-core/src/test/java/org/owasp/dependencycheck/data/nvdcve/{CveDBMySQLTest.java => CveDBMySqlIT.java} (94%)
 rename dependency-check-core/src/test/java/org/owasp/dependencycheck/data/nvdcve/{DatabasePropertiesIntegrationTest.java => DatabasePropertiesIT.java} (94%)
 rename dependency-check-core/src/test/java/org/owasp/dependencycheck/data/update/{NvdCveUpdaterIntegrationTest.java => NvdCveUpdaterIT.java} (93%)
 rename dependency-check-core/src/test/java/org/owasp/dependencycheck/reporting/{ReportGeneratorIntegrationTest.java => ReportGeneratorIT.java} (98%)
 rename dependency-check-utils/src/test/java/org/owasp/dependencycheck/utils/{DownloaderIntegrationTest.java => DownloaderIT.java} (95%)

diff --git a/build-reporting/pom.xml b/build-reporting/pom.xml
new file mode 100644
index 000000000..ad3943d9c
--- /dev/null
+++ b/build-reporting/pom.xml
@@ -0,0 +1,72 @@
+<!--
+This file is part of dependency-check build-reporting.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+Copyright (c) 2017 - Jeremy Long. All Rights Reserved.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <parent>
+        <groupId>org.owasp</groupId>
+        <artifactId>dependency-check-parent</artifactId>
+        <version>1.4.6-SNAPSHOT</version>
+    </parent>
+
+    <artifactId>build-reporting</artifactId>
+    
+    <dependencies>
+        <dependency>
+            <groupId>org.owasp</groupId>
+            <artifactId>dependency-check-utils</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.owasp</groupId>
+            <artifactId>dependency-check-core</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.owasp</groupId>
+            <artifactId>dependency-check-ant</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.owasp</groupId>
+            <artifactId>dependency-check-cli</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.owasp</groupId>
+            <artifactId>dependency-check-maven</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+    </dependencies>
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.jacoco</groupId>
+                <artifactId>jacoco-maven-plugin</artifactId>
+                <executions>
+                    <execution>
+                        <id>report-aggregate</id>
+                        <phase>verify</phase>
+                        <goals>
+                            <goal>report-aggregate</goal>
+                        </goals>
+                    </execution>
+                </executions>
+            </plugin>
+        </plugins>
+    </build>
+</project>
diff --git a/dependency-check-ant/pom.xml b/dependency-check-ant/pom.xml
index c3504b6e2..9c7962954 100644
--- a/dependency-check-ant/pom.xml
+++ b/dependency-check-ant/pom.xml
@@ -223,48 +223,6 @@ Copyright (c) 2013 - Jeremy Long. All Rights Reserved.
                     </execution>
                 </executions>
             </plugin>
-            <plugin>
-                <groupId>org.codehaus.mojo</groupId>
-                <artifactId>cobertura-maven-plugin</artifactId>
-                <configuration>
-                    <check>
-                        <branchRate>85</branchRate>
-                        <lineRate>85</lineRate>
-                        <haltOnFailure>false</haltOnFailure>
-                        <totalBranchRate>85</totalBranchRate>
-                        <totalLineRate>85</totalLineRate>
-                        <packageLineRate>85</packageLineRate>
-                        <packageBranchRate>85</packageBranchRate>
-                        <regexes>
-                            <regex>
-                                <pattern>.*\$.*</pattern>
-                                <branchRate>0</branchRate>
-                                <lineRate>0</lineRate>
-                            </regex>
-                        </regexes>
-                    </check>
-                </configuration>
-                <executions>
-                    <execution>
-                        <goals>
-                            <goal>clean</goal>
-                        </goals>
-                    </execution>
-                </executions>
-            </plugin>
-            <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-surefire-plugin</artifactId>
-                <configuration>
-                    <argLine>-Dfile.encoding=UTF-8</argLine>
-                    <systemProperties>
-                        <property>
-                            <name>data.directory</name>
-                            <value>${project.build.directory}/dependency-check-data</value>
-                        </property>
-                    </systemProperties>
-                </configuration>
-            </plugin>
         </plugins>
     </build>
     <reporting>
diff --git a/dependency-check-cli/pom.xml b/dependency-check-cli/pom.xml
index e62681f64..a1d13d0c2 100644
--- a/dependency-check-cli/pom.xml
+++ b/dependency-check-cli/pom.xml
@@ -69,62 +69,6 @@ Copyright (c) 2012 - Jeremy Long. All Rights Reserved.
                     </archive>
                 </configuration>
             </plugin>
-            <plugin>
-                <groupId>org.codehaus.mojo</groupId>
-                <artifactId>cobertura-maven-plugin</artifactId>
-                <configuration>
-                    <!--instrumentation>
-                        <ignoreTrivial>true</ignoreTrivial>
-                    </instrumentation-->
-                    <check>
-                        <branchRate>85</branchRate>
-                        <lineRate>85</lineRate>
-                        <haltOnFailure>false</haltOnFailure>
-                        <totalBranchRate>85</totalBranchRate>
-                        <totalLineRate>85</totalLineRate>
-                        <packageLineRate>85</packageLineRate>
-                        <packageBranchRate>85</packageBranchRate>
-                        <regexes>
-                            <regex>
-                                <pattern>.*\$.*</pattern>
-                                <branchRate>0</branchRate>
-                                <lineRate>0</lineRate>
-                            </regex>
-                            <regex>
-                                <pattern>org.owasp.dependencycheck.App</pattern>
-                                <branchRate>0</branchRate>
-                                <lineRate>0</lineRate>
-                            </regex>
-                        </regexes>
-                    </check>
-                </configuration>
-                <executions>
-                    <execution>
-                        <goals>
-                            <goal>clean</goal>
-                        </goals>
-                    </execution>
-                </executions>
-            </plugin>
-            <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-surefire-plugin</artifactId>
-                <configuration>
-                    <argLine>-Dfile.encoding=UTF-8</argLine>
-                    <systemProperties>
-                        <property>
-                            <name>cpe</name>
-                            <value>data/cpe</value>
-                            <workingDirectory>target</workingDirectory>
-                        </property>
-                        <property>
-                            <name>cve</name>
-                            <value>data/cpe</value>
-                            <workingDirectory>target</workingDirectory>
-                        </property>
-                    </systemProperties>
-                </configuration>
-            </plugin>
             <plugin>
                 <groupId>org.codehaus.mojo</groupId>
                 <artifactId>appassembler-maven-plugin</artifactId>
diff --git a/dependency-check-core/pom.xml b/dependency-check-core/pom.xml
index dc7590c6c..7cb0cee7f 100644
--- a/dependency-check-core/pom.xml
+++ b/dependency-check-core/pom.xml
@@ -121,93 +121,6 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
                     </execution>
                 </executions>
             </plugin>
-            <plugin>
-                <groupId>org.codehaus.mojo</groupId>
-                <artifactId>cobertura-maven-plugin</artifactId>
-                <configuration>
-                    <instrumentation>
-                        <!--ignoreTrivial>true</ignoreTrivial-->
-                        <ignores>
-                            <ignore>.*\$KEYS\.class</ignore>
-                            <ignore>.*\$Element\.class</ignore>
-                        </ignores>
-                        <excludes>
-                            <exclude>.*\$KEYS\.class</exclude>
-                            <exclude>.*\$Element\.class</exclude>
-                        </excludes>
-                    </instrumentation>
-                    <check>
-                        <branchRate>85</branchRate>
-                        <lineRate>85</lineRate>
-                        <haltOnFailure>false</haltOnFailure>
-                        <totalBranchRate>85</totalBranchRate>
-                        <totalLineRate>85</totalLineRate>
-                        <packageLineRate>85</packageLineRate>
-                        <packageBranchRate>85</packageBranchRate>
-                        <regexes>
-                            <regex>
-                                <pattern>.*\$.*</pattern>
-                                <branchRate>0</branchRate>
-                                <lineRate>0</lineRate>
-                            </regex>
-                            <regex>
-                                <pattern>org.owasp.dependencycheck.data.cpe.Fields</pattern>
-                                <branchRate>0</branchRate>
-                                <lineRate>0</lineRate>
-                            </regex>
-                            <regex>
-                                <pattern>org.owasp.dependencycheck.App</pattern>
-                                <branchRate>0</branchRate>
-                                <lineRate>0</lineRate>
-                            </regex>
-                        </regexes>
-                    </check>
-                </configuration>
-                <executions>
-                    <execution>
-                        <goals>
-                            <goal>clean</goal>
-                        </goals>
-                    </execution>
-                </executions>
-            </plugin>
-            <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-surefire-plugin</artifactId>
-                <configuration>
-                    <argLine>-Dfile.encoding=UTF-8</argLine>
-                    <systemProperties>
-                        <property>
-                            <name>data.directory</name>
-                            <value>${project.build.directory}/data</value>
-                        </property>
-                        <property>
-                            <name>temp.directory</name>
-                            <value>${project.build.directory}/temp</value>
-                        </property>
-                    </systemProperties>
-                    <excludes>
-                        <exclude>**/*IntegrationTest.java</exclude>
-                        <exclude>**/*MySQLTest.java</exclude>
-                    </excludes>
-                </configuration>
-            </plugin>
-            <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-failsafe-plugin</artifactId>
-                <configuration>
-                    <systemProperties>
-                        <property>
-                            <name>data.directory</name>
-                            <value>${project.build.directory}/data</value>
-                        </property>
-                        <property>
-                            <name>temp.directory</name>
-                            <value>${project.build.directory}/temp</value>
-                        </property>
-                    </systemProperties>
-                </configuration>
-            </plugin>
         </plugins>
     </build>
     <reporting>
@@ -481,13 +394,6 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
             </activation>
             <build>
                 <plugins>
-                    <plugin>
-                        <groupId>org.apache.maven.plugins</groupId>
-                        <artifactId>maven-surefire-plugin</artifactId>
-                        <configuration>
-                            <skip>true</skip>
-                        </configuration>
-                    </plugin>
                     <plugin>
                         <groupId>org.apache.maven.plugins</groupId>
                         <artifactId>maven-failsafe-plugin</artifactId>
@@ -507,7 +413,7 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
                                 </property>
                             </systemProperties>
                             <includes>
-                                <include>**/*MySQLTest.java</include>
+                                <include>**/*MySqlIT.java</include>
                             </includes>
                         </configuration>
                         <executions>
@@ -538,13 +444,6 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
             </dependencies>
             <build>
                 <plugins>
-                    <plugin>
-                        <groupId>org.apache.maven.plugins</groupId>
-                        <artifactId>maven-surefire-plugin</artifactId>
-                        <configuration>
-                            <skip>true</skip>
-                        </configuration>
-                    </plugin>
                     <plugin>
                         <groupId>org.apache.maven.plugins</groupId>
                         <artifactId>maven-failsafe-plugin</artifactId>
@@ -564,7 +463,7 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
                                 </property>
                             </systemProperties>
                             <includes>
-                                <include>**/*MySQLTest.java</include>
+                                <include>**/*MySqlIT.java</include>
                             </includes>
                         </configuration>
                         <executions>
diff --git a/dependency-check-core/src/test/java/org/owasp/dependencycheck/EngineIntegrationTest.java b/dependency-check-core/src/test/java/org/owasp/dependencycheck/EngineIT.java
similarity index 97%
rename from dependency-check-core/src/test/java/org/owasp/dependencycheck/EngineIntegrationTest.java
rename to dependency-check-core/src/test/java/org/owasp/dependencycheck/EngineIT.java
index 5a78871c1..774748e78 100644
--- a/dependency-check-core/src/test/java/org/owasp/dependencycheck/EngineIntegrationTest.java
+++ b/dependency-check-core/src/test/java/org/owasp/dependencycheck/EngineIT.java
@@ -29,12 +29,13 @@ import org.owasp.dependencycheck.exception.ReportException;
 import org.owasp.dependencycheck.reporting.ReportGenerator;
 import org.owasp.dependencycheck.utils.InvalidSettingException;
 import org.owasp.dependencycheck.utils.Settings;
+import static org.junit.Assert.assertTrue;
 
 /**
  *
  * @author Jeremy Long
  */
-public class EngineIntegrationTest extends BaseDBTestCase {
+public class EngineIT extends BaseDBTestCase {
 
     /**
      * Test running the entire engine.
diff --git a/dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/ArchiveAnalyzerIntegrationTest.java b/dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/ArchiveAnalyzerIT.java
similarity index 99%
rename from dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/ArchiveAnalyzerIntegrationTest.java
rename to dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/ArchiveAnalyzerIT.java
index 12fcd195f..a80e845bd 100644
--- a/dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/ArchiveAnalyzerIntegrationTest.java
+++ b/dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/ArchiveAnalyzerIT.java
@@ -33,7 +33,7 @@ import org.owasp.dependencycheck.utils.Settings;
  *
  * @author Jeremy Long
  */
-public class ArchiveAnalyzerIntegrationTest extends BaseDBTestCase {
+public class ArchiveAnalyzerIT extends BaseDBTestCase {
 
     /**
      * Test of getSupportedExtensions method, of class ArchiveAnalyzer.
diff --git a/dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/CPEAnalyzerIntegrationTest.java b/dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/CPEAnalyzerIT.java
similarity index 98%
rename from dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/CPEAnalyzerIntegrationTest.java
rename to dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/CPEAnalyzerIT.java
index e26d825a3..562a5bff3 100644
--- a/dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/CPEAnalyzerIntegrationTest.java
+++ b/dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/CPEAnalyzerIT.java
@@ -34,12 +34,14 @@ import org.owasp.dependencycheck.data.cpe.IndexEntry;
 import org.owasp.dependencycheck.dependency.Confidence;
 import org.owasp.dependencycheck.dependency.Dependency;
 import org.owasp.dependencycheck.dependency.Identifier;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
 
 /**
  *
  * @author Jeremy Long
  */
-public class CPEAnalyzerIntegrationTest extends BaseDBTestCase {
+public class CPEAnalyzerIT extends BaseDBTestCase {
 
     /**
      * Tests of buildSearch of class CPEAnalyzer.
diff --git a/dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/DependencyBundlingAnalyzerIntegrationTest.java b/dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/DependencyBundlingAnalyzerIT.java
similarity index 97%
rename from dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/DependencyBundlingAnalyzerIntegrationTest.java
rename to dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/DependencyBundlingAnalyzerIT.java
index 69e93e458..3378cf94a 100644
--- a/dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/DependencyBundlingAnalyzerIntegrationTest.java
+++ b/dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/DependencyBundlingAnalyzerIT.java
@@ -24,7 +24,7 @@ import org.owasp.dependencycheck.BaseDBTestCase;
  *
  * @author Jeremy Long
  */
-public class DependencyBundlingAnalyzerIntegrationTest extends BaseDBTestCase {
+public class DependencyBundlingAnalyzerIT extends BaseDBTestCase {
 
     /**
      * Test of analyze method, of class DependencyBundlingAnalyzer.
diff --git a/dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/VulnerabilitySuppressionAnalyzerIntegrationTest.java b/dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/VulnerabilitySuppressionAnalyzerIT.java
similarity index 96%
rename from dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/VulnerabilitySuppressionAnalyzerIntegrationTest.java
rename to dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/VulnerabilitySuppressionAnalyzerIT.java
index 172418c49..807a84666 100644
--- a/dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/VulnerabilitySuppressionAnalyzerIntegrationTest.java
+++ b/dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/VulnerabilitySuppressionAnalyzerIT.java
@@ -26,13 +26,15 @@ import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.Engine;
 import org.owasp.dependencycheck.dependency.Dependency;
 import org.owasp.dependencycheck.utils.Settings;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
 
 /**
  * Testing the vulnerability suppression analyzer.
  *
  * @author Jeremy Long
  */
-public class VulnerabilitySuppressionAnalyzerIntegrationTest extends BaseDBTestCase {
+public class VulnerabilitySuppressionAnalyzerIT extends BaseDBTestCase {
 
     /**
      * Test of getName method, of class VulnerabilitySuppressionAnalyzer.
diff --git a/dependency-check-core/src/test/java/org/owasp/dependencycheck/data/nvdcve/CveDBIntegrationTest.java b/dependency-check-core/src/test/java/org/owasp/dependencycheck/data/nvdcve/CveDBIT.java
similarity index 90%
rename from dependency-check-core/src/test/java/org/owasp/dependencycheck/data/nvdcve/CveDBIntegrationTest.java
rename to dependency-check-core/src/test/java/org/owasp/dependencycheck/data/nvdcve/CveDBIT.java
index 54ad59c88..d73942304 100644
--- a/dependency-check-core/src/test/java/org/owasp/dependencycheck/data/nvdcve/CveDBIntegrationTest.java
+++ b/dependency-check-core/src/test/java/org/owasp/dependencycheck/data/nvdcve/CveDBIT.java
@@ -33,12 +33,27 @@ import static org.junit.Assert.assertNotNull;
 import static org.junit.Assert.assertNull;
 import static org.junit.Assert.assertTrue;
 import static org.junit.Assert.fail;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
 
 /**
  *
  * @author Jeremy Long
  */
-public class CveDBIntegrationTest extends BaseDBTestCase {
+public class CveDBIT extends BaseDBTestCase {
 
     /**
      * Pretty useless tests of open, commit, and close methods, of class CveDB.
diff --git a/dependency-check-core/src/test/java/org/owasp/dependencycheck/data/nvdcve/CveDBMySQLTest.java b/dependency-check-core/src/test/java/org/owasp/dependencycheck/data/nvdcve/CveDBMySqlIT.java
similarity index 94%
rename from dependency-check-core/src/test/java/org/owasp/dependencycheck/data/nvdcve/CveDBMySQLTest.java
rename to dependency-check-core/src/test/java/org/owasp/dependencycheck/data/nvdcve/CveDBMySqlIT.java
index a27ef0191..04bb6af5e 100644
--- a/dependency-check-core/src/test/java/org/owasp/dependencycheck/data/nvdcve/CveDBMySQLTest.java
+++ b/dependency-check-core/src/test/java/org/owasp/dependencycheck/data/nvdcve/CveDBMySqlIT.java
@@ -27,12 +27,14 @@ import org.junit.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.dependency.Vulnerability;
 import org.owasp.dependencycheck.dependency.VulnerableSoftware;
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
 
 /**
  *
  * @author Jeremy Long
  */
-public class CveDBMySQLTest extends BaseTest {
+public class CveDBMySqlIT extends BaseTest {
 
     /**
      * Test of getCPEs method, of class CveDB.
diff --git a/dependency-check-core/src/test/java/org/owasp/dependencycheck/data/nvdcve/DatabasePropertiesIntegrationTest.java b/dependency-check-core/src/test/java/org/owasp/dependencycheck/data/nvdcve/DatabasePropertiesIT.java
similarity index 94%
rename from dependency-check-core/src/test/java/org/owasp/dependencycheck/data/nvdcve/DatabasePropertiesIntegrationTest.java
rename to dependency-check-core/src/test/java/org/owasp/dependencycheck/data/nvdcve/DatabasePropertiesIT.java
index 6c6af8bcf..5243018c4 100644
--- a/dependency-check-core/src/test/java/org/owasp/dependencycheck/data/nvdcve/DatabasePropertiesIntegrationTest.java
+++ b/dependency-check-core/src/test/java/org/owasp/dependencycheck/data/nvdcve/DatabasePropertiesIT.java
@@ -24,12 +24,15 @@ import static org.junit.Assert.assertNotNull;
 import static org.junit.Assert.assertTrue;
 import org.junit.Test;
 import org.owasp.dependencycheck.data.update.nvd.NvdCveInfo;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
 
 /**
  *
  * @author Jeremy Long
  */
-public class DatabasePropertiesIntegrationTest extends BaseDBTestCase {
+public class DatabasePropertiesIT extends BaseDBTestCase {
 
     /**
      * Test of isEmpty method, of class DatabaseProperties.
diff --git a/dependency-check-core/src/test/java/org/owasp/dependencycheck/data/update/NvdCveUpdaterIntegrationTest.java b/dependency-check-core/src/test/java/org/owasp/dependencycheck/data/update/NvdCveUpdaterIT.java
similarity index 93%
rename from dependency-check-core/src/test/java/org/owasp/dependencycheck/data/update/NvdCveUpdaterIntegrationTest.java
rename to dependency-check-core/src/test/java/org/owasp/dependencycheck/data/update/NvdCveUpdaterIT.java
index d2305a956..3211ff214 100644
--- a/dependency-check-core/src/test/java/org/owasp/dependencycheck/data/update/NvdCveUpdaterIntegrationTest.java
+++ b/dependency-check-core/src/test/java/org/owasp/dependencycheck/data/update/NvdCveUpdaterIT.java
@@ -23,12 +23,14 @@ import org.junit.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.data.update.exception.UpdateException;
 import org.owasp.dependencycheck.data.update.nvd.UpdateableNvdCve;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.fail;
 
 /**
  *
  * @author Jeremy Long
  */
-public class NvdCveUpdaterIntegrationTest extends BaseTest {
+public class NvdCveUpdaterIT extends BaseTest {
 
     public NvdCveUpdater getUpdater() {
         NvdCveUpdater instance = new NvdCveUpdater();
diff --git a/dependency-check-core/src/test/java/org/owasp/dependencycheck/reporting/ReportGeneratorIntegrationTest.java b/dependency-check-core/src/test/java/org/owasp/dependencycheck/reporting/ReportGeneratorIT.java
similarity index 98%
rename from dependency-check-core/src/test/java/org/owasp/dependencycheck/reporting/ReportGeneratorIntegrationTest.java
rename to dependency-check-core/src/test/java/org/owasp/dependencycheck/reporting/ReportGeneratorIT.java
index f379d332d..af638db7d 100644
--- a/dependency-check-core/src/test/java/org/owasp/dependencycheck/reporting/ReportGeneratorIntegrationTest.java
+++ b/dependency-check-core/src/test/java/org/owasp/dependencycheck/reporting/ReportGeneratorIT.java
@@ -39,12 +39,13 @@ import org.owasp.dependencycheck.exception.ReportException;
 import org.owasp.dependencycheck.utils.InvalidSettingException;
 import org.owasp.dependencycheck.utils.Settings;
 import org.xml.sax.SAXException;
+import static org.junit.Assert.fail;
 
 /**
  *
  * @author Jeremy Long
  */
-public class ReportGeneratorIntegrationTest extends BaseDBTestCase {
+public class ReportGeneratorIT extends BaseDBTestCase {
 
     /**
      * Test of generateReport method, of class ReportGenerator.
diff --git a/dependency-check-maven/pom.xml b/dependency-check-maven/pom.xml
index 498bdcb94..7acd5269f 100644
--- a/dependency-check-maven/pom.xml
+++ b/dependency-check-maven/pom.xml
@@ -85,23 +85,6 @@ Copyright (c) 2013 Jeremy Long. All Rights Reserved.
                     </execution>
                 </executions>
             </plugin>
-            <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-surefire-plugin</artifactId>
-                <configuration>
-                    <argLine>-Dfile.encoding=UTF-8</argLine>
-                    <systemProperties>
-                        <property>
-                            <name>data.directory</name>
-                            <value>${project.build.directory}/dependency-check-data</value>
-                        </property>
-                        <property>
-                            <name>temp.directory</name>
-                            <value>${project.build.directory}/temp</value>
-                        </property>
-                    </systemProperties>
-                </configuration>
-            </plugin>
             <plugin>
                 <inherited>true</inherited>
                 <groupId>org.apache.maven.plugins</groupId>
diff --git a/dependency-check-utils/pom.xml b/dependency-check-utils/pom.xml
index da6abef71..035222a77 100644
--- a/dependency-check-utils/pom.xml
+++ b/dependency-check-utils/pom.xml
@@ -41,62 +41,7 @@ Copyright (c) 2014 - Jeremy Long. All Rights Reserved.
     </properties>
     <build>
         <plugins>
-            <plugin>
-                <groupId>org.codehaus.mojo</groupId>
-                <artifactId>cobertura-maven-plugin</artifactId>
-                <configuration>
-                    <!--instrumentation>
-                        <ignoreTrivial>true</ignoreTrivial>
-                    </instrumentation-->
-                    <check>
-                        <branchRate>85</branchRate>
-                        <lineRate>85</lineRate>
-                        <haltOnFailure>false</haltOnFailure>
-                        <totalBranchRate>85</totalBranchRate>
-                        <totalLineRate>85</totalLineRate>
-                        <packageLineRate>85</packageLineRate>
-                        <packageBranchRate>85</packageBranchRate>
-                        <regexes>
-                            <regex>
-                                <pattern>.*\$.*</pattern>
-                                <branchRate>0</branchRate>
-                                <lineRate>0</lineRate>
-                            </regex>
-                        </regexes>
-                    </check>
-                </configuration>
-                <executions>
-                    <execution>
-                        <goals>
-                            <goal>clean</goal>
-                        </goals>
-                    </execution>
-                </executions>
-            </plugin>
-            <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-surefire-plugin</artifactId>
-                <configuration>
-                    <argLine>-Dfile.encoding=UTF-8</argLine>
-                    <systemProperties>
-                        <property>
-                            <name>data.directory</name>
-                            <value>${project.build.directory}/data</value>
-                        </property>
-                        <property>
-                            <name>temp.directory</name>
-                            <value>${project.build.directory}/temp</value>
-                        </property>
-                    </systemProperties>
-                    <excludes>
-                        <exclude>**/*IntegrationTest.java</exclude>
-                    </excludes>
-                </configuration>
-            </plugin>
-            <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-failsafe-plugin</artifactId>
-            </plugin>
+            
         </plugins>
     </build>
     <reporting>
diff --git a/dependency-check-utils/src/test/java/org/owasp/dependencycheck/utils/DownloaderIntegrationTest.java b/dependency-check-utils/src/test/java/org/owasp/dependencycheck/utils/DownloaderIT.java
similarity index 95%
rename from dependency-check-utils/src/test/java/org/owasp/dependencycheck/utils/DownloaderIntegrationTest.java
rename to dependency-check-utils/src/test/java/org/owasp/dependencycheck/utils/DownloaderIT.java
index 7e9e39309..a181249f6 100644
--- a/dependency-check-utils/src/test/java/org/owasp/dependencycheck/utils/DownloaderIntegrationTest.java
+++ b/dependency-check-utils/src/test/java/org/owasp/dependencycheck/utils/DownloaderIT.java
@@ -21,12 +21,13 @@ import java.io.File;
 import java.net.URL;
 import static org.junit.Assert.assertTrue;
 import org.junit.Test;
+import static org.junit.Assert.assertTrue;
 
 /**
  *
  * @author Jeremy Long
  */
-public class DownloaderIntegrationTest extends BaseTest {
+public class DownloaderIT extends BaseTest {
 
     /**
      * Test of fetchFile method, of class Downloader.
diff --git a/pom.xml b/pom.xml
index 8698773ce..36d31223b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -30,6 +30,7 @@ Copyright (c) 2012 - Jeremy Long
         <module>dependency-check-maven</module>
         <module>dependency-check-utils</module>
         <module>dependency-check-plugin</module>
+        <module>build-reporting</module>
     </modules>
     <name>Dependency-Check</name>
     <url>https://github.com/jeremylong/DependencyCheck.git</url>
@@ -132,7 +133,6 @@ Copyright (c) 2012 - Jeremy Long
         <!-- Note that Maven will use classes from the distro, ignoring declared dependencies for Maven core... -->
         <maven.api.version>3.0</maven.api.version>
         <reporting.checkstyle-plugin.version>2.17</reporting.checkstyle-plugin.version>
-        <reporting.cobertura-plugin.version>2.7</reporting.cobertura-plugin.version>
         <reporting.pmd-plugin.version>3.6</reporting.pmd-plugin.version>
     </properties>
     <distributionManagement>
@@ -162,9 +162,9 @@ Copyright (c) 2012 - Jeremy Long
                     <version>1.10</version>
                 </plugin>
                 <plugin>
-                    <groupId>org.codehaus.mojo</groupId>
-                    <artifactId>cobertura-maven-plugin</artifactId>
-                    <version>2.7</version>
+                    <groupId>org.jacoco</groupId>
+                    <artifactId>jacoco-maven-plugin</artifactId>
+                    <version>0.7.9</version>
                 </plugin>
                 <plugin>
                     <groupId>org.apache.maven.plugins</groupId>
@@ -278,19 +278,64 @@ Copyright (c) 2012 - Jeremy Long
                     </excludes>
                 </configuration>
             </plugin>
+            <plugin>
+                <groupId>org.jacoco</groupId>
+                <artifactId>jacoco-maven-plugin</artifactId>
+                <executions>
+                    <execution>
+                        <id>pre-unit-test</id>
+                        <goals>
+                            <goal>prepare-agent</goal>
+                        </goals>
+                        <configuration>
+                            <!--destFile>${project.build.directory}/coverage-reports/jacoco-ut.exec</destFile-->
+                            <propertyName>surefireArgLine</propertyName>
+                        </configuration>
+                    </execution>
+                    <execution>
+                        <id>pre-integration-test</id>
+                        <phase>pre-integration-test</phase>
+                        <goals>
+                            <goal>prepare-agent</goal>
+                        </goals>
+                        <configuration>
+                            <!--destFile>${project.build.directory}/coverage-reports/jacoco-it.exec</destFile-->
+                            <propertyName>failsafeArgLine</propertyName>
+                        </configuration>
+                    </execution>
+                </executions>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-surefire-plugin</artifactId>
+                <configuration>
+                    <argLine>${surefireArgLine} -Dfile.encoding=UTF-8</argLine>
+                    <systemProperties>
+                        <property>
+                            <name>data.directory</name>
+                            <value>${project.build.directory}/data</value>
+                        </property>
+                        <property>
+                            <name>temp.directory</name>
+                            <value>${project.build.directory}/temp</value>
+                        </property>
+                    </systemProperties>
+                    <excludes>
+                        <exclude>**/*MySqlIT.java</exclude>
+                    </excludes>
+                </configuration>
+            </plugin>
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-failsafe-plugin</artifactId>
                 <configuration>
+                    <argLine>${failsafeArgLine}</argLine>
                     <systemProperties>
                         <property>
                             <name>temp.directory</name>
                             <value>${project.build.directory}/temp</value>
                         </property>
                     </systemProperties>
-                    <includes>
-                        <include>**/*IntegrationTest.java</include>
-                    </includes>
                 </configuration>
                 <executions>
                     <execution>
@@ -529,13 +574,15 @@ Copyright (c) 2012 - Jeremy Long
                 </reportSets>
             </plugin>
             <plugin>
-                <groupId>org.codehaus.mojo</groupId>
-                <artifactId>cobertura-maven-plugin</artifactId>
-                <version>${reporting.cobertura-plugin.version}</version>
+                <groupId>org.jacoco</groupId>
+                <artifactId>jacoco-maven-plugin</artifactId>
+                <version>0.7.9</version>
+                <configuration>
+                </configuration>
                 <reportSets>
                     <reportSet>
                         <reports>
-                            <report>cobertura</report>
+                            <report>report-aggregate</report>
                         </reports>
                     </reportSet>
                 </reportSets>

From 567022a9b7c3ed20a1429f5af7fc50d5c86d8559 Mon Sep 17 00:00:00 2001
From: Jeremy Long <jeremy.long@gmail.com>
Date: Wed, 3 May 2017 06:28:30 -0400
Subject: [PATCH 2/3] updated so that jacoco results can be sent to codacy

---
 .travis.yml                                 | 10 +++++++
 build-reporting/pom.xml                     | 10 ++++++-
 build-reporting/src/site/markdown/index.md  |  5 ++++
 build-reporting/src/site/site.xml           | 32 +++++++++++++++++++++
 src/site/markdown/jacoco-aggregate/index.md |  2 ++
 5 files changed, 58 insertions(+), 1 deletion(-)
 create mode 100644 build-reporting/src/site/markdown/index.md
 create mode 100644 build-reporting/src/site/site.xml
 create mode 100644 src/site/markdown/jacoco-aggregate/index.md

diff --git a/.travis.yml b/.travis.yml
index 7e2ab77cf..75e4c7e78 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,3 +1,13 @@
 language: java
 jdk: oraclejdk7
 script: mvn install -DreleaseTesting
+env:
+  global:
+    secure: ZUzhWfpXJw/oAeDlUkDFkEJMT0T7kCN3d7ah8urkL2B0KFfKOqQagkbXkgvDa1SYud8VdcnoGa69LfkEr5IrdqW7R4bEYZAiN5swm4Z0iO8t53szVspm2f+O9jQ44O/sfOfpfLxWUUuhdc7Vbrszp+tSszxdPmssWL+f5a/mfWs=
+
+before_install:
+  - sudo apt-get install jq
+  - wget -O ~/codacy-coverage-reporter-assembly-latest.jar $(curl https://api.github.com/repos/codacy/codacy-coverage-reporter/releases/latest | jq -r .assets[0].browser_download_url)
+
+after_success:
+  - java -cp ~/codacy-coverage-reporter-assembly-latest.jar com.codacy.CodacyCoverageReporter -l Java -r build-reporting/target/site/jacoco-aggregate/jacoco.xml
diff --git a/build-reporting/pom.xml b/build-reporting/pom.xml
index ad3943d9c..d77663e2d 100644
--- a/build-reporting/pom.xml
+++ b/build-reporting/pom.xml
@@ -24,7 +24,15 @@ Copyright (c) 2017 - Jeremy Long. All Rights Reserved.
     </parent>
 
     <artifactId>build-reporting</artifactId>
-    
+    <!-- begin copy from http://minds.coremedia.com/2012/09/11/problem-solved-deploy-multi-module-maven-project-site-as-github-pages/ -->
+    <distributionManagement>
+        <site>
+            <id>github-pages-site</id>
+            <name>Deployment through GitHub's site deployment plugin</name>
+            <url>${basedir}/../target/site/${project.version}/build-reporting</url>
+        </site>
+    </distributionManagement>
+    <!-- end copy -->
     <dependencies>
         <dependency>
             <groupId>org.owasp</groupId>
diff --git a/build-reporting/src/site/markdown/index.md b/build-reporting/src/site/markdown/index.md
new file mode 100644
index 000000000..1a2e3d771
--- /dev/null
+++ b/build-reporting/src/site/markdown/index.md
@@ -0,0 +1,5 @@
+About
+=====
+OWASP dependency-check build reporting is used to aggregate jacoco test coverage results
+so that they can be posted to [Codacy](https://www.codacy.com/app/OWASP_Reviews/DependencyCheck/dashboard)
+to track code coverage.
\ No newline at end of file
diff --git a/build-reporting/src/site/site.xml b/build-reporting/src/site/site.xml
new file mode 100644
index 000000000..9304ea3c4
--- /dev/null
+++ b/build-reporting/src/site/site.xml
@@ -0,0 +1,32 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+This file is part of dependency-check build reporting.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+Copyright (c) 2017 Jeremy Long. All Rights Reserved.
+-->
+<project name="dependency-check-build-reporting">
+	<bannerLeft>
+        <name>OWASP dependency-check build reporting</name>
+        <alt>OWASP dependency-check build reporting</alt>
+        <src>../images/dc.svg</src>
+    </bannerLeft>
+    <body>
+        <breadcrumbs>
+            <item name="dependency-check" href="../index.html"/>
+        </breadcrumbs>
+        <menu ref="Project Documentation" />
+        <menu ref="reports" />
+    </body>
+</project>
\ No newline at end of file
diff --git a/src/site/markdown/jacoco-aggregate/index.md b/src/site/markdown/jacoco-aggregate/index.md
new file mode 100644
index 000000000..40b4fd961
--- /dev/null
+++ b/src/site/markdown/jacoco-aggregate/index.md
@@ -0,0 +1,2 @@
+# Jacoco Aggregate Report
+The test coverage reports can be found [here](../build-reporting/jacoco-aggregate/index.html).
\ No newline at end of file

From 5681e0bfdfe8b76b67dd864b91731f70046227b4 Mon Sep 17 00:00:00 2001
From: Jeremy Long <jeremy.long@gmail.com>
Date: Fri, 5 May 2017 15:17:39 -0400
Subject: [PATCH 3/3] fixed test cases

---
 .../org/owasp/dependencycheck/data/nvdcve/CveDB.java   | 10 ++++++++++
 .../org/owasp/dependencycheck/data/nvdcve/CveDBIT.java |  4 +++-
 .../dependencycheck/data/nvdcve/CveDBMySqlIT.java      |  4 +++-
 pom.xml                                                |  6 +++---
 4 files changed, 19 insertions(+), 5 deletions(-)

diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/CveDB.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/CveDB.java
index bb32ae907..7b42d82c3 100644
--- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/CveDB.java
+++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/CveDB.java
@@ -230,6 +230,16 @@ public final class CveDB implements AutoCloseable {
         }
     }
 
+    /**
+     * Method added for testing, returns the current usage count of the CveDB
+     * singleton.
+     *
+     * @return the current usage of the CveDB singleton
+     */
+    protected synchronized int getUsageCount() {
+        return usageCount;
+    }
+
     /**
      * Opens the database connection. If the database does not exist, it will
      * create a new one.
diff --git a/dependency-check-core/src/test/java/org/owasp/dependencycheck/data/nvdcve/CveDBIT.java b/dependency-check-core/src/test/java/org/owasp/dependencycheck/data/nvdcve/CveDBIT.java
index e65f1b917..3ff98ee36 100644
--- a/dependency-check-core/src/test/java/org/owasp/dependencycheck/data/nvdcve/CveDBIT.java
+++ b/dependency-check-core/src/test/java/org/owasp/dependencycheck/data/nvdcve/CveDBIT.java
@@ -68,8 +68,10 @@ public class CveDBIT extends BaseDBTestCase {
         } catch (DatabaseException | SQLException ex) {
             fail(ex.getMessage());
         } finally {
+            int start = instance.getUsageCount();
             instance.close();
-            assertFalse(instance.isOpen());
+            int end = instance.getUsageCount();
+            assertTrue( end < start);
         }
     }
 
diff --git a/dependency-check-core/src/test/java/org/owasp/dependencycheck/data/nvdcve/CveDBMySqlIT.java b/dependency-check-core/src/test/java/org/owasp/dependencycheck/data/nvdcve/CveDBMySqlIT.java
index b38419a0d..e37fecafb 100644
--- a/dependency-check-core/src/test/java/org/owasp/dependencycheck/data/nvdcve/CveDBMySqlIT.java
+++ b/dependency-check-core/src/test/java/org/owasp/dependencycheck/data/nvdcve/CveDBMySqlIT.java
@@ -49,8 +49,10 @@ public class CveDBMySqlIT extends BaseTest {
             System.out.println("Unable to connect to the My SQL database; verify that the db server is running and that the schema has been generated");
             fail(ex.getMessage());
         } finally {
+            int start = instance.getUsageCount();
             instance.close();
-            assertFalse(instance.isOpen());
+            int end = instance.getUsageCount();
+            assertTrue( end < start);
         }
     }
 
diff --git a/pom.xml b/pom.xml
index 36d31223b..448a901c2 100644
--- a/pom.xml
+++ b/pom.xml
@@ -320,9 +320,6 @@ Copyright (c) 2012 - Jeremy Long
                             <value>${project.build.directory}/temp</value>
                         </property>
                     </systemProperties>
-                    <excludes>
-                        <exclude>**/*MySqlIT.java</exclude>
-                    </excludes>
                 </configuration>
             </plugin>
             <plugin>
@@ -336,6 +333,9 @@ Copyright (c) 2012 - Jeremy Long
                             <value>${project.build.directory}/temp</value>
                         </property>
                     </systemProperties>
+                    <excludes>
+                        <exclude>**/*MySqlIT.java</exclude>
+                    </excludes>
                 </configuration>
                 <executions>
                     <execution>