checkstyle corrections

Former-commit-id: f9ae61d41ba01b6931892a339a9b701ae3c91ce2
2026-01-13 23:33:37 +01:00 · 2014-05-10 07:13:07 -04:00
parent 90bdbd6b84
commit ffeab147ce
3 changed files with 26 additions and 14 deletions
--- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/ArchiveAnalyzer.java
+++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/ArchiveAnalyzer.java
@@ -467,11 +467,11 @@ public class ArchiveAnalyzer extends AbstractFileTypeAnalyzer {
            zip = new ZipFile(dependency.getActualFilePath());
            if (zip.getEntry("META-INF/MANIFEST.MF") != null
                    || zip.getEntry("META-INF/maven") != null) {
-                Enumeration<ZipArchiveEntry> entries = zip.getEntries();
+                final Enumeration<ZipArchiveEntry> entries = zip.getEntries();
                while (entries.hasMoreElements()) {
-                    ZipArchiveEntry entry = entries.nextElement();
+                    final ZipArchiveEntry entry = entries.nextElement();
                    if (!entry.isDirectory()) {
-                        String name = entry.getName().toLowerCase();
+                        final String name = entry.getName().toLowerCase();
                        if (name.endsWith(".class")) {
                            isJar = true;
                            break;
--- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/AssemblyAnalyzer.java
+++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/AssemblyAnalyzer.java
@@ -137,7 +137,7 @@ public class AssemblyAnalyzer extends AbstractFileTypeAnalyzer {
            } else if (rc != 0) {
                LOGGER.log(Level.WARNING, "analyzer.AssemblyAnalyzer.grokassembly.rc", rc);
            }
-            
+
            final XPath xpath = XPathFactory.newInstance().newXPath();

            // First, see if there was an error
--- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/FalsePositiveAnalyzer.java
+++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/FalsePositiveAnalyzer.java
@@ -347,24 +347,24 @@ public class FalsePositiveAnalyzer extends AbstractAnalyzer {
     */
    private void removeDuplicativeEntriesFromJar(Dependency dependency, Engine engine) {
        if (dependency.getFileName().toLowerCase().endsWith("pom.xml")
-                || dependency.getFileExtension().equals("dll")
-                || dependency.getFileExtension().equals("exe")) {
+                || "dll".equals(dependency.getFileExtension())
+                || "exe".equals(dependency.getFileExtension())) {
            String parentPath = dependency.getFilePath().toLowerCase();
            if (parentPath.contains(".jar")) {
                parentPath = parentPath.substring(0, parentPath.indexOf(".jar") + 4);
-                Dependency parent = findDependency(parentPath, engine.getDependencies());
+                final Dependency parent = findDependency(parentPath, engine.getDependencies());
                if (parent != null) {
                    boolean remove = false;
                    for (Identifier i : dependency.getIdentifiers()) {
                        if ("cpe".equals(i.getType())) {
-                            String trimmedCPE = trimCpeToVendor(i.getValue());
+                            final String trimmedCPE = trimCpeToVendor(i.getValue());
                            for (Identifier parentId : parent.getIdentifiers()) {
                                if ("cpe".equals(parentId.getType()) && parentId.getValue().startsWith(trimmedCPE)) {
                                    remove |= true;
                                }
                            }
                        }
-                        if (remove == false) {
+                        if (!remove) { //we can escape early
                            return;
                        }
                    }
@@ -377,24 +377,36 @@ public class FalsePositiveAnalyzer extends AbstractAnalyzer {
        }
    }

-    private Dependency findDependency(String parentPath, List<Dependency> dependencies) {
+    /**
+     * Retrieves a given dependency, based on a given path, from a list of dependencies.
+     *
+     * @param dependencyPath the path of the dependency to return
+     * @param dependencies the collection of dependencies to search
+     * @return the dependency object for the given path, otherwise null
+     */
+    private Dependency findDependency(String dependencyPath, List<Dependency> dependencies) {
        for (Dependency d : dependencies) {
-            if (d.getFilePath().equalsIgnoreCase(parentPath)) {
+            if (d.getFilePath().equalsIgnoreCase(dependencyPath)) {
                return d;
            }
        }
        return null;
    }

+    /**
+     * Takes a full CPE and returns the CPE trimmed to include only vendor and product.
+     *
+     * @param value the CPE value to trim
+     * @return a CPE value that only includes the vendor and product
+     */
    private String trimCpeToVendor(String value) {
        //cpe:/a:jruby:jruby:1.0.8
-        int pos1 = value.indexOf(":", 7); //right of vendor
-        int pos2 = value.indexOf(":", pos1 + 1); //right of product
+        final int pos1 = value.indexOf(":", 7); //right of vendor
+        final int pos2 = value.indexOf(":", pos1 + 1); //right of product
        if (pos2 < 0) {
            return value;
        } else {
            return value.substring(0, pos2);
        }
-
    }
 }