formating and codacy recommended updates

dependency-check-ant/src/main/java/org/owasp/dependencycheck/taskdefs/Check.java

@@ -53,16 +53,159 @@ public class Check extends Update {
      * System specific new line character.
      */
     private static final String NEW_LINE = System.getProperty("line.separator", "\n").intern();
+    /**
+     * Whether the ruby gemspec analyzer should be enabled.
+     */
+    private Boolean rubygemsAnalyzerEnabled;
+    /**
+     * Whether or not the Node.js Analyzer is enabled.
+     */
+    private Boolean nodeAnalyzerEnabled;
+    /**
+     * Whether or not the Ruby Bundle Audit Analyzer is enabled.
+     */
+    private Boolean bundleAuditAnalyzerEnabled;
+    /**
+     * Whether the CMake analyzer should be enabled.
+     */
+    private Boolean cmakeAnalyzerEnabled;
 
     /**
-     * Construct a new DependencyCheckTask.
+     * Whether or not the openssl analyzer is enabled.
      */
-    public Check() {
+    private Boolean opensslAnalyzerEnabled;
-        super();
+    /**
-        // Call this before Dependency Check Core starts logging anything - this way, all SLF4J messages from
+     * Whether the python package analyzer should be enabled.
-        // core end up coming through this tasks logger
+     */
-        StaticLoggerBinder.getSingleton().setTask(this);
+    private Boolean pyPackageAnalyzerEnabled;
-    }
+    /**
+     * Whether the python distribution analyzer should be enabled.
+     */
+    private Boolean pyDistributionAnalyzerEnabled;
+    /**
+     * Whether or not the central analyzer is enabled.
+     */
+    private Boolean centralAnalyzerEnabled;
+    /**
+     * Whether or not the nexus analyzer is enabled.
+     */
+    private Boolean nexusAnalyzerEnabled;
+
+    /**
+     * The URL of a Nexus server's REST API end point
+     * (http://domain/nexus/service/local).
+     */
+    private String nexusUrl;
+    /**
+     * Whether or not the defined proxy should be used when connecting to Nexus.
+     */
+    private Boolean nexusUsesProxy;
+    /**
+     * Additional ZIP File extensions to add analyze. This should be a
+     * comma-separated list of file extensions to treat like ZIP files.
+     */
+    private String zipExtensions;
+    /**
+     * The path to Mono for .NET assembly analysis on non-windows systems.
+     */
+    private String pathToMono;
+    
+    /**
+     * The application name for the report.
+     *
+     * @deprecated use projectName instead.
+     */
+    @Deprecated
+    private String applicationName = null;
+    /**
+     * The name of the project being analyzed.
+     */
+    private String projectName = "dependency-check";
+
+    /**
+     * Specifies the destination directory for the generated Dependency-Check
+     * report.
+     */
+    private String reportOutputDirectory = ".";
+    /**
+     * Specifies if the build should be failed if a CVSS score above a specified
+     * level is identified. The default is 11 which means since the CVSS scores
+     * are 0-10, by default the build will never fail and the CVSS score is set
+     * to 11. The valid range for the fail build on CVSS is 0 to 11, where
+     * anything above 10 will not cause the build to fail.
+     */
+    private float failBuildOnCVSS = 11;
+    /**
+     * Sets whether auto-updating of the NVD CVE/CPE data is enabled. It is not
+     * recommended that this be turned to false. Default is true.
+     */
+    private Boolean autoUpdate;
+    /**
+     * Whether only the update phase should be executed.
+     *
+     * @deprecated Use the update task instead
+     */
+    @Deprecated
+    private boolean updateOnly = false;
+
+    /**
+     * The report format to be generated (HTML, XML, VULN, ALL). Default is
+     * HTML.
+     */
+    private String reportFormat = "HTML";
+    /**
+     * The path to the suppression file.
+     */
+    private String suppressionFile;
+    /**
+     * The path to the suppression file.
+     */
+    private String hintsFile;
+    /**
+     * flag indicating whether or not to show a summary of findings.
+     */
+    private boolean showSummary = true;
+    /**
+     * Whether experimental analyzers are enabled.
+     */
+    private Boolean enableExperimental;
+    /**
+     * Whether or not the Jar Analyzer is enabled.
+     */
+    private Boolean jarAnalyzerEnabled;
+    /**
+     * Whether or not the Archive Analyzer is enabled.
+     */
+    private Boolean archiveAnalyzerEnabled;
+    /**
+     * Whether or not the .NET Nuspec Analyzer is enabled.
+     */
+    private Boolean nuspecAnalyzerEnabled;
+    /**
+     * Whether or not the PHP Composer Analyzer is enabled.
+     */
+    private Boolean composerAnalyzerEnabled;
+
+    /**
+     * Whether or not the .NET Assembly Analyzer is enabled.
+     */
+    private Boolean assemblyAnalyzerEnabled;    /**
+     * Whether the autoconf analyzer should be enabled.
+     */
+    private Boolean autoconfAnalyzerEnabled;
+    /**
+     * Sets the path for the bundle-audit binary.
+     */
+    private String bundleAuditPath;
+    /**
+     * Whether or not the CocoaPods Analyzer is enabled.
+     */
+    private Boolean cocoapodsAnalyzerEnabled;
+
+    /**
+     * Whether or not the Swift package Analyzer is enabled.
+     */
+    private Boolean swiftPackageManagerAnalyzerEnabled;
     //The following code was copied Apache Ant PathConvert
     //BEGIN COPY from org.apache.tools.ant.taskdefs.PathConvert
     /**
@@ -140,13 +283,17 @@ public class Check extends Update {
         }
     }
     // END COPY from org.apache.tools.ant.taskdefs
+
+    
     /**
-     * The application name for the report.
+     * Construct a new DependencyCheckTask.
-     *
-     * @deprecated use projectName instead.
      */
-    @Deprecated
+    public Check() {
-    private String applicationName = null;
+        super();
+        // Call this before Dependency Check Core starts logging anything - this way, all SLF4J messages from
+        // core end up coming through this tasks logger
+        StaticLoggerBinder.getSingleton().setTask(this);
+    }
 
     /**
      * Get the value of applicationName.
@@ -170,11 +317,6 @@ public class Check extends Update {
     public void setApplicationName(String applicationName) {
         this.applicationName = applicationName;
     }
-    /**
-     * The name of the project being analyzed.
-     */
-    private String projectName = "dependency-check";
-
     /**
      * Get the value of projectName.
      *
@@ -199,12 +341,6 @@ public class Check extends Update {
         this.projectName = projectName;
     }
 
-    /**
-     * Specifies the destination directory for the generated Dependency-Check
-     * report.
-     */
-    private String reportOutputDirectory = ".";
-
     /**
      * Get the value of reportOutputDirectory.
      *
@@ -222,14 +358,6 @@ public class Check extends Update {
     public void setReportOutputDirectory(String reportOutputDirectory) {
         this.reportOutputDirectory = reportOutputDirectory;
     }
-    /**
-     * Specifies if the build should be failed if a CVSS score above a specified
-     * level is identified. The default is 11 which means since the CVSS scores
-     * are 0-10, by default the build will never fail and the CVSS score is set
-     * to 11. The valid range for the fail build on CVSS is 0 to 11, where
-     * anything above 10 will not cause the build to fail.
-     */
-    private float failBuildOnCVSS = 11;
 
     /**
      * Get the value of failBuildOnCVSS.
@@ -248,11 +376,6 @@ public class Check extends Update {
     public void setFailBuildOnCVSS(float failBuildOnCVSS) {
         this.failBuildOnCVSS = failBuildOnCVSS;
     }
-    /**
-     * Sets whether auto-updating of the NVD CVE/CPE data is enabled. It is not
-     * recommended that this be turned to false. Default is true.
-     */
-    private Boolean autoUpdate;
 
     /**
      * Get the value of autoUpdate.
@@ -271,13 +394,6 @@ public class Check extends Update {
     public void setAutoUpdate(Boolean autoUpdate) {
         this.autoUpdate = autoUpdate;
     }
-    /**
-     * Whether only the update phase should be executed.
-     *
-     * @deprecated Use the update task instead
-     */
-    @Deprecated
-    private boolean updateOnly = false;
 
     /**
      * Get the value of updateOnly.
@@ -301,12 +417,6 @@ public class Check extends Update {
         this.updateOnly = updateOnly;
     }
 
-    /**
-     * The report format to be generated (HTML, XML, VULN, ALL). Default is
-     * HTML.
-     */
-    private String reportFormat = "HTML";
-
     /**
      * Get the value of reportFormat.
      *
@@ -324,10 +434,6 @@ public class Check extends Update {
     public void setReportFormat(ReportFormats reportFormat) {
         this.reportFormat = reportFormat.getValue();
     }
-    /**
-     * The path to the suppression file.
-     */
-    private String suppressionFile;
 
     /**
      * Get the value of suppressionFile.
@@ -346,10 +452,6 @@ public class Check extends Update {
     public void setSuppressionFile(String suppressionFile) {
         this.suppressionFile = suppressionFile;
     }
-    /**
-     * The path to the suppression file.
-     */
-    private String hintsFile;
 
     /**
      * Get the value of hintsFile.
@@ -368,11 +470,6 @@ public class Check extends Update {
     public void setHintsFile(String hintsFile) {
         this.hintsFile = hintsFile;
     }
-    /**
-     * flag indicating whether or not to show a summary of findings.
-     */
-    private boolean showSummary = true;
-
     /**
      * Get the value of showSummary.
      *
@@ -391,11 +488,6 @@ public class Check extends Update {
         this.showSummary = showSummary;
     }
 
-    /**
-     * Whether experimental analyzers are enabled.
-     */
-    private Boolean enableExperimental;
-
     /**
      * Get the value of enableExperimental.
      *
@@ -414,11 +506,6 @@ public class Check extends Update {
         this.enableExperimental = enableExperimental;
     }
 
-    /**
-     * Whether or not the Jar Analyzer is enabled.
-     */
-    private Boolean jarAnalyzerEnabled;
-
     /**
      * Returns whether or not the analyzer is enabled.
      *
@@ -436,10 +523,6 @@ public class Check extends Update {
     public void setJarAnalyzerEnabled(Boolean jarAnalyzerEnabled) {
         this.jarAnalyzerEnabled = jarAnalyzerEnabled;
     }
-    /**
-     * Whether or not the Archive Analyzer is enabled.
-     */
-    private Boolean archiveAnalyzerEnabled;
 
     /**
      * Returns whether or not the analyzer is enabled.
@@ -449,10 +532,6 @@ public class Check extends Update {
     public Boolean isArchiveAnalyzerEnabled() {
         return archiveAnalyzerEnabled;
     }
-    /**
-     * Whether or not the .NET Assembly Analyzer is enabled.
-     */
-    private Boolean assemblyAnalyzerEnabled;
 
     /**
      * Sets whether or not the analyzer is enabled.
@@ -480,10 +559,6 @@ public class Check extends Update {
     public void setAssemblyAnalyzerEnabled(Boolean assemblyAnalyzerEnabled) {
         this.assemblyAnalyzerEnabled = assemblyAnalyzerEnabled;
     }
-    /**
-     * Whether or not the .NET Nuspec Analyzer is enabled.
-     */
-    private Boolean nuspecAnalyzerEnabled;
 
     /**
      * Returns whether or not the analyzer is enabled.
@@ -502,10 +577,6 @@ public class Check extends Update {
     public void setNuspecAnalyzerEnabled(Boolean nuspecAnalyzerEnabled) {
         this.nuspecAnalyzerEnabled = nuspecAnalyzerEnabled;
     }
-    /**
-     * Whether or not the PHP Composer Analyzer is enabled.
-     */
-    private Boolean composerAnalyzerEnabled;
 
     /**
      * Get the value of composerAnalyzerEnabled.
@@ -524,10 +595,6 @@ public class Check extends Update {
     public void setComposerAnalyzerEnabled(Boolean composerAnalyzerEnabled) {
         this.composerAnalyzerEnabled = composerAnalyzerEnabled;
     }
-    /**
-     * Whether the autoconf analyzer should be enabled.
-     */
-    private Boolean autoconfAnalyzerEnabled;
 
     /**
      * Get the value of autoconfAnalyzerEnabled.
@@ -546,10 +613,6 @@ public class Check extends Update {
     public void setAutoconfAnalyzerEnabled(Boolean autoconfAnalyzerEnabled) {
         this.autoconfAnalyzerEnabled = autoconfAnalyzerEnabled;
     }
-    /**
-     * Whether the CMake analyzer should be enabled.
-     */
-    private Boolean cmakeAnalyzerEnabled;
 
     /**
      * Get the value of cmakeAnalyzerEnabled.
@@ -569,12 +632,6 @@ public class Check extends Update {
         this.cmakeAnalyzerEnabled = cmakeAnalyzerEnabled;
     }
 
-//start changes
-    /**
-     * Whether or not the Ruby Bundle Audit Analyzer is enabled.
-     */
-    private Boolean bundleAuditAnalyzerEnabled;
-
     /**
      * Returns if the Bundle Audit Analyzer is enabled.
      *
@@ -594,11 +651,6 @@ public class Check extends Update {
         this.bundleAuditAnalyzerEnabled = bundleAuditAnalyzerEnabled;
     }
 
-    /**
-     * Sets the path for the bundle-audit binary.
-     */
-    private String bundleAuditPath;
-
     /**
      * Returns the path to the bundle audit executable.
      *
@@ -616,10 +668,6 @@ public class Check extends Update {
     public void setBundleAuditPath(String bundleAuditPath) {
         this.bundleAuditPath = bundleAuditPath;
     }
-    /**
-     * Whether or not the CocoaPods Analyzer is enabled.
-     */
-    private Boolean cocoapodsAnalyzerEnabled;
 
     /**
      * Returns if the cocoapods analyyzer is enabled.
@@ -639,11 +687,6 @@ public class Check extends Update {
         this.cocoapodsAnalyzerEnabled = cocoapodsAnalyzerEnabled;
     }
 
-    /**
-     * Whether or not the Swift package Analyzer is enabled.
-     */
-    private Boolean swiftPackageManagerAnalyzerEnabled;
-
     /**
      * Returns whether or not the Swift package Analyzer is enabled.
      *
@@ -662,12 +705,6 @@ public class Check extends Update {
     public void setSwiftPackageManagerAnalyzerEnabled(Boolean swiftPackageManagerAnalyzerEnabled) {
         this.swiftPackageManagerAnalyzerEnabled = swiftPackageManagerAnalyzerEnabled;
     }
-//end changes
-
-    /**
-     * Whether or not the openssl analyzer is enabled.
-     */
-    private Boolean opensslAnalyzerEnabled;
 
     /**
      * Get the value of opensslAnalyzerEnabled.
@@ -686,10 +723,6 @@ public class Check extends Update {
     public void setOpensslAnalyzerEnabled(Boolean opensslAnalyzerEnabled) {
         this.opensslAnalyzerEnabled = opensslAnalyzerEnabled;
     }
-    /**
-     * Whether or not the Node.js Analyzer is enabled.
-     */
-    private Boolean nodeAnalyzerEnabled;
 
     /**
      * Get the value of nodeAnalyzerEnabled.
@@ -708,10 +741,6 @@ public class Check extends Update {
     public void setNodeAnalyzerEnabled(Boolean nodeAnalyzerEnabled) {
         this.nodeAnalyzerEnabled = nodeAnalyzerEnabled;
     }
-    /**
-     * Whether the ruby gemspec analyzer should be enabled.
-     */
-    private Boolean rubygemsAnalyzerEnabled;
 
     /**
      * Get the value of rubygemsAnalyzerEnabled.
@@ -730,10 +759,6 @@ public class Check extends Update {
     public void setRubygemsAnalyzerEnabled(Boolean rubygemsAnalyzerEnabled) {
         this.rubygemsAnalyzerEnabled = rubygemsAnalyzerEnabled;
     }
-    /**
-     * Whether the python package analyzer should be enabled.
-     */
-    private Boolean pyPackageAnalyzerEnabled;
 
     /**
      * Get the value of pyPackageAnalyzerEnabled.
@@ -753,11 +778,6 @@ public class Check extends Update {
         this.pyPackageAnalyzerEnabled = pyPackageAnalyzerEnabled;
     }
 
-    /**
-     * Whether the python distribution analyzer should be enabled.
-     */
-    private Boolean pyDistributionAnalyzerEnabled;
-
     /**
      * Get the value of pyDistributionAnalyzerEnabled.
      *
@@ -777,11 +797,6 @@ public class Check extends Update {
         this.pyDistributionAnalyzerEnabled = pyDistributionAnalyzerEnabled;
     }
 
-    /**
-     * Whether or not the central analyzer is enabled.
-     */
-    private Boolean centralAnalyzerEnabled;
-
     /**
      * Get the value of centralAnalyzerEnabled.
      *
@@ -800,11 +815,6 @@ public class Check extends Update {
         this.centralAnalyzerEnabled = centralAnalyzerEnabled;
     }
 
-    /**
-     * Whether or not the nexus analyzer is enabled.
-     */
-    private Boolean nexusAnalyzerEnabled;
-
     /**
      * Get the value of nexusAnalyzerEnabled.
      *
@@ -823,12 +833,6 @@ public class Check extends Update {
         this.nexusAnalyzerEnabled = nexusAnalyzerEnabled;
     }
 
-    /**
-     * The URL of a Nexus server's REST API end point
-     * (http://domain/nexus/service/local).
-     */
-    private String nexusUrl;
-
     /**
      * Get the value of nexusUrl.
      *
@@ -846,10 +850,6 @@ public class Check extends Update {
     public void setNexusUrl(String nexusUrl) {
         this.nexusUrl = nexusUrl;
     }
-    /**
-     * Whether or not the defined proxy should be used when connecting to Nexus.
-     */
-    private Boolean nexusUsesProxy;
 
     /**
      * Get the value of nexusUsesProxy.
@@ -869,12 +869,6 @@ public class Check extends Update {
         this.nexusUsesProxy = nexusUsesProxy;
     }
 
-    /**
-     * Additional ZIP File extensions to add analyze. This should be a
-     * comma-separated list of file extensions to treat like ZIP files.
-     */
-    private String zipExtensions;
-
     /**
      * Get the value of zipExtensions.
      *
@@ -893,11 +887,6 @@ public class Check extends Update {
         this.zipExtensions = zipExtensions;
     }
 
-    /**
-     * The path to Mono for .NET assembly analysis on non-windows systems.
-     */
-    private String pathToMono;
-
     /**
      * Get the value of pathToMono.
      *

dependency-check-ant/src/main/java/org/owasp/dependencycheck/taskdefs/Update.java

@@ -34,6 +34,67 @@ import org.slf4j.impl.StaticLoggerBinder;
  */
 public class Update extends Purge {
 
+    /**
+     * The Proxy Server.
+     */
+    private String proxyServer;
+    /**
+     * The Proxy Port.
+     */
+    private String proxyPort;
+    /**
+     * The Proxy username.
+     */
+    private String proxyUsername;
+    /**
+     * The Proxy password.
+     */
+    private String proxyPassword;
+    /**
+     * The Connection Timeout.
+     */
+    private String connectionTimeout;
+    /**
+     * The database driver name; such as org.h2.Driver.
+     */
+    private String databaseDriverName;
+    /**
+     * The path to the database driver JAR file if it is not on the class path.
+     */
+    private String databaseDriverPath;
+    /**
+     * The database connection string.
+     */
+    private String connectionString;
+    /**
+     * The user name for connecting to the database.
+     */
+    private String databaseUser;
+    /**
+     * The password to use when connecting to the database.
+     */
+    private String databasePassword;
+    /**
+     * The url for the modified NVD CVE (1.2 schema).
+     */
+    private String cveUrl12Modified;
+    /**
+     * Base Data Mirror URL for CVE 1.2.
+     */
+    private String cveUrl12Base;
+    /**
+     * Data Mirror URL for CVE 2.0.
+     */
+    private String cveUrl20Base;
+    /**
+     * The number of hours to wait before re-checking for updates.
+     */
+    private Integer cveValidForHours;
+    /**
+     * The url for the modified NVD CVE (2.0 schema).
+     */
+    private String cveUrl20Modified;
+
     /**
      * Construct a new UpdateTask.
      */
@@ -44,11 +105,6 @@ public class Update extends Purge {
         StaticLoggerBinder.getSingleton().setTask(this);
     }
 
-    /**
-     * The Proxy Server.
-     */
-    private String proxyServer;
-
     /**
      * Get the value of proxyServer.
      *
@@ -67,11 +123,6 @@ public class Update extends Purge {
         this.proxyServer = server;
     }
 
-    /**
-     * The Proxy Port.
-     */
-    private String proxyPort;
-
     /**
      * Get the value of proxyPort.
      *
@@ -89,10 +140,6 @@ public class Update extends Purge {
     public void setProxyPort(String proxyPort) {
         this.proxyPort = proxyPort;
     }
-    /**
-     * The Proxy username.
-     */
-    private String proxyUsername;
 
     /**
      * Get the value of proxyUsername.
@@ -111,10 +158,6 @@ public class Update extends Purge {
     public void setProxyUsername(String proxyUsername) {
         this.proxyUsername = proxyUsername;
     }
-    /**
-     * The Proxy password.
-     */
-    private String proxyPassword;
 
     /**
      * Get the value of proxyPassword.
@@ -133,10 +176,6 @@ public class Update extends Purge {
     public void setProxyPassword(String proxyPassword) {
         this.proxyPassword = proxyPassword;
     }
-    /**
-     * The Connection Timeout.
-     */
-    private String connectionTimeout;
 
     /**
      * Get the value of connectionTimeout.
@@ -155,10 +194,6 @@ public class Update extends Purge {
     public void setConnectionTimeout(String connectionTimeout) {
         this.connectionTimeout = connectionTimeout;
     }
-    /**
-     * The database driver name; such as org.h2.Driver.
-     */
-    private String databaseDriverName;
 
     /**
      * Get the value of databaseDriverName.
@@ -178,11 +213,6 @@ public class Update extends Purge {
         this.databaseDriverName = databaseDriverName;
     }
 
-    /**
-     * The path to the database driver JAR file if it is not on the class path.
-     */
-    private String databaseDriverPath;
-
     /**
      * Get the value of databaseDriverPath.
      *
@@ -200,10 +230,6 @@ public class Update extends Purge {
     public void setDatabaseDriverPath(String databaseDriverPath) {
         this.databaseDriverPath = databaseDriverPath;
     }
-    /**
-     * The database connection string.
-     */
-    private String connectionString;
 
     /**
      * Get the value of connectionString.
@@ -222,10 +248,6 @@ public class Update extends Purge {
     public void setConnectionString(String connectionString) {
         this.connectionString = connectionString;
     }
-    /**
-     * The user name for connecting to the database.
-     */
-    private String databaseUser;
 
     /**
      * Get the value of databaseUser.
@@ -245,11 +267,6 @@ public class Update extends Purge {
         this.databaseUser = databaseUser;
     }
 
-    /**
-     * The password to use when connecting to the database.
-     */
-    private String databasePassword;
-
     /**
      * Get the value of databasePassword.
      *
@@ -268,11 +285,6 @@ public class Update extends Purge {
         this.databasePassword = databasePassword;
     }
 
-    /**
-     * The url for the modified NVD CVE (1.2 schema).
-     */
-    private String cveUrl12Modified;
-
     /**
      * Get the value of cveUrl12Modified.
      *
@@ -291,11 +303,6 @@ public class Update extends Purge {
         this.cveUrl12Modified = cveUrl12Modified;
     }
 
-    /**
-     * The url for the modified NVD CVE (2.0 schema).
-     */
-    private String cveUrl20Modified;
-
     /**
      * Get the value of cveUrl20Modified.
      *
@@ -314,11 +321,6 @@ public class Update extends Purge {
         this.cveUrl20Modified = cveUrl20Modified;
     }
 
-    /**
-     * Base Data Mirror URL for CVE 1.2.
-     */
-    private String cveUrl12Base;
-
     /**
      * Get the value of cveUrl12Base.
      *
@@ -337,11 +339,6 @@ public class Update extends Purge {
         this.cveUrl12Base = cveUrl12Base;
     }
 
-    /**
-     * Data Mirror URL for CVE 2.0.
-     */
-    private String cveUrl20Base;
-
     /**
      * Get the value of cveUrl20Base.
      *
@@ -360,11 +357,6 @@ public class Update extends Purge {
         this.cveUrl20Base = cveUrl20Base;
     }
 
-    /**
-     * The number of hours to wait before re-checking for updates.
-     */
-    private Integer cveValidForHours;
-
     /**
      * Get the value of cveValidForHours.
      *

dependency-check-core/src/main/java/org/owasp/dependencycheck/Engine.java

@@ -589,8 +589,8 @@ public class Engine implements FileFilter {
      * @param exceptions the collection of exceptions to collect
      * @return a collection of analysis tasks
      */
-    List<AnalysisTask> getAnalysisTasks(Analyzer analyzer, List<Throwable> exceptions) {
+    protected List<AnalysisTask> getAnalysisTasks(Analyzer analyzer, List<Throwable> exceptions) {
-        final List<AnalysisTask> result = new ArrayList<AnalysisTask>();
+        final List<AnalysisTask> result = new ArrayList<>();
         synchronized (dependencies) {
             for (final Dependency dependency : dependencies) {
                 final AnalysisTask task = new AnalysisTask(analyzer, dependency, this, exceptions, Settings.getInstance());

dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/ArchiveAnalyzer.java

@@ -470,7 +470,8 @@ public class ArchiveAnalyzer extends AbstractFileTypeAnalyzer {
                     && b[5] == 'n'
                     && b[6] == '/') {
                 boolean stillLooking = true;
-                int chr, nxtChr;
+                int chr;
+                int nxtChr;
                 while (stillLooking && (chr = in.read()) != -1) {
                     if (chr == '\n' || chr == '\r') {
                         in.mark(4);

dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/CPEAnalyzer.java

@@ -123,14 +123,17 @@ public class CPEAnalyzer extends AbstractAnalyzer {
     public AnalysisPhase getAnalysisPhase() {
         return AnalysisPhase.IDENTIFIER_ANALYSIS;
     }
+
     /**
      * The default is to support parallel processing.
+     *
      * @return false
      */
     @Override
     public boolean supportsParallelProcessing() {
         return false;
     }
+
     /**
      * Creates the CPE Lucene Index.
      *
@@ -674,6 +677,19 @@ public class CPEAnalyzer extends AbstractAnalyzer {
      */
     private static class IdentifierMatch implements Comparable<IdentifierMatch> {
 
+        /**
+         * The confidence in the evidence used to identify this match.
+         */
+        private Confidence evidenceConfidence;
+        /**
+         * The confidence whether this is an exact match, or a best guess.
+         */
+        private IdentifierConfidence confidence;
+        /**
+         * The CPE identifier.
+         */
+        private Identifier identifier;
+
         /**
          * Constructs an IdentifierMatch.
          *
@@ -690,12 +706,8 @@ public class CPEAnalyzer extends AbstractAnalyzer {
             this.confidence = identifierConfidence;
             this.evidenceConfidence = evidenceConfidence;
         }
-        //<editor-fold defaultstate="collapsed" desc="Property implementations: evidenceConfidence, confidence, identifier">
-        /**
-         * The confidence in the evidence used to identify this match.
-         */
-        private Confidence evidenceConfidence;
 
+        //<editor-fold defaultstate="collapsed" desc="Property implementations: evidenceConfidence, confidence, identifier">
         /**
          * Get the value of evidenceConfidence
          *
@@ -713,10 +725,6 @@ public class CPEAnalyzer extends AbstractAnalyzer {
         public void setEvidenceConfidence(Confidence evidenceConfidence) {
             this.evidenceConfidence = evidenceConfidence;
         }
-        /**
-         * The confidence whether this is an exact match, or a best guess.
-         */
-        private IdentifierConfidence confidence;
 
         /**
          * Get the value of confidence.
@@ -735,10 +743,6 @@ public class CPEAnalyzer extends AbstractAnalyzer {
         public void setConfidence(IdentifierConfidence confidence) {
             this.confidence = confidence;
         }
-        /**
-         * The CPE identifier.
-         */
-        private Identifier identifier;
 
         /**
          * Get the value of identifier.

dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/HintAnalyzer.java

@@ -52,6 +52,18 @@ import org.xml.sax.SAXException;
  * @author Jeremy Long
  */
 public class HintAnalyzer extends AbstractAnalyzer {
+ /**
+     * The Logger for use throughout the class
+     */
+    private static final Logger LOGGER = LoggerFactory.getLogger(HintAnalyzer.class);
+    /**
+     * The name of the hint rule file
+     */
+    private static final String HINT_RULE_FILE_NAME = "dependencycheck-base-hint.xml";
+    /**
+     * The collection of hints.
+     */
+    private Hints hints;
 
     //<editor-fold defaultstate="collapsed" desc="All standard implementation details of Analyzer">
     /**
@@ -109,20 +121,7 @@ public class HintAnalyzer extends AbstractAnalyzer {
         }
     }
     //</editor-fold>
-
+   
-    /**
-     * The Logger for use throughout the class
-     */
-    private static final Logger LOGGER = LoggerFactory.getLogger(HintAnalyzer.class);
-    /**
-     * The name of the hint rule file
-     */
-    private static final String HINT_RULE_FILE_NAME = "dependencycheck-base-hint.xml";
-    /**
-     * The collection of hints.
-     */
-    private Hints hints;
-
     /**
      * The HintAnalyzer uses knowledge about a dependency to add additional
      * information to help in identification of identifiers or vulnerabilities.
@@ -195,7 +194,7 @@ public class HintAnalyzer extends AbstractAnalyzer {
         }
 
         final Iterator<Evidence> itr = dependency.getVendorEvidence().iterator();
-        final List<Evidence> newEntries = new ArrayList<Evidence>();
+        final List<Evidence> newEntries = new ArrayList<>();
         while (itr.hasNext()) {
             final Evidence e = itr.next();
             for (VendorDuplicatingHintRule dhr : hints.getVendorDuplicatingHintRules()) {
@@ -220,10 +219,7 @@ public class HintAnalyzer extends AbstractAnalyzer {
         File file = null;
         try {
             hints = parser.parseHints(this.getClass().getClassLoader().getResourceAsStream(HINT_RULE_FILE_NAME));
-        } catch (HintParseException ex) {
+        } catch (HintParseException | SAXException ex) {
-            LOGGER.error("Unable to parse the base hint data file");
-            LOGGER.debug("Unable to parse the base hint data file", ex);
-        } catch (SAXException ex) {
             LOGGER.error("Unable to parse the base hint data file");
             LOGGER.debug("Unable to parse the base hint data file", ex);
         }
@@ -246,9 +242,7 @@ public class HintAnalyzer extends AbstractAnalyzer {
             } else {
                 file = new File(filePath);
                 if (!file.exists()) {
-                    InputStream fromClasspath = null;
+                    try (InputStream fromClasspath = this.getClass().getClassLoader().getResourceAsStream(filePath)) {
-                    try {
-                        fromClasspath = this.getClass().getClassLoader().getResourceAsStream(filePath);
                         if (fromClasspath != null) {
                             deleteTempFile = true;
                             file = FileUtils.getTempFile("hint", "xml");
@@ -258,10 +252,6 @@ public class HintAnalyzer extends AbstractAnalyzer {
                                 throw new HintParseException("Unable to locate hints file in classpath", ex);
                             }
                         }
-                    } finally {
-                        if (fromClasspath != null) {
-                            fromClasspath.close();
-                        }
                     }
                 }
             }

dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java

@@ -148,15 +148,6 @@ public class JarAnalyzer extends AbstractFileTypeAnalyzer {
      * A pattern to detect HTML within text.
      */
     private static final Pattern HTML_DETECTION_PATTERN = Pattern.compile("\\<[a-z]+.*/?\\>", Pattern.CASE_INSENSITIVE);
-
-    //</editor-fold>
-    /**
-     * Constructs a new JarAnalyzer.
-     */
-    public JarAnalyzer() {
-    }
-
-    //<editor-fold defaultstate="collapsed" desc="All standard implmentation details of Analyzer">
     /**
      * The name of the analyzer.
      */
@@ -175,6 +166,15 @@ public class JarAnalyzer extends AbstractFileTypeAnalyzer {
      */
     private static final FileFilter FILTER = FileFilterBuilder.newInstance().addExtensions(EXTENSIONS).build();
 
+
+    //</editor-fold>
+    /**
+     * Constructs a new JarAnalyzer.
+     */
+    public JarAnalyzer() {
+    }
+
+    //<editor-fold defaultstate="collapsed" desc="All standard implmentation details of Analyzer">
     /**
      * Returns the FileFilter.
      *
@@ -396,7 +396,7 @@ public class JarAnalyzer extends AbstractFileTypeAnalyzer {
      * @throws IOException thrown if there is an exception reading a JarEntry
      */
     private List<String> retrievePomListing(final JarFile jar) throws IOException {
-        final List<String> pomEntries = new ArrayList<String>();
+        final List<String> pomEntries = new ArrayList<>();
         final Enumeration<JarEntry> entries = jar.entries();
         while (entries.hasMoreElements()) {
             final JarEntry entry = entries.nextElement();
@@ -588,8 +588,8 @@ public class JarAnalyzer extends AbstractFileTypeAnalyzer {
      */
     protected void analyzePackageNames(List<ClassNameInformation> classNames,
             Dependency dependency, boolean addPackagesAsEvidence) {
-        final Map<String, Integer> vendorIdentifiers = new HashMap<String, Integer>();
+        final Map<String, Integer> vendorIdentifiers = new HashMap<>();
-        final Map<String, Integer> productIdentifiers = new HashMap<String, Integer>();
+        final Map<String, Integer> productIdentifiers = new HashMap<>();
         analyzeFullyQualifiedClassNames(classNames, vendorIdentifiers, productIdentifiers);
 
         final int classCount = classNames.size();
@@ -949,7 +949,7 @@ public class JarAnalyzer extends AbstractFileTypeAnalyzer {
      * @return an list of fully qualified class names
      */
     private List<ClassNameInformation> collectClassNames(Dependency dependency) {
-        final List<ClassNameInformation> classNames = new ArrayList<ClassNameInformation>();
+        final List<ClassNameInformation> classNames = new ArrayList<>();
         JarFile jar = null;
         try {
             jar = new JarFile(dependency.getActualFilePath());
@@ -1115,6 +1115,15 @@ public class JarAnalyzer extends AbstractFileTypeAnalyzer {
      * Stores information about a class name.
      */
     protected static class ClassNameInformation {
+        /**
+         * The fully qualified class name.
+         */
+        private String name;
+        /**
+         * Up to the first four levels of the package structure, excluding a
+         * leading "org" or "com".
+         */
+        private final ArrayList<String> packageStructure = new ArrayList<String>();
 
         /**
          * <p>
@@ -1158,10 +1167,6 @@ public class JarAnalyzer extends AbstractFileTypeAnalyzer {
                 packageStructure.add(name);
             }
         }
-        /**
-         * The fully qualified class name.
-         */
-        private String name;
 
         /**
          * Get the value of name
@@ -1180,12 +1185,6 @@ public class JarAnalyzer extends AbstractFileTypeAnalyzer {
         public void setName(String name) {
             this.name = name;
         }
-        /**
-         * Up to the first four levels of the package structure, excluding a
-         * leading "org" or "com".
-         */
-        private final ArrayList<String> packageStructure = new ArrayList<String>();
-
         /**
          * Get the value of packageStructure
          *

dependency-check-core/src/main/java/org/owasp/dependencycheck/data/cpe/IndexEntry.java

@@ -172,10 +172,7 @@ public class IndexEntry implements Serializable {
         if ((this.vendor == null) ? (other.vendor != null) : !this.vendor.equals(other.vendor)) {
             return false;
         }
-        if ((this.product == null) ? (other.product != null) : !this.product.equals(other.product)) {
+        return !((this.product == null) ? (other.product != null) : !this.product.equals(other.product));
-            return false;
-        }
-        return true;
     }
 
     /**

dependency-check-core/src/main/java/org/owasp/dependencycheck/dependency/Dependency.java

@@ -129,10 +129,10 @@ public class Dependency implements Serializable, Comparable<Dependency> {
         vendorEvidence = new EvidenceCollection();
         productEvidence = new EvidenceCollection();
         versionEvidence = new EvidenceCollection();
-        identifiers = new TreeSet<Identifier>();
+        identifiers = new TreeSet<>();
-        vulnerabilities = new TreeSet<Vulnerability>(new VulnerabilityComparator());
+        vulnerabilities = new TreeSet<>(new VulnerabilityComparator());
-        suppressedIdentifiers = new TreeSet<Identifier>();
+        suppressedIdentifiers = new TreeSet<>();
-        suppressedVulnerabilities = new TreeSet<Vulnerability>(new VulnerabilityComparator());
+        suppressedVulnerabilities = new TreeSet<>(new VulnerabilityComparator());
     }
 
     /**

dependency-check-core/src/main/java/org/owasp/dependencycheck/dependency/VulnerableSoftware.java

@@ -233,7 +233,7 @@ public class VulnerableSoftware extends IndexEntry implements Serializable, Comp
      * @param str the string to test
      * @return true if the string only contains 0-9, otherwise false.
      */
-    static boolean isPositiveInteger(final String str) {
+    protected static boolean isPositiveInteger(final String str) {
         if (str == null || str.isEmpty()) {
             return false;
         }

dependency-check-core/src/main/java/org/owasp/dependencycheck/xml/pom/License.java

@@ -23,6 +23,15 @@ package org.owasp.dependencycheck.xml.pom;
  */
 public class License {
 
+    /**
+     * The url to the license.
+     */
+    private String url;
+    /**
+     * The name of the license.
+     */
+    private String name;
+
     /**
      * Constructs a new license object.
      */
@@ -41,11 +50,6 @@ public class License {
 
     }
 
-    /**
-     * The url to the license.
-     */
-    private String url;
-
     /**
      * Get the value of url.
      *
@@ -64,11 +68,6 @@ public class License {
         this.url = url;
     }
 
-    /**
-     * The name of the license.
-     */
-    private String name;
-
     /**
      * Get the value of name.
      *

dependency-check-core/src/main/java/org/owasp/dependencycheck/xml/pom/Model.java

@@ -35,6 +35,46 @@ public class Model {
      * The name of the project.
      */
     private String name;
+    /**
+     * The organization name.
+     */
+    private String organization;
+    /**
+     * The description.
+     */
+    private String description;
+    /**
+     * The group id.
+     */
+    private String groupId;
+    /**
+     * The artifact id.
+     */
+    private String artifactId;
+    /**
+     * The version number.
+     */
+    private String version;
+    /**
+     * The parent group id.
+     */
+    private String parentGroupId;
+    /**
+     * The parent artifact id.
+     */
+    private String parentArtifactId;
+    /**
+     * The parent version number.
+     */
+    private String parentVersion;
+    /**
+     * The list of licenses.
+     */
+    private final List<License> licenses = new ArrayList<License>();
+    /**
+     * The project URL.
+     */
+    private String projectURL;
 
     /**
      * Get the value of name.
@@ -54,11 +94,6 @@ public class Model {
         this.name = name;
     }
 
-    /**
-     * The organization name.
-     */
-    private String organization;
-
     /**
      * Get the value of organization.
      *
@@ -77,11 +112,6 @@ public class Model {
         this.organization = organization;
     }
 
-    /**
-     * The description.
-     */
-    private String description;
-
     /**
      * Get the value of description.
      *
@@ -100,11 +130,6 @@ public class Model {
         this.description = description;
     }
 
-    /**
-     * The group id.
-     */
-    private String groupId;
-
     /**
      * Get the value of groupId.
      *
@@ -123,11 +148,6 @@ public class Model {
         this.groupId = groupId;
     }
 
-    /**
-     * The artifact id.
-     */
-    private String artifactId;
-
     /**
      * Get the value of artifactId.
      *
@@ -146,11 +166,6 @@ public class Model {
         this.artifactId = artifactId;
     }
 
-    /**
-     * The version number.
-     */
-    private String version;
-
     /**
      * Get the value of version.
      *
@@ -169,11 +184,6 @@ public class Model {
         this.version = version;
     }
 
-    /**
-     * The parent group id.
-     */
-    private String parentGroupId;
-
     /**
      * Get the value of parentGroupId.
      *
@@ -192,11 +202,6 @@ public class Model {
         this.parentGroupId = parentGroupId;
     }
 
-    /**
-     * The parent artifact id.
-     */
-    private String parentArtifactId;
-
     /**
      * Get the value of parentArtifactId.
      *
@@ -215,11 +220,6 @@ public class Model {
         this.parentArtifactId = parentArtifactId;
     }
 
-    /**
-     * The parent version number.
-     */
-    private String parentVersion;
-
     /**
      * Get the value of parentVersion.
      *
@@ -238,11 +238,6 @@ public class Model {
         this.parentVersion = parentVersion;
     }
 
-    /**
-     * The list of licenses.
-     */
-    private final List<License> licenses = new ArrayList<License>();
-
     /**
      * Returns the list of licenses.
      *
@@ -261,11 +256,6 @@ public class Model {
         licenses.add(license);
     }
 
-    /**
-     * The project URL.
-     */
-    private String projectURL;
-
     /**
      * Get the value of projectURL.
      *

dependency-check-core/src/main/java/org/owasp/dependencycheck/xml/suppression/PropertyType.java

@@ -32,6 +32,14 @@ public class PropertyType {
      * The value.
      */
     private String value;
+    /**
+     * Whether or not the expression is a regex.
+     */
+    private boolean regex = false;
+    /**
+     * Indicates case sensitivity.
+     */
+    private boolean caseSensitive = false;
 
     /**
      * Gets the value of the value property.
@@ -51,10 +59,6 @@ public class PropertyType {
     public void setValue(String value) {
         this.value = value;
     }
-    /**
-     * Whether or not the expression is a regex.
-     */
-    private boolean regex = false;
 
     /**
      * Returns whether or not the value is a regex.
@@ -75,11 +79,6 @@ public class PropertyType {
     public void setRegex(boolean value) {
         this.regex = value;
     }
-    /**
-     * Indicates case sensitivity.
-     */
-    private boolean caseSensitive = false;
-
     /**
      * Gets the value of the caseSensitive property.
      *

dependency-check-core/src/main/java/org/owasp/dependencycheck/xml/suppression/SuppressionRule.java

@@ -409,7 +409,7 @@ public class SuppressionRule {
      * @param identifier a CPE identifier to check
      * @return true if the entry matches; otherwise false
      */
-    boolean identifierMatches(String identifierType, PropertyType suppressionEntry, Identifier identifier) {
+    protected boolean identifierMatches(String identifierType, PropertyType suppressionEntry, Identifier identifier) {
         if (identifierType.equals(identifier.getType())) {
             if (suppressionEntry.matches(identifier.getValue())) {
                 return true;

dependency-check-core/src/test/java/org/owasp/dependencycheck/EngineIntegrationTest.java

@@ -18,8 +18,6 @@
 package org.owasp.dependencycheck;
 
 import java.io.IOException;
-import java.util.logging.Level;
-import java.util.logging.Logger;
 import static org.junit.Assert.assertTrue;
 
 import org.junit.Test;
@@ -59,15 +57,15 @@ public class EngineIntegrationTest extends BaseDBTestCase {
         try {
             instance.analyzeDependencies();
         } catch (ExceptionCollection ex) {
-            if (ex.getExceptions().size()==1 &&
+            if (ex.getExceptions().size() == 1
-                    (ex.getExceptions().get(0).getMessage().contains("bundle-audit") ||
+                    && (ex.getExceptions().get(0).getMessage().contains("bundle-audit")
-                    ex.getExceptions().get(0).getMessage().contains("AssemblyAnalyzer"))) {
+                    || ex.getExceptions().get(0).getMessage().contains("AssemblyAnalyzer"))) {
                 //this is fine to ignore
-            } else if (ex.getExceptions().size()==2 &&
+            } else if (ex.getExceptions().size() == 2
-                    ((ex.getExceptions().get(0).getMessage().contains("bundle-audit") &&
+                    && ((ex.getExceptions().get(0).getMessage().contains("bundle-audit")
-                    ex.getExceptions().get(1).getMessage().contains("AssemblyAnalyzer")) ||
+                    && ex.getExceptions().get(1).getMessage().contains("AssemblyAnalyzer"))
-                    (ex.getExceptions().get(1).getMessage().contains("bundle-audit") &&
+                    || (ex.getExceptions().get(1).getMessage().contains("bundle-audit")
-                    ex.getExceptions().get(0).getMessage().contains("AssemblyAnalyzer")))) {
+                    && ex.getExceptions().get(0).getMessage().contains("AssemblyAnalyzer")))) {
                 //this is fine to ignore
             } else {
                 throw ex;

dependency-check-core/src/test/java/org/owasp/dependencycheck/EngineTest.java

@@ -41,10 +41,10 @@ import static org.junit.Assert.assertTrue;
 public class EngineTest extends BaseDBTestCase {
 
     @Mocked
-    Analyzer analyzer;
+    private Analyzer analyzer;
 
     @Mocked
-    AnalysisTask analysisTask;
+    private AnalysisTask analysisTask;
 
 
     /**

dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/RubyBundleAuditAnalyzerTest.java

@@ -26,7 +26,6 @@ import java.io.File;
 import java.util.Iterator;
 import java.util.List;
 import java.util.Set;
-import java.util.logging.Level;
 
 import org.junit.After;
 import org.junit.Assume;

dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/RubyBundlerAnalyzerTest.java

@@ -40,7 +40,7 @@ public class RubyBundlerAnalyzerTest extends BaseTest {
     /**
      * The analyzer to test.
      */
-    RubyBundlerAnalyzer analyzer;
+    private RubyBundlerAnalyzer analyzer;
 
     /**
      * Correctly setup the analyzer for testing.

dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/RubyGemspecAnalyzerTest.java

@@ -111,6 +111,6 @@ public class RubyGemspecAnalyzerTest extends BaseTest {
         final Dependency result = new Dependency(BaseTest.getResourceAsFile(this,
                 "ruby/vulnerable/gems/rails-4.1.15/vendor/bundle/ruby/2.2.0/gems/pg-0.18.4/Rakefile"));
         analyzer.analyze(result, null);
-        //TODO add verification
+        assertTrue(result.getEvidence().size()>0);
     }
 }

dependency-check-core/src/test/java/org/owasp/dependencycheck/data/nuget/XPathNuspecParserTest.java

@@ -78,6 +78,6 @@ public class XPathNuspecParserTest extends BaseTest {
         NuspecParser parser = new XPathNuspecParser();
         //InputStream is = XPathNuspecParserTest.class.getClassLoader().getResourceAsStream("suppressions.xml");
         InputStream is = BaseTest.getResourceAsStream(this, "suppressions.xml");
-        NugetPackage np = parser.parse(is);
+        parser.parse(is);
     }
 }

dependency-check-core/src/test/java/org/owasp/dependencycheck/data/nvdcve/DriverLoaderTest.java

@@ -62,8 +62,8 @@ public class DriverLoaderTest extends BaseTest {
      */
     @Test(expected = DriverLoadException.class)
     public void testLoad_String_ex() throws Exception {
-        String className = "bad.Driver";
+        final String className = "bad.Driver";
-        Driver d = DriverLoader.load(className);
+        DriverLoader.load(className);
     }
 
     /**
@@ -94,7 +94,7 @@ public class DriverLoaderTest extends BaseTest {
      * Test of load method, of class DriverLoader.
      */
     @Test
-    public void testLoad_String_String_multiple_paths() throws Exception {
+    public void testLoad_String_String_multiple_paths()  {
         final String className = "com.mysql.jdbc.Driver";
         //we know this is in target/test-classes
         //final File testClassPath = (new File(this.getClass().getClassLoader().getResource("org.mortbay.jetty.jar").getPath())).getParentFile();
@@ -106,9 +106,15 @@ public class DriverLoaderTest extends BaseTest {
         Driver d = null;
         try {
             d = DriverLoader.load(className, paths);
+        } catch (DriverLoadException ex) {
+            fail(ex.getMessage());
         } finally {
             if (d != null) {
-                DriverManager.deregisterDriver(d);
+                try {
+                    DriverManager.deregisterDriver(d);
+                } catch (SQLException ex) {
+                    fail(ex.getMessage());
+                }
             }
         }
     }

dependency-check-core/src/test/java/org/owasp/dependencycheck/dependency/DependencyTest.java

@@ -18,10 +18,12 @@
 package org.owasp.dependencycheck.dependency;
 
 import java.io.File;
+import java.util.HashSet;
 import java.util.Set;
 
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
 import static org.junit.Assert.assertTrue;
 
 import org.junit.Test;
@@ -165,7 +167,7 @@ public class DependencyTest extends BaseTest {
         Dependency instance = new Dependency();
         Set<Identifier> result = instance.getIdentifiers();
 
-        assertTrue(true); //this is just a getter setter pair.
+        assertNotNull(result);
     }
 
     /**
@@ -173,10 +175,10 @@ public class DependencyTest extends BaseTest {
      */
     @Test
     public void testSetIdentifiers() {
-        Set<Identifier> identifiers = null;
+        Set<Identifier> identifiers = new HashSet<>();
         Dependency instance = new Dependency();
         instance.setIdentifiers(identifiers);
-        assertTrue(true); //this is just a getter setter pair.
+        assertNotNull(instance.getIdentifiers());
     }
 
     /**
@@ -201,9 +203,8 @@ public class DependencyTest extends BaseTest {
     @Test
     public void testGetEvidence() {
         Dependency instance = new Dependency();
-        EvidenceCollection expResult = null;
         EvidenceCollection result = instance.getEvidence();
-        assertTrue(true); //this is just a getter setter pair.
+        assertNotNull(result);
     }
 
     /**
@@ -232,9 +233,8 @@ public class DependencyTest extends BaseTest {
     @Test
     public void testGetVendorEvidence() {
         Dependency instance = new Dependency();
-        EvidenceCollection expResult = null;
         EvidenceCollection result = instance.getVendorEvidence();
-        assertTrue(true); //this is just a getter setter pair.
+        assertNotNull(result);
     }
 
     /**
@@ -243,9 +243,8 @@ public class DependencyTest extends BaseTest {
     @Test
     public void testGetProductEvidence() {
         Dependency instance = new Dependency();
-        EvidenceCollection expResult = null;
         EvidenceCollection result = instance.getProductEvidence();
-        assertTrue(true); //this is just a getter setter pair.
+        assertNotNull(result);
     }
 
     /**
@@ -254,9 +253,8 @@ public class DependencyTest extends BaseTest {
     @Test
     public void testGetVersionEvidence() {
         Dependency instance = new Dependency();
-        EvidenceCollection expResult = null;
         EvidenceCollection result = instance.getVersionEvidence();
-        assertTrue(true); //this is just a getter setter pair.
+        assertNotNull(result);
     }
 
     /**

dependency-check-core/src/test/java/org/owasp/dependencycheck/reporting/ReportGeneratorIntegrationTest.java

@@ -53,7 +53,7 @@ public class ReportGeneratorIntegrationTest extends BaseDBTestCase {
      */
     @Test
     public void testGenerateReport() throws Exception {
-        String templateName = "HtmlReport";
+//        String templateName = "HtmlReport";
 //        File f = new File("target/test-reports");
 //        if (!f.exists()) {
 //            f.mkdir();

dependency-check-core/src/test/java/org/owasp/dependencycheck/xml/pom/ModelTest.java

@@ -167,6 +167,7 @@ public class ModelTest extends BaseTest {
         String version = "";
         Model instance = new Model();
         instance.setVersion(version);
+        assertNotNull(instance.getVersion());
     }
 
     /**

dependency-check-core/src/test/java/org/owasp/dependencycheck/xml/suppression/PropertyTypeTest.java

@@ -49,7 +49,6 @@ public class PropertyTypeTest extends BaseTest {
     @Test
     public void testIsRegex() {
         PropertyType instance = new PropertyType();
-        boolean result = instance.isRegex();
         assertFalse(instance.isRegex());
         instance.setRegex(true);
         assertTrue(instance.isRegex());

dependency-check-core/src/test/java/org/owasp/dependencycheck/xml/suppression/SuppressionRuleTest.java

@@ -144,7 +144,6 @@ public class SuppressionRuleTest extends BaseTest {
     @Test
     public void testGetFilePath() {
         //already tested, this is just left so the IDE doesn't recreate it.
-        assertTrue(true);
     }
 
     /**
@@ -153,7 +152,6 @@ public class SuppressionRuleTest extends BaseTest {
     @Test
     public void testSetFilePath() {
         //already tested, this is just left so the IDE doesn't recreate it.
-        assertTrue(true);
     }
 
     /**
@@ -162,7 +160,6 @@ public class SuppressionRuleTest extends BaseTest {
     @Test
     public void testGetSha1() {
         //already tested, this is just left so the IDE doesn't recreate it.
-        assertTrue(true);
     }
 
     /**
@@ -171,7 +168,6 @@ public class SuppressionRuleTest extends BaseTest {
     @Test
     public void testSetSha1() {
         //already tested, this is just left so the IDE doesn't recreate it.
-        assertTrue(true);
     }
 
     /**
@@ -180,7 +176,6 @@ public class SuppressionRuleTest extends BaseTest {
     @Test
     public void testGetCpe() {
         //already tested, this is just left so the IDE doesn't recreate it.
-        assertTrue(true);
     }
 
     /**
@@ -189,7 +184,6 @@ public class SuppressionRuleTest extends BaseTest {
     @Test
     public void testSetCpe() {
         //already tested, this is just left so the IDE doesn't recreate it.
-        assertTrue(true);
     }
 
     /**
@@ -198,7 +192,6 @@ public class SuppressionRuleTest extends BaseTest {
     @Test
     public void testAddCpe() {
         //already tested, this is just left so the IDE doesn't recreate it.
-        assertTrue(true);
     }
 
     /**
@@ -207,7 +200,6 @@ public class SuppressionRuleTest extends BaseTest {
     @Test
     public void testHasCpe() {
         //already tested, this is just left so the IDE doesn't recreate it.
-        assertTrue(true);
     }
 
     /**
@@ -216,7 +208,6 @@ public class SuppressionRuleTest extends BaseTest {
     @Test
     public void testSetCvssBelow() {
         //already tested, this is just left so the IDE doesn't recreate it.
-        assertTrue(true);
     }
 
     /**
@@ -225,7 +216,6 @@ public class SuppressionRuleTest extends BaseTest {
     @Test
     public void testAddCvssBelow() {
         //already tested, this is just left so the IDE doesn't recreate it.
-        assertTrue(true);
     }
 
     /**
@@ -234,7 +224,6 @@ public class SuppressionRuleTest extends BaseTest {
     @Test
     public void testHasCvssBelow() {
         //already tested, this is just left so the IDE doesn't recreate it.
-        assertTrue(true);
     }
 
     /**
@@ -243,7 +232,6 @@ public class SuppressionRuleTest extends BaseTest {
     @Test
     public void testGetCwe() {
         //already tested, this is just left so the IDE doesn't recreate it.
-        assertTrue(true);
     }
 
     /**
@@ -252,7 +240,6 @@ public class SuppressionRuleTest extends BaseTest {
     @Test
     public void testSetCwe() {
         //already tested, this is just left so the IDE doesn't recreate it.
-        assertTrue(true);
     }
 
     /**
@@ -261,7 +248,6 @@ public class SuppressionRuleTest extends BaseTest {
     @Test
     public void testAddCwe() {
         //already tested, this is just left so the IDE doesn't recreate it.
-        assertTrue(true);
     }
 
     /**
@@ -270,7 +256,6 @@ public class SuppressionRuleTest extends BaseTest {
     @Test
     public void testHasCwe() {
         //already tested, this is just left so the IDE doesn't recreate it.
-        assertTrue(true);
     }
 
     /**
@@ -279,7 +264,6 @@ public class SuppressionRuleTest extends BaseTest {
     @Test
     public void testGetCve() {
         //already tested, this is just left so the IDE doesn't recreate it.
-        assertTrue(true);
     }
 
     /**
@@ -288,7 +272,6 @@ public class SuppressionRuleTest extends BaseTest {
     @Test
     public void testSetCve() {
         //already tested, this is just left so the IDE doesn't recreate it.
-        assertTrue(true);
     }
 
     /**

dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/AggregateMojo.java

@@ -52,6 +52,13 @@ import org.owasp.dependencycheck.utils.Settings;
 )
 public class AggregateMojo extends BaseDependencyCheckMojo {
 
+    /**
+     * The name of the report in the site.
+     */
+    @SuppressWarnings("CanBeFinal")
+    @Parameter(property = "name", defaultValue = "dependency-check:aggregate", required = true)
+    private String name = "dependency-check:aggregate";
+
     /**
      * Executes the aggregate dependency-check goal. This runs dependency-check
      * and generates the subsequent reports.
@@ -255,13 +262,6 @@ public class AggregateMojo extends BaseDependencyCheckMojo {
         return true; //aggregate always returns true for now - we can look at a more complicated/acurate solution later
     }
 
-    /**
-     * The name of the report in the site.
-     */
-    @SuppressWarnings("CanBeFinal")
-    @Parameter(property = "name", defaultValue = "dependency-check:aggregate", required = true)
-    private String name = "dependency-check:aggregate";
-
     /**
      * Returns the report name.
      *

dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java

@@ -80,6 +80,10 @@ public abstract class BaseDependencyCheckMojo extends AbstractMojo implements Ma
      * System specific new line character.
      */
     private static final String NEW_LINE = System.getProperty("line.separator", "\n").intern();
+    /**
+     * A flag indicating whether or not the Maven site is being generated.
+     */
+    private boolean generatingSite = false;
     //</editor-fold>
     // <editor-fold defaultstate="collapsed" desc="Maven bound parameters and components">
     /**
@@ -93,15 +97,6 @@ public abstract class BaseDependencyCheckMojo extends AbstractMojo implements Ma
     @Parameter(property = "failOnError", defaultValue = "true", required = true)
     private boolean failOnError;
 
-    /**
-     * Returns if the mojo should fail the build if an exception occurs.
-     *
-     * @return whether or not the mojo should fail the build
-     */
-    protected boolean isFailOnError() {
-        return failOnError;
-    }
-
     /**
      * The Maven Project Object.
      */
@@ -343,14 +338,6 @@ public abstract class BaseDependencyCheckMojo extends AbstractMojo implements Ma
     @Parameter(property = "connectionString", defaultValue = "", required = false)
     private String connectionString;
 
-    /**
-     * Returns the connection string.
-     *
-     * @return the connection string
-     */
-    protected String getConnectionString() {
-        return connectionString;
-    }
     /**
      * The database driver name. An example would be org.h2.Driver.
      */
@@ -473,9 +460,9 @@ public abstract class BaseDependencyCheckMojo extends AbstractMojo implements Ma
     @Parameter(property = "externalReport")
     @Deprecated
     private String externalReport = null;
+    
     // </editor-fold>
     //<editor-fold defaultstate="collapsed" desc="Base Maven implementation">
-
     /**
      * Executes dependency-check.
      *
@@ -526,11 +513,6 @@ public abstract class BaseDependencyCheckMojo extends AbstractMojo implements Ma
         generate((Sink) sink, locale);
     }
 
-    /**
-     * A flag indicating whether or not the maven site is being generated.
-     */
-    private boolean generatingSite = false;
-
     /**
      * Returns true if the Maven site is being generated.
      *
@@ -540,6 +522,23 @@ public abstract class BaseDependencyCheckMojo extends AbstractMojo implements Ma
         return generatingSite;
     }
 
+    /**
+     * Returns the connection string.
+     *
+     * @return the connection string
+     */
+    protected String getConnectionString() {
+        return connectionString;
+    }
+    /**
+     * Returns if the mojo should fail the build if an exception occurs.
+     *
+     * @return whether or not the mojo should fail the build
+     */
+    protected boolean isFailOnError() {
+        return failOnError;
+    }
+
     /**
      * Generates the Dependency-Check Site Report.
      *

dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/CheckMojo.java

@@ -46,6 +46,13 @@ import org.owasp.dependencycheck.utils.Settings;
 )
 public class CheckMojo extends BaseDependencyCheckMojo {
 
+    /**
+     * The name of the report in the site.
+     */
+    @SuppressWarnings("CanBeFinal")
+    @Parameter(property = "name", defaultValue = "dependency-check", required = true)
+    private String name = "dependency-check";
+
     /**
      * Returns whether or not a the report can be generated.
      *
@@ -126,13 +133,6 @@ public class CheckMojo extends BaseDependencyCheckMojo {
         Settings.cleanup();
     }
 
-    /**
-     * The name of the report in the site.
-     */
-    @SuppressWarnings("CanBeFinal")
-    @Parameter(property = "name", defaultValue = "dependency-check", required = true)
-    private String name = "dependency-check";
-
     /**
      * Returns the report name.
      *

dependency-check-utils/src/main/java/org/owasp/dependencycheck/utils/SSLSocketFactoryEx.java

@@ -34,6 +34,15 @@ public class SSLSocketFactoryEx extends SSLSocketFactory {
      */
     private static final Logger LOGGER = LoggerFactory.getLogger(SSLSocketFactoryEx.class);
 
+    /**
+     * The SSL context.
+     */
+    private SSLContext sslCtxt;
+    /**
+     * The protocols.
+     */
+    private String[] protocols;
+
     /**
      * Constructs a new SSLSocketFactory.
      *
@@ -284,13 +293,4 @@ public class SSLSocketFactoryEx extends SSLSocketFactory {
 
         return aa.toArray(new String[0]);
     }
-
-    /**
-     * The SSL context.
-     */
-    private SSLContext sslCtxt;
-    /**
-     * The protocols.
-     */
-    private String[] protocols;
 }

dependency-check-utils/src/main/java/org/owasp/dependencycheck/utils/Settings.java

@@ -38,6 +38,28 @@ import java.util.Properties;
  * @author Jeremy Long
  */
 public final class Settings {
+    /**
+     * The logger.
+     */
+    private static final Logger LOGGER = LoggerFactory.getLogger(Settings.class);
+    /**
+     * The properties file location.
+     */
+    private static final String PROPERTIES_FILE = "dependencycheck.properties";
+    /**
+     * Thread local settings.
+     */
+    private static final ThreadLocal<Settings> LOCAL_SETTINGS = new ThreadLocal<Settings>();
+    /**
+     * The properties.
+     */
+    private Properties props = null;
+
+    /**
+     * A reference to the temporary directory; used incase it needs to be
+     * deleted during cleanup.
+     */
+    private static File tempDirectory = null;
 
     //<editor-fold defaultstate="collapsed" desc="KEYS used to access settings">
     /**
@@ -403,22 +425,6 @@ public final class Settings {
     }
     //</editor-fold>
 
-    /**
-     * The logger.
-     */
-    private static final Logger LOGGER = LoggerFactory.getLogger(Settings.class);
-    /**
-     * The properties file location.
-     */
-    private static final String PROPERTIES_FILE = "dependencycheck.properties";
-    /**
-     * Thread local settings.
-     */
-    private static final ThreadLocal<Settings> LOCAL_SETTINGS = new ThreadLocal<Settings>();
-    /**
-     * The properties.
-     */
-    private Properties props = null;
 
     /**
      * Private constructor for the Settings class. This class loads the
@@ -788,12 +794,6 @@ public final class Settings {
         return str;
     }
 
-    /**
-     * A reference to the temporary directory; used incase it needs to be
-     * deleted during cleanup.
-     */
-    private static File tempDirectory = null;
-
     /**
      * Returns the temporary directory.
      *

dependency-check-utils/src/test/java/org/owasp/dependencycheck/utils/ExpectedOjectInputStreamTest.java

@@ -24,11 +24,7 @@ import java.io.IOException;
 import java.io.ObjectOutputStream;
 import java.util.ArrayList;
 import java.util.List;
-import org.junit.After;
-import org.junit.AfterClass;
 import static org.junit.Assert.fail;
-import org.junit.Before;
-import org.junit.BeforeClass;
 import org.junit.Test;
 
 /**
@@ -37,25 +33,6 @@ import org.junit.Test;
  */
 public class ExpectedOjectInputStreamTest {
 
-    public ExpectedOjectInputStreamTest() {
-    }
-
-    @BeforeClass
-    public static void setUpClass() {
-    }
-
-    @AfterClass
-    public static void tearDownClass() {
-    }
-
-    @Before
-    public void setUp() {
-    }
-
-    @After
-    public void tearDown() {
-    }
-
     /**
      * Test of resolveClass method, of class ExpectedOjectInputStream.
      */