toYearRange(Settings settings, ZonedDateTime now) {
// for establishing the current year use the timezone where the new year starts first
// as from that moment on CNAs might start assigning CVEs with the new year depending
// on the CNA's timezone
@@ -714,11 +714,11 @@ protected static FeedUrl extractFromUrlOptionalPattern(String url) {
return new Pair<>(startYear, endYear);
}
- private @NotNull ZonedDateTime getLastModifiedFor(int year) throws UpdateException {
+ private @NonNull ZonedDateTime getLastModifiedFor(int year) throws UpdateException {
return getLastModifiedFor(String.valueOf(year));
}
- private @NotNull ZonedDateTime getLastModifiedFor(String fileVersion) throws UpdateException {
+ private @NonNull ZonedDateTime getLastModifiedFor(String fileVersion) throws UpdateException {
try {
String content = Downloader.getInstance().fetchContent(toFormattedUrl(fileVersion), UTF_8);
Properties props = new Properties();
diff --git a/core/src/main/java/org/owasp/dependencycheck/dependency/Evidence.java b/core/src/main/java/org/owasp/dependencycheck/dependency/Evidence.java
index a726d613850..4025b5a1c9f 100644
--- a/core/src/main/java/org/owasp/dependencycheck/dependency/Evidence.java
+++ b/core/src/main/java/org/owasp/dependencycheck/dependency/Evidence.java
@@ -21,7 +21,7 @@
import org.apache.commons.lang3.builder.CompareToBuilder;
import org.apache.commons.lang3.builder.EqualsBuilder;
import org.apache.commons.lang3.builder.HashCodeBuilder;
-import org.jetbrains.annotations.NotNull;
+import org.jspecify.annotations.NonNull;
import java.io.Serializable;
import javax.annotation.concurrent.ThreadSafe;
@@ -235,7 +235,7 @@ public boolean equals(Object obj) {
* @return an integer indicating the ordering of the two objects
*/
@Override
- public int compareTo(@NotNull Evidence o) {
+ public int compareTo(@NonNull Evidence o) {
return new CompareToBuilder()
.append(this.source == null ? null : this.source.toLowerCase(), o.source == null ? null : o.source.toLowerCase())
.append(this.name == null ? null : this.name.toLowerCase(), o.name == null ? null : o.name.toLowerCase())
diff --git a/core/src/main/java/org/owasp/dependencycheck/dependency/Reference.java b/core/src/main/java/org/owasp/dependencycheck/dependency/Reference.java
index 2922e8a185d..e3f14284084 100644
--- a/core/src/main/java/org/owasp/dependencycheck/dependency/Reference.java
+++ b/core/src/main/java/org/owasp/dependencycheck/dependency/Reference.java
@@ -22,7 +22,7 @@
import org.apache.commons.lang3.builder.CompareToBuilder;
import org.apache.commons.lang3.builder.EqualsBuilder;
import org.apache.commons.lang3.builder.HashCodeBuilder;
-import org.jetbrains.annotations.NotNull;
+import org.jspecify.annotations.NonNull;
/**
* An external reference for a vulnerability. This contains a name, URL, and a
@@ -160,7 +160,7 @@ public int hashCode() {
* @return an integer indicating the ordering of the two objects
*/
@Override
- public int compareTo(@NotNull Reference o) {
+ public int compareTo(@NonNull Reference o) {
return new CompareToBuilder()
.append(source, o.source)
.append(name, o.name)
diff --git a/core/src/main/java/org/owasp/dependencycheck/dependency/Vulnerability.java b/core/src/main/java/org/owasp/dependencycheck/dependency/Vulnerability.java
index 395dd3d38bd..118a2deb932 100644
--- a/core/src/main/java/org/owasp/dependencycheck/dependency/Vulnerability.java
+++ b/core/src/main/java/org/owasp/dependencycheck/dependency/Vulnerability.java
@@ -31,7 +31,7 @@
import org.apache.commons.lang3.builder.CompareToBuilder;
import org.apache.commons.lang3.builder.EqualsBuilder;
import org.apache.commons.lang3.builder.HashCodeBuilder;
-import org.jetbrains.annotations.NotNull;
+import org.jspecify.annotations.NonNull;
import org.owasp.dependencycheck.utils.SeverityUtil;
/**
@@ -506,7 +506,7 @@ public String toString() {
* @see #bestEffortSeverityLevelForSorting()
*/
@Override
- public int compareTo(@NotNull Vulnerability o) {
+ public int compareTo(@NonNull Vulnerability o) {
return new CompareToBuilder()
.append(o.bestEffortSeverityLevelForSorting(), this.bestEffortSeverityLevelForSorting())
.append(this.name, o.name)
@@ -529,7 +529,7 @@ public int compareTo(@NotNull Vulnerability o) {
* highest CVSSv2 HIGH and the lowest CVSSv3 CRITICAL severity level.
*
* @see SeverityUtil#estimatedSortAdjustedCVSSv3(String)
- * @see SeverityUtil#sortAdjustedCVSSv3BaseScore(float)
+ * @see SeverityUtil#sortAdjustedCVSSv3BaseScore(Double)
* @return A float value that allows for best-effort sorting on
* vulnerability severity
*/
diff --git a/core/src/main/java/org/owasp/dependencycheck/dependency/VulnerableSoftware.java b/core/src/main/java/org/owasp/dependencycheck/dependency/VulnerableSoftware.java
index 6225be01f27..fbf63b57e06 100644
--- a/core/src/main/java/org/owasp/dependencycheck/dependency/VulnerableSoftware.java
+++ b/core/src/main/java/org/owasp/dependencycheck/dependency/VulnerableSoftware.java
@@ -26,7 +26,7 @@
import org.apache.commons.lang3.builder.CompareToBuilder;
import org.apache.commons.lang3.builder.EqualsBuilder;
import org.apache.commons.lang3.builder.HashCodeBuilder;
-import org.jetbrains.annotations.NotNull;
+import org.jspecify.annotations.NonNull;
import org.owasp.dependencycheck.analyzer.exception.UnexpectedAnalysisException;
import org.owasp.dependencycheck.dependency.naming.CpeIdentifier;
import org.owasp.dependencycheck.utils.DependencyVersion;
@@ -134,7 +134,7 @@ private static String normalizeForComparison(String s) {
}
@Override
- public int compareTo(@NotNull ICpe o) {
+ public int compareTo(@NonNull ICpe o) {
if (o instanceof VulnerableSoftware) {
final VulnerableSoftware other = (VulnerableSoftware) o;
return new CompareToBuilder()
diff --git a/core/src/main/java/org/owasp/dependencycheck/dependency/naming/CpeIdentifier.java b/core/src/main/java/org/owasp/dependencycheck/dependency/naming/CpeIdentifier.java
index 0f6dc48006b..d10a3e5ad53 100644
--- a/core/src/main/java/org/owasp/dependencycheck/dependency/naming/CpeIdentifier.java
+++ b/core/src/main/java/org/owasp/dependencycheck/dependency/naming/CpeIdentifier.java
@@ -21,7 +21,7 @@
import org.apache.commons.lang3.builder.EqualsBuilder;
import org.apache.commons.lang3.builder.HashCodeBuilder;
import org.apache.hc.core5.net.PercentCodec;
-import org.jetbrains.annotations.NotNull;
+import org.jspecify.annotations.NonNull;
import org.owasp.dependencycheck.dependency.Confidence;
import us.springett.parsers.cpe.Cpe;
import us.springett.parsers.cpe.CpeBuilder;
@@ -190,7 +190,7 @@ public boolean equals(Object obj) {
}
@Override
- public int compareTo(@NotNull Identifier o) {
+ public int compareTo(@NonNull Identifier o) {
if (o instanceof CpeIdentifier) {
final CpeIdentifier other = (CpeIdentifier) o;
return new CompareToBuilder()
diff --git a/core/src/main/java/org/owasp/dependencycheck/dependency/naming/GenericIdentifier.java b/core/src/main/java/org/owasp/dependencycheck/dependency/naming/GenericIdentifier.java
index 5ce7b437ca1..d01639d23e6 100644
--- a/core/src/main/java/org/owasp/dependencycheck/dependency/naming/GenericIdentifier.java
+++ b/core/src/main/java/org/owasp/dependencycheck/dependency/naming/GenericIdentifier.java
@@ -21,7 +21,7 @@
import org.apache.commons.lang3.builder.CompareToBuilder;
import org.apache.commons.lang3.builder.EqualsBuilder;
import org.apache.commons.lang3.builder.HashCodeBuilder;
-import org.jetbrains.annotations.NotNull;
+import org.jspecify.annotations.NonNull;
import org.owasp.dependencycheck.dependency.Confidence;
/**
@@ -189,7 +189,7 @@ public String toString() {
* @return an integer indicating the ordering
*/
@Override
- public int compareTo(@NotNull Identifier o) {
+ public int compareTo(@NonNull Identifier o) {
return new CompareToBuilder()
.append(this.value, o.toString())
.append(this.url, o.getUrl())
diff --git a/core/src/main/java/org/owasp/dependencycheck/dependency/naming/PurlIdentifier.java b/core/src/main/java/org/owasp/dependencycheck/dependency/naming/PurlIdentifier.java
index ea74f2329fa..702b5c41692 100644
--- a/core/src/main/java/org/owasp/dependencycheck/dependency/naming/PurlIdentifier.java
+++ b/core/src/main/java/org/owasp/dependencycheck/dependency/naming/PurlIdentifier.java
@@ -19,7 +19,7 @@
import com.github.packageurl.MalformedPackageURLException;
import org.apache.commons.lang3.builder.CompareToBuilder;
-import org.jetbrains.annotations.NotNull;
+import org.jspecify.annotations.NonNull;
import org.owasp.dependencycheck.dependency.Confidence;
import com.github.packageurl.PackageURL;
import com.github.packageurl.PackageURLBuilder;
@@ -212,7 +212,7 @@ public String toGav() {
}
@Override
- public int compareTo(@NotNull Identifier o) {
+ public int compareTo(@NonNull Identifier o) {
if (o instanceof PurlIdentifier) {
final PurlIdentifier other = (PurlIdentifier) o;
return new CompareToBuilder()
diff --git a/core/src/main/java/org/owasp/dependencycheck/utils/DependencyVersion.java b/core/src/main/java/org/owasp/dependencycheck/utils/DependencyVersion.java
index 7f14f4e3f43..144816cec27 100644
--- a/core/src/main/java/org/owasp/dependencycheck/utils/DependencyVersion.java
+++ b/core/src/main/java/org/owasp/dependencycheck/utils/DependencyVersion.java
@@ -25,7 +25,7 @@
import javax.annotation.concurrent.NotThreadSafe;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.builder.HashCodeBuilder;
-import org.jetbrains.annotations.NotNull;
+import org.jspecify.annotations.NonNull;
/**
*
@@ -113,7 +113,7 @@ public void setVersionParts(List versionParts) {
*
* @return an iterator for the version parts
*/
- @NotNull
+ @NonNull
@Override
public Iterator iterator() {
return versionParts.iterator();
@@ -232,10 +232,7 @@ public boolean matchesAtLeastThreeLevels(DependencyVersion version) {
}
@Override
- public int compareTo(@NotNull DependencyVersion version) {
- if (version == null) {
- return 1;
- }
+ public int compareTo(@NonNull DependencyVersion version) {
final List left = this.getVersionParts();
final List right = version.getVersionParts();
final int max = Math.min(left.size(), right.size());
diff --git a/core/src/main/java/org/owasp/dependencycheck/utils/Filter.java b/core/src/main/java/org/owasp/dependencycheck/utils/Filter.java
index bbbaf0602f1..28fde4b169e 100644
--- a/core/src/main/java/org/owasp/dependencycheck/utils/Filter.java
+++ b/core/src/main/java/org/owasp/dependencycheck/utils/Filter.java
@@ -1,6 +1,5 @@
package org.owasp.dependencycheck.utils;
-import org.jetbrains.annotations.NotNull;
import java.util.Iterator;
import java.util.NoSuchElementException;
diff --git a/core/src/main/java/org/owasp/dependencycheck/xml/XmlInputStream.java b/core/src/main/java/org/owasp/dependencycheck/xml/XmlInputStream.java
index 68d7fc13ec9..4f4026ed112 100644
--- a/core/src/main/java/org/owasp/dependencycheck/xml/XmlInputStream.java
+++ b/core/src/main/java/org/owasp/dependencycheck/xml/XmlInputStream.java
@@ -5,7 +5,7 @@
import java.io.InputStream;
import javax.annotation.concurrent.NotThreadSafe;
-import org.jetbrains.annotations.NotNull;
+import org.jspecify.annotations.NonNull;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -212,7 +212,7 @@ public int read() throws IOException {
* stream
*/
@Override
- public int read(@NotNull byte[] data, int offset, int length) throws IOException {
+ public int read(@NonNull byte[] data, int offset, int length) throws IOException {
final StringBuilder s = read(length);
int n = 0;
for (int i = 0; i < Math.min(length, s.length()); i++) {
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/lucene/AlphaNumericFilterTest.java b/core/src/test/java/org/owasp/dependencycheck/data/lucene/AlphaNumericFilterTest.java
index 5f5c52ee148..17fadad7c8a 100644
--- a/core/src/test/java/org/owasp/dependencycheck/data/lucene/AlphaNumericFilterTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/data/lucene/AlphaNumericFilterTest.java
@@ -17,100 +17,40 @@
*/
package org.owasp.dependencycheck.data.lucene;
-import java.io.IOException;
-import org.apache.lucene.analysis.Analyzer;
-import org.apache.lucene.tests.analysis.BaseTokenStreamTestCase;
-import static org.apache.lucene.tests.analysis.BaseTokenStreamTestCase.checkOneTerm;
-import static org.apache.lucene.tests.analysis.BaseTokenStreamTestCase.checkRandomData;
-import org.apache.lucene.tests.analysis.MockTokenizer;
-import org.apache.lucene.analysis.Tokenizer;
-import org.apache.lucene.analysis.core.KeywordTokenizer;
-import static org.apache.lucene.tests.util.LuceneTestCase.RANDOM_MULTIPLIER;
-import static org.apache.lucene.tests.util.LuceneTestCase.random;
-import org.junit.Test;
-import static org.junit.Assert.*;
-import org.junit.Before;
+import org.apache.lucene.analysis.TokenFilter;
+import org.apache.lucene.analysis.TokenStream;
+import org.hamcrest.Matchers;
+import org.jspecify.annotations.NonNull;
+import org.junit.jupiter.api.Test;
+
+import java.util.List;
+
+import static org.hamcrest.MatcherAssert.assertThat;
/**
*
* @author Jeremy Long
*/
-public class AlphaNumericFilterTest extends BaseTokenStreamTestCase {
-
- private Analyzer analyzer;
-
- @Before
- @Override
- public void setUp() throws Exception {
- super.setUp();
- analyzer = new Analyzer() {
- @Override
- protected Analyzer.TokenStreamComponents createComponents(String fieldName) {
- Tokenizer source = new MockTokenizer(MockTokenizer.WHITESPACE, false);
- return new Analyzer.TokenStreamComponents(source, new AlphaNumericFilter(source));
- }
- };
- }
+public class AlphaNumericFilterTest extends BaseTokenFilterTest {
- /**
- * Test of incrementToken method, of class AlphaNumericFilter.
- *
- * @throws Exception thrown if there is a problem
- */
@Test
public void testIncrementToken() throws Exception {
- String[] expected = new String[6];
- expected[0] = "http";
- expected[1] = "www";
- expected[2] = "domain";
- expected[3] = "com";
- expected[4] = "test";
- expected[5] = "php";
- assertAnalyzesTo(analyzer, "http://www.domain.com/test.php", expected);
+ assertThat(processAllFrom("http://www.domain.com/test.php"), Matchers.contains("http", "www", "domain", "com", "test", "php"));
}
- /**
- * Test of incrementToken method, of class AlphaNumericFilter.
- *
- * @throws Exception thrown if there is a problem
- */
@Test
public void testGarbage() throws Exception {
- String[] expected = new String[2];
- expected[0] = "test";
- expected[1] = "two";
- assertAnalyzesTo(analyzer, "!@#$% !@#$ &*(@#$ test-two @#$%", expected);
+ assertThat(processAllFrom("!@#$% !@#$ &*(@#$ test-two @#$%"), Matchers.contains("test", "two"));
}
- /**
- * copied from
- * http://svn.apache.org/repos/asf/lucene/dev/trunk/lucene/analysis/common/src/test/org/apache/lucene/analysis/en/TestEnglishMinimalStemFilter.java
- * blast some random strings through the analyzer
- */
- @Test
- public void testRandomStrings() {
- try {
- checkRandomData(random(), analyzer, 1000 * RANDOM_MULTIPLIER);
- } catch (IOException ex) {
- fail("Failed test random strings: " + ex.getMessage());
- }
- }
-
- /**
- * copied from
- * http://svn.apache.org/repos/asf/lucene/dev/trunk/lucene/analysis/common/src/test/org/apache/lucene/analysis/en/TestEnglishMinimalStemFilter.java
- *
- * @throws IOException
- */
- @Test
- public void testEmptyTerm() throws IOException {
- Analyzer a = new Analyzer() {
+ @Override
+ TokenFilter newFilter(@NonNull final TokenStream stream, List terms) {
+ return new AlphaNumericFilter(stream) {
@Override
- protected Analyzer.TokenStreamComponents createComponents(String fieldName) {
- Tokenizer tokenizer = new KeywordTokenizer();
- return new Analyzer.TokenStreamComponents(tokenizer, new AlphaNumericFilter(tokenizer));
+ protected void appendTerm(String term) {
+ super.appendTerm(term);
+ terms.add(term);
}
};
- checkOneTerm(a, "", "");
}
}
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/lucene/BaseTokenFilterTest.java b/core/src/test/java/org/owasp/dependencycheck/data/lucene/BaseTokenFilterTest.java
new file mode 100644
index 00000000000..83fd70874b7
--- /dev/null
+++ b/core/src/test/java/org/owasp/dependencycheck/data/lucene/BaseTokenFilterTest.java
@@ -0,0 +1,55 @@
+package org.owasp.dependencycheck.data.lucene;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.apache.lucene.analysis.Analyzer;
+import org.apache.lucene.analysis.TokenFilter;
+import org.apache.lucene.analysis.TokenStream;
+import org.apache.lucene.analysis.core.KeywordAnalyzer;
+import org.jspecify.annotations.NonNull;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.RepeatedTest;
+
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.List;
+
+import static org.junit.jupiter.api.Assertions.assertDoesNotThrow;
+
+public abstract class BaseTokenFilterTest {
+ private Analyzer analyzer;
+
+ @BeforeEach
+ public void setUp() throws Exception {
+ analyzer = new KeywordAnalyzer();
+ }
+
+ @AfterEach
+ public void tearDown() throws Exception {
+ analyzer.close();
+ }
+
+ @RepeatedTest(1000)
+ public void testRandomStrings() {
+ String input = RandomStringUtils.insecure().nextAlphanumeric(1, 1000);
+ assertDoesNotThrow(() -> processAllFrom(input), () -> "Failed to process input: " + input);
+ }
+
+ protected @NonNull TokenStream freshTokenStream(String input) throws IOException {
+ TokenStream dummy = analyzer.tokenStream("dummy", input);
+ dummy.reset();
+ return dummy;
+ }
+
+ @NonNull
+ protected List processAllFrom(String input) throws IOException {
+ List terms = new ArrayList<>();
+ try (TokenFilter filter = newFilter(freshTokenStream(input), terms)) {
+ //noinspection StatementWithEmptyBody
+ while (filter.incrementToken()) {}
+ return terms;
+ }
+ }
+
+ abstract TokenFilter newFilter(@NonNull final TokenStream stream, List terms);
+}
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/lucene/TokenPairConcatenatingFilterTest.java b/core/src/test/java/org/owasp/dependencycheck/data/lucene/TokenPairConcatenatingFilterTest.java
index 49aedacabf4..60250fd6dcd 100644
--- a/core/src/test/java/org/owasp/dependencycheck/data/lucene/TokenPairConcatenatingFilterTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/data/lucene/TokenPairConcatenatingFilterTest.java
@@ -17,82 +17,33 @@
*/
package org.owasp.dependencycheck.data.lucene;
-import java.io.IOException;
-import org.apache.lucene.analysis.Analyzer;
-import org.apache.lucene.tests.analysis.BaseTokenStreamTestCase;
-import static org.apache.lucene.tests.analysis.BaseTokenStreamTestCase.checkOneTerm;
-import org.apache.lucene.tests.analysis.MockTokenizer;
-import org.apache.lucene.analysis.Tokenizer;
-import org.apache.lucene.analysis.core.KeywordTokenizer;
-import static org.junit.Assert.fail;
-import org.junit.Before;
-import org.junit.Test;
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.hamcrest.Matchers.contains;
-/**
- *
- * @author Jeremy Long
- */
-public class TokenPairConcatenatingFilterTest extends BaseTokenStreamTestCase {
+import org.apache.lucene.analysis.TokenFilter;
+import org.apache.lucene.analysis.TokenStream;
+import org.jspecify.annotations.NonNull;
+import org.junit.jupiter.api.Disabled;
+import org.junit.jupiter.api.Test;
+
+import java.util.List;
+
+public class TokenPairConcatenatingFilterTest extends BaseTokenFilterTest {
-// private Analyzer analyzer;
-//
-// @Before
-// @Override
-// public void setUp() throws Exception {
-// super.setUp();
-// analyzer = new Analyzer() {
-// @Override
-// protected Analyzer.TokenStreamComponents createComponents(String fieldName) {
-// Tokenizer source = new MockTokenizer(MockTokenizer.WHITESPACE, false);
-// return new Analyzer.TokenStreamComponents(source, new TokenPairConcatenatingFilter(source));
-// }
-// };
-// }
-//
-// /**
-// * Test of incrementToken method, of class TokenPairConcatenatingFilter.
-// */
-// @Test
-// public void testIncrementToken() throws Exception {
-// String[] expected = new String[5];
-// expected[0] = "red";
-// expected[1] = "redblue";
-// expected[2] = "blue";
-// expected[3] = "bluegreen";
-// expected[4] = "green";
-// assertAnalyzesTo(analyzer, "red blue green", expected);
-// }
-// /**
-// * copied from
-// * http://svn.apache.org/repos/asf/lucene/dev/trunk/lucene/analysis/common/src/test/org/apache/lucene/analysis/en/TestEnglishMinimalStemFilter.java
-// * blast some random strings through the analyzer
-// */
-// public void testRandomStrings() {
-// try {
-// checkRandomData(random(), analyzer, 1000 * RANDOM_MULTIPLIER);
-// } catch (IOException ex) {
-// fail("Failed test random strings: " + ex.getMessage());
-// }
-// }
- /**
- * copied from
- * http://svn.apache.org/repos/asf/lucene/dev/trunk/lucene/analysis/common/src/test/org/apache/lucene/analysis/en/TestEnglishMinimalStemFilter.java
- *
- * @throws IOException
- */
@Test
- public void testEmptyTerm() {
- Analyzer a = new Analyzer() {
+ @Disabled("Has been broken since change to reset logic in 74ff6d99e78eaef15c595fe35d7ed12d8c22a7a9")
+ public void testIncrementToken() throws Exception {
+ assertThat(processAllFrom("red blue green"), contains("red", "redblue", "blue", "bluegreen", "green"));
+ }
+
+ @Override
+ TokenFilter newFilter(@NonNull final TokenStream stream, List terms) {
+ return new TokenPairConcatenatingFilter(stream) {
@Override
- protected Analyzer.TokenStreamComponents createComponents(String fieldName) {
- Tokenizer tokenizer = new KeywordTokenizer();
- return new Analyzer.TokenStreamComponents(tokenizer, new TokenPairConcatenatingFilter(tokenizer));
+ protected void appendTerm(String term) {
+ super.appendTerm(term);
+ terms.add(term);
}
};
- try {
- checkOneTerm(a, "", "");
- } catch (IOException ex) {
- fail("Failed test random strings: " + ex.getMessage());
- }
}
}
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/lucene/UrlTokenizingFilterTest.java b/core/src/test/java/org/owasp/dependencycheck/data/lucene/UrlTokenizingFilterTest.java
index fd25509743a..8c8930cf308 100644
--- a/core/src/test/java/org/owasp/dependencycheck/data/lucene/UrlTokenizingFilterTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/data/lucene/UrlTokenizingFilterTest.java
@@ -17,73 +17,35 @@
*/
package org.owasp.dependencycheck.data.lucene;
-import java.io.IOException;
-import org.apache.lucene.analysis.Analyzer;
-import org.apache.lucene.tests.analysis.BaseTokenStreamTestCase;
-import org.apache.lucene.tests.analysis.MockTokenizer;
-import org.apache.lucene.analysis.Tokenizer;
-import org.apache.lucene.analysis.core.KeywordTokenizer;
-import org.junit.Test;
+import org.apache.lucene.analysis.TokenFilter;
+import org.apache.lucene.analysis.TokenStream;
+import org.hamcrest.Matchers;
+import org.jspecify.annotations.NonNull;
+import org.junit.jupiter.api.Test;
+
+import java.util.List;
+
+import static org.hamcrest.MatcherAssert.assertThat;
/**
*
* @author Jeremy Long
*/
-public class UrlTokenizingFilterTest extends BaseTokenStreamTestCase {
-
- private final Analyzer analyzer;
-
- public UrlTokenizingFilterTest() {
- analyzer = new Analyzer() {
- @Override
- protected TokenStreamComponents createComponents(String fieldName) {
- Tokenizer source = new MockTokenizer(MockTokenizer.WHITESPACE, false);
- return new TokenStreamComponents(source, new UrlTokenizingFilter(source));
- }
- };
- }
-
- /**
- * test some example domains
- */
- @Test
- public void testExamples() throws IOException {
- String[] expected = new String[2];
- expected[0] = "domain";
- expected[1] = "test";
- assertAnalyzesTo(analyzer, "http://www.domain.com/test.php", expected);
- checkOneTerm(analyzer, "https://apache.org", "apache");
- }
-
- /**
- * copied from
- * http://svn.apache.org/repos/asf/lucene/dev/trunk/lucene/analysis/common/src/test/org/apache/lucene/analysis/en/TestEnglishMinimalStemFilter.java
- * blast some random strings through the analyzer
- */
+public class UrlTokenizingFilterTest extends BaseTokenFilterTest {
@Test
- public void testRandomStrings() {
- try {
- checkRandomData(random(), analyzer, 1000 * RANDOM_MULTIPLIER);
- } catch (IOException ex) {
- fail("Failed test random strings: " + ex.getMessage());
- }
+ public void testIncrementToken() throws Exception {
+ assertThat(processAllFrom("http://www.domain.com/test.php"), Matchers.contains("domain", "test"));
+ assertThat(processAllFrom("https://apache.org"), Matchers.contains("apache"));
}
- /**
- * copied from
- * http://svn.apache.org/repos/asf/lucene/dev/trunk/lucene/analysis/common/src/test/org/apache/lucene/analysis/en/TestEnglishMinimalStemFilter.java
- *
- * @throws IOException
- */
- @Test
- public void testEmptyTerm() throws IOException {
- Analyzer a = new Analyzer() {
+ @Override
+ TokenFilter newFilter(@NonNull final TokenStream stream, List terms) {
+ return new UrlTokenizingFilter(stream) {
@Override
- protected TokenStreamComponents createComponents(String fieldName) {
- Tokenizer tokenizer = new KeywordTokenizer();
- return new TokenStreamComponents(tokenizer, new UrlTokenizingFilter(tokenizer));
+ protected void appendTerm(String term) {
+ super.appendTerm(term);
+ terms.add(term);
}
};
- checkOneTerm(a, "", "");
}
}
diff --git a/maven/pom.xml b/maven/pom.xml
index b1472b652dd..23314800601 100644
--- a/maven/pom.xml
+++ b/maven/pom.xml
@@ -29,6 +29,7 @@ Copyright (c) 2013 Jeremy Long. All Rights Reserved.
2013
3.15.2
+ ${java.home}
scm:git:https://github.com/dependency-check/DependencyCheck.git
@@ -92,17 +93,6 @@ Copyright (c) 2013 Jeremy Long. All Rights Reserved.
-
-
-
- org.apache.maven
- maven-resolver-provider
- ${maven.api.version}
- pom
- import
-
-
-
org.owasp
@@ -114,16 +104,6 @@ Copyright (c) 2013 Jeremy Long. All Rights Reserved.
dependency-check-utils
${project.parent.version}
-
- org.mockito
- mockito-core
- test
-
-
- org.mockito
- mockito-junit-jupiter
- test
-
org.apache.maven
maven-plugin-api
@@ -191,11 +171,6 @@ Copyright (c) 2013 Jeremy Long. All Rights Reserved.
maven-artifact
provided
-
- org.apache.maven.resolver
- maven-resolver-api
- provided
-
org.apache.maven.shared
maven-common-artifact-filters
@@ -216,25 +191,31 @@ Copyright (c) 2013 Jeremy Long. All Rights Reserved.
FullIntegrationTesting
-
-
- releaseTesting
-
-
+
+ org.apache.maven.plugins
+ maven-surefire-plugin
+
+
+ false
+
+
org.apache.maven.plugins
maven-invoker-plugin
4
- ${failsafeArgLine}
${project.build.directory}/it
target/local-repo
${project.version}
+
+ ${toolchain.jdk.test.home}
@@ -245,13 +226,6 @@ Copyright (c) 2013 Jeremy Long. All Rights Reserved.
-
-
- org.apache.commons
- commons-lang3
- ${commons-lang3.version}
-
-
diff --git a/maven/src/it/1751-use-child-repositories/postbuild.groovy b/maven/src/it/1751-use-child-repositories/postbuild.groovy
index 6f0f1ed977a..9035bf378d9 100644
--- a/maven/src/it/1751-use-child-repositories/postbuild.groovy
+++ b/maven/src/it/1751-use-child-repositories/postbuild.groovy
@@ -16,7 +16,7 @@
* Copyright (c) 2014 Jeremy Long. All Rights Reserved.
*/
-import groovy.util.XmlSlurper
+import groovy.xml.XmlSlurper
String report = new File(basedir, "target/dependency-check-report.xml").text;
diff --git a/maven/src/it/690-threadsafety/first-a/pom.xml b/maven/src/it/690-threadsafety/first-a/pom.xml
index 09edb141215..ac713977c94 100644
--- a/maven/src/it/690-threadsafety/first-a/pom.xml
+++ b/maven/src/it/690-threadsafety/first-a/pom.xml
@@ -39,7 +39,7 @@ Copyright (c) 2013 Jeremy Long. All Rights Reserved.
org.springframework.boot
spring-boot-starter-data-jpa
- 1.5.2.RELEASE
+ 1.5.22.RELEASE
org.apache.james
diff --git a/maven/src/it/690-threadsafety/first/pom.xml b/maven/src/it/690-threadsafety/first/pom.xml
index 558d5c1324c..e172fa73ca5 100644
--- a/maven/src/it/690-threadsafety/first/pom.xml
+++ b/maven/src/it/690-threadsafety/first/pom.xml
@@ -39,7 +39,7 @@ Copyright (c) 2013 Jeremy Long. All Rights Reserved.
org.springframework.boot
spring-boot-starter-data-jpa
- 1.5.2.RELEASE
+ 1.5.22.RELEASE
org.apache.james
diff --git a/pom.xml b/pom.xml
index ee3771281d4..a6eda0607c5 100644
--- a/pom.xml
+++ b/pom.xml
@@ -130,9 +130,9 @@ Copyright (c) 2012 - Jeremy Long
9.3
2.0.0
3.2.0
- 3.9.0
+ 3.10.0
3.12.0
-
+
2.5
3.9.0
3.5.4
@@ -140,8 +140,6 @@ Copyright (c) 2012 - Jeremy Long
4.9.8.2
3.2.2
2.21.0
- 26.0.2-1
- 4.9.8
2.4.240
1.11.0
2.21.0
@@ -149,9 +147,6 @@ Copyright (c) 2012 - Jeremy Long
1.15.0
5.5.1
5.3.6
-
3.2.1
1.2.3
5.14.2
@@ -168,7 +163,6 @@ Copyright (c) 2012 - Jeremy Long
1.1.7
0.13.1
3.4.0
- 2.4.21
4.3.0
3.0.4
2.21.0
@@ -176,7 +170,15 @@ Copyright (c) 2012 - Jeremy Long
9.6.0
- 5.15.0
+
+
+ --enable-native-access=ALL-UNNAMED -XX:+IgnoreUnrecognizedVMOptions
@@ -197,7 +199,7 @@ Copyright (c) 2012 - Jeremy Long
org.jsonschema2pojo
jsonschema2pojo-maven-plugin
- 1.2.2
+ 1.3.3
org.codehaus.mojo
@@ -278,6 +280,9 @@ Copyright (c) 2012 - Jeremy Long
org.apache.maven.plugins
maven-resources-plugin
3.4.0
+
+ ISO-8859-1
+
org.owasp.maven-tools
@@ -340,13 +345,6 @@ Copyright (c) 2012 - Jeremy Long
org.apache.maven.plugins
maven-invoker-plugin
3.9.1
-
-
- org.codehaus.groovy
- groovy-all
- ${groovy-all.version}
-
-
org.codehaus.gmavenplus
@@ -354,27 +352,27 @@ Copyright (c) 2012 - Jeremy Long
${gmavenplus-plugin.version}
- org.codehaus.groovy
- groovy-all
- ${groovy-all.version}
+ org.apache.groovy
+ groovy-ant
+ 5.0.4
runtime
+
+ org.codehaus.mojo
+ versions-maven-plugin
+ ${versions-maven-plugin.version}
+
+ .*-(alpha|beta|M|rc)[-0-9]+
+
+
org.codehaus.gmavenplus
gmavenplus-plugin
-
-
- org.codehaus.groovy
- groovy-all
- ${groovy-all.version}
- runtime
-
-
add-dynamic-properties-clean
@@ -440,8 +438,10 @@ Copyright (c) 2012 - Jeremy Long
org.apache.maven.plugins
maven-compiler-plugin
+ ${maven.compiler.release}
true
+ -proc:none
-Xlint
@@ -561,14 +561,14 @@ Copyright (c) 2012 - Jeremy Long
- enforce-maven-3
+ enforce-maven
enforce
- [3.1,]
+ 3.9.0
true
@@ -627,11 +627,22 @@ Copyright (c) 2012 - Jeremy Long
+
+ org.apache.maven.plugins
+ maven-dependency-plugin
+
+
+
+ properties
+
+
+
+
org.apache.maven.plugins
maven-surefire-plugin
- @{surefireArgLine} -Dfile.encoding=UTF-8
+ @{surefireArgLine} -javaagent:${org.mockito:mockito-core:jar} ${runtime.extra.jvm.args} -Dfile.encoding=UTF-8
false
${project.build.directory}/data
@@ -644,7 +655,7 @@ Copyright (c) 2012 - Jeremy Long
org.apache.maven.plugins
maven-failsafe-plugin
- @{failsafeArgLine}
+ @{failsafeArgLine} -javaagent:${org.mockito:mockito-core:jar} ${runtime.extra.jvm.args}
${project.build.directory}/data
${project.build.directory}/temp
@@ -839,7 +850,7 @@ Copyright (c) 2012 - Jeremy Long
summary
- issue-management
+ issue-management
modules
team
scm
@@ -914,7 +925,6 @@ Copyright (c) 2012 - Jeremy Long
org.codehaus.mojo
versions-maven-plugin
- ${versions-maven-plugin.version}
@@ -938,36 +948,6 @@ Copyright (c) 2012 - Jeremy Long
jdiagnostics
1.0.7
-
- org.mock-server
- mockserver-core
- ${mock-server.version}
- test
-
-
- org.mock-server
- mockserver-client-java
- test
- ${mock-server.version}
-
-
- org.mock-server
- mockserver-junit-jupiter
- ${mock-server.version}
- test
-
-
- org.mockito
- mockito-core
- ${mockito.version}
- test
-
-
- org.mockito
- mockito-junit-jupiter
- ${mockito.version}
- test
-
org.apache.commons
commons-jcs3-core
@@ -978,6 +958,11 @@ Copyright (c) 2012 - Jeremy Long
httpclient5
${httpcomponents.client.version}
+
+ org.apache.httpcomponents.client5
+ httpclient5-cache
+ ${httpcomponents.client.version}
+
org.apache.httpcomponents.core5
httpcore5
@@ -993,16 +978,37 @@ Copyright (c) 2012 - Jeremy Long
commons-validator
1.10.1
+
commons-beanutils
commons-beanutils
+
+ commons-collections
+ commons-collections
+
+
+ commons-digester
+ commons-digester
+
+
+
+ commons-logging
+ commons-logging
+
org.apache.commons
commons-dbcp2
2.14.0
+
+
+
+ commons-logging
+ commons-logging
+
+
com.github.package-url
@@ -1025,9 +1031,10 @@ Copyright (c) 2012 - Jeremy Long
5.8.0
- org.jetbrains
- annotations
- ${jetbrains.annotations.version}
+ org.jspecify
+ jspecify
+ 1.0.0
+ true
com.h2database
@@ -1060,11 +1067,6 @@ Copyright (c) 2012 - Jeremy Long
pom
import
-
- com.fasterxml.jackson.datatype
- jackson-datatype-jsr310
- ${jackson.version}
-
commons-io
commons-io
@@ -1091,22 +1093,18 @@ Copyright (c) 2012 - Jeremy Long
${logback.version}
- org.junit.jupiter
- junit-jupiter-api
- ${junit.version}
- test
-
-
- org.junit.jupiter
- junit-jupiter-engine
- ${junit.version}
- test
+ org.mockito
+ mockito-bom
+ ${mockito.version}
+ pom
+ import
- org.junit.jupiter
- junit-jupiter-params
+ org.junit
+ junit-bom
${junit.version}
- test
+ pom
+ import
org.apache.commons
@@ -1117,21 +1115,16 @@ Copyright (c) 2012 - Jeremy Long
org.apache.ant
ant
${apache.ant.version}
-
-
- com.sun
- tools
-
-
org.apache.ant
ant-testutil
${apache.ant.version}
+
- com.sun
- tools
+ org.hamcrest
+ hamcrest-core
@@ -1150,11 +1143,6 @@ Copyright (c) 2012 - Jeremy Long
lucene-queryparser
${apache.lucene.version}
-
- org.apache.lucene
- lucene-test-framework
- ${apache.lucene.version}
-
commons-codec
commons-codec
@@ -1164,6 +1152,18 @@ Copyright (c) 2012 - Jeremy Long
com.h3xstream.retirejs
retirejs-core
${com.h3xstream.retirejs.core.version}
+
+
+
+ com.vaadin.external.google
+ android-json
+
+
+
+
+ org.json
+ json
+ 20251224
org.apache.maven
@@ -1212,6 +1212,7 @@ Copyright (c) 2012 - Jeremy Long
org.apache.maven.plugin-testing
maven-plugin-testing-harness
${maven-plugin-testing-harness.version}
+ test
org.apache.maven.plugin-tools
@@ -1266,6 +1267,11 @@ Copyright (c) 2012 - Jeremy Long
jul-to-slf4j
${slf4j.version}
+
+ org.slf4j
+ jcl-over-slf4j
+ ${slf4j.version}
+
org.apache.maven.shared
maven-artifact-transfer
@@ -1281,16 +1287,12 @@ Copyright (c) 2012 - Jeremy Long
doxia-sink-api
${doxia-base.version}
-
- com.github.spotbugs
- spotbugs-annotations
- ${findbugs.spotbugs.version}
-
org.sonatype.ossindex
ossindex-service-client
1.8.2
+
org.apache.httpcomponents
httpclient
@@ -1299,20 +1301,27 @@ Copyright (c) 2012 - Jeremy Long
org.apache.httpcomponents
httpcore
-
- com.google.guava
- guava
-
-
- org.slf4j
- jcl-over-slf4j
-
com.google.guava
guava
33.5.0-jre
+
+
+
+ com.google.guava
+ listenablefuture
+
+
+ com.google.errorprone
+ error_prone_annotations
+
+
+ com.google.j2objc
+ j2objc-annotations
+
+
com.hankcs
@@ -1326,11 +1335,7 @@ Copyright (c) 2012 - Jeremy Long
org.bouncycastle
- bcprov-jdk15on
-
-
- org.bouncycastle
- bcpg-jdk15on
+ *
@@ -1345,12 +1350,22 @@ Copyright (c) 2012 - Jeremy Long
org.junit.jupiter
- junit-jupiter-engine
+ junit-jupiter-params
test
org.junit.jupiter
- junit-jupiter-params
+ junit-jupiter-engine
+ test
+
+
+ org.mockito
+ mockito-core
+ test
+
+
+ org.mockito
+ mockito-junit-jupiter
test
@@ -1361,20 +1376,51 @@ Copyright (c) 2012 - Jeremy Long
- org.jetbrains
- annotations
+ org.jspecify
+ jspecify
compile
true
com.github.spotbugs
spotbugs-annotations
+ 4.9.8
compile
true
+
+ test-with-specific-toolchain
+
+
+ toolchain.jdk.test.version
+
+
+
+
+
+ org.apache.maven.plugins
+ maven-surefire-plugin
+
+
+ ${toolchain.jdk.test.version}
+
+
+
+
+ org.apache.maven.plugins
+ maven-failsafe-plugin
+
+
+ ${toolchain.jdk.test.version}
+
+
+
+
+
+
release
diff --git a/utils/pom.xml b/utils/pom.xml
index e508c33fc0a..a45e43efad7 100644
--- a/utils/pom.xml
+++ b/utils/pom.xml
@@ -60,17 +60,18 @@ Copyright (c) 2014 - Jeremy Long. All Rights Reserved.
com.fasterxml.jackson.core
jackson-databind
- ${jackson.version}
com.fasterxml.jackson.core
jackson-core
- ${jackson.version}
org.slf4j
slf4j-api
- compile
+
+
+ com.google.guava
+ guava
ch.qos.logback
@@ -82,27 +83,6 @@ Copyright (c) 2014 - Jeremy Long. All Rights Reserved.
logback-classic
test
-
- org.mock-server
- mockserver-core
- test
-
-
- org.mock-server
- mockserver-client-java
- test
-
-
- io.netty
- netty-codec-http
- 4.2.10.Final
- test
-
-
- org.mock-server
- mockserver-junit-jupiter
- test
-
@@ -120,36 +100,7 @@ Copyright (c) 2014 - Jeremy Long. All Rights Reserved.
-
-
-
- utils
-
-
- testMavenPlugin
-
-
-
-
-
- org.apache.maven.plugins
- maven-surefire-plugin
-
- true
-
-
-
- org.apache.maven.plugins
- maven-failsafe-plugin
-
- true
-
-
-
-
-
-
diff --git a/utils/src/main/java/org/owasp/dependencycheck/utils/Downloader.java b/utils/src/main/java/org/owasp/dependencycheck/utils/Downloader.java
index df2ec1f746d..8fd86e73f50 100644
--- a/utils/src/main/java/org/owasp/dependencycheck/utils/Downloader.java
+++ b/utils/src/main/java/org/owasp/dependencycheck/utils/Downloader.java
@@ -45,7 +45,7 @@
import org.apache.hc.core5.http.io.entity.StringEntity;
import org.apache.hc.core5.http.message.BasicClassicHttpRequest;
import org.apache.hc.core5.http.message.BasicClassicHttpResponse;
-import org.jetbrains.annotations.NotNull;
+import org.jspecify.annotations.NonNull;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -507,7 +507,7 @@ public void fetchFile(URL url, File outputPath, boolean useProxy, String userKey
* @param credentialsProvider The credentialStore to configure the credentials in
* @param authCache The AuthCache to cache the pre-empted credentials in
*/
- private void tryConfigureProxyCredentials(@NotNull CredentialsStore credentialsProvider, @NotNull AuthCache authCache) {
+ private void tryConfigureProxyCredentials(@NonNull CredentialsStore credentialsProvider, @NonNull AuthCache authCache) {
if (proxyPreEmptAuth != null) {
credentialsProvider.setCredentials(proxyAuthScope, proxyCreds);
authCache.put(proxyHttpHost, proxyPreEmptAuth);
@@ -648,7 +648,7 @@ public CloseableHttpClient getHttpClient(boolean useProxy) {
* @throws TooManyRequestsException When HTTP status 429 is encountered
* @throws ResourceNotFoundException When HTTP status 404 is encountered
*/
- public T fetchAndHandle(@NotNull URL url, @NotNull HttpClientResponseHandler handler)
+ public T fetchAndHandle(@NonNull URL url, @NonNull HttpClientResponseHandler handler)
throws IOException, TooManyRequestsException, ResourceNotFoundException, URISyntaxException, ForbiddenException {
return fetchAndHandle(url, handler, Collections.emptyList(), true);
}
@@ -665,7 +665,7 @@ public T fetchAndHandle(@NotNull URL url, @NotNull HttpClientResponseHandler
* @throws TooManyRequestsException When HTTP status 429 is encountered
* @throws ResourceNotFoundException When HTTP status 404 is encountered
*/
- public T fetchAndHandle(@NotNull URL url, @NotNull HttpClientResponseHandler handler, @NotNull List hdr)
+ public T fetchAndHandle(@NonNull URL url, @NonNull HttpClientResponseHandler handler, @NonNull List hdr)
throws IOException, TooManyRequestsException, ResourceNotFoundException, URISyntaxException, ForbiddenException {
return fetchAndHandle(url, handler, hdr, true);
}
@@ -683,7 +683,7 @@ public T fetchAndHandle(@NotNull URL url, @NotNull HttpClientResponseHandler
* @throws TooManyRequestsException When HTTP status 429 is encountered
* @throws ResourceNotFoundException When HTTP status 404 is encountered
*/
- public T fetchAndHandle(@NotNull URL url, @NotNull HttpClientResponseHandler handler, @NotNull List hdr, boolean useProxy)
+ public T fetchAndHandle(@NonNull URL url, @NonNull HttpClientResponseHandler handler, @NonNull List hdr, boolean useProxy)
throws IOException, TooManyRequestsException, ResourceNotFoundException, URISyntaxException, ForbiddenException {
final T data;
if ("file".equals(url.getProtocol())) {
@@ -716,8 +716,8 @@ public T fetchAndHandle(@NotNull URL url, @NotNull HttpClientResponseHandler
* @throws TooManyRequestsException When HTTP status 429 is encountered
* @throws ResourceNotFoundException When HTTP status 404 is encountered
*/
- public T fetchAndHandle(@NotNull CloseableHttpClient client, @NotNull URL url, @NotNull HttpClientResponseHandler handler,
- @NotNull List hdr) throws IOException, TooManyRequestsException,
+ public T fetchAndHandle(@NonNull CloseableHttpClient client, @NonNull URL url, @NonNull HttpClientResponseHandler handler,
+ @NonNull List hdr) throws IOException, TooManyRequestsException,
ResourceNotFoundException, ForbiddenException {
try {
final String theProtocol = url.getProtocol();
diff --git a/utils/src/main/java/org/owasp/dependencycheck/utils/FileUtils.java b/utils/src/main/java/org/owasp/dependencycheck/utils/FileUtils.java
index 2e6eb6e5806..88428dee453 100644
--- a/utils/src/main/java/org/owasp/dependencycheck/utils/FileUtils.java
+++ b/utils/src/main/java/org/owasp/dependencycheck/utils/FileUtils.java
@@ -33,8 +33,8 @@
import org.apache.commons.io.FilenameUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.SystemUtils;
-import org.jetbrains.annotations.NotNull;
-import org.jetbrains.annotations.Nullable;
+import org.jspecify.annotations.NonNull;
+import org.jspecify.annotations.Nullable;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -72,8 +72,7 @@ private FileUtils() {
* @return the file extension.
*/
@Nullable
- public static String getFileExtension(@NotNull String fileName) {
- @Nullable
+ public static String getFileExtension(@NonNull String fileName) {
final String fileExt = FilenameUtils.getExtension(fileName);
return StringUtils.isNoneEmpty(fileExt) ? StringUtils.lowerCase(fileExt) : null;
}
@@ -113,7 +112,7 @@ public static boolean delete(@Nullable File file) {
* @throws java.io.IOException thrown when a directory cannot be created
* within the base directory
*/
- @NotNull
+ @NonNull
public static File createTempDirectory(@Nullable final File base) throws IOException {
final File tempDir = new File(base, "dctemp" + UUID.randomUUID());
if (tempDir.exists()) {
@@ -132,7 +131,7 @@ public static File createTempDirectory(@Nullable final File base) throws IOExcep
*
* @return a String containing the bit bucket
*/
- @NotNull
+ @NonNull
public static String getBitBucket() {
return SystemUtils.IS_OS_WINDOWS ? BIT_BUCKET_WIN : BIT_BUCKET_UNIX;
}
@@ -160,7 +159,7 @@ public static void close(@Nullable final Closeable closeable) {
* @return the input stream for the given resource
* @throws FileNotFoundException if the file could not be found
*/
- public static InputStream getResourceAsStream(@NotNull String resource) throws FileNotFoundException {
+ public static InputStream getResourceAsStream(@NonNull String resource) throws FileNotFoundException {
final ClassLoader classLoader = FileUtils.class.getClassLoader();
final InputStream inputStream = classLoader != null
? classLoader.getResourceAsStream(resource)
diff --git a/utils/src/main/java/org/owasp/dependencycheck/utils/Settings.java b/utils/src/main/java/org/owasp/dependencycheck/utils/Settings.java
index b23319b34fd..594ab6cfc2e 100644
--- a/utils/src/main/java/org/owasp/dependencycheck/utils/Settings.java
+++ b/utils/src/main/java/org/owasp/dependencycheck/utils/Settings.java
@@ -18,15 +18,14 @@
package org.owasp.dependencycheck.utils;
import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
+import org.jspecify.annotations.NonNull;
+import org.jspecify.annotations.Nullable;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
-import org.jetbrains.annotations.NotNull;
-import org.jetbrains.annotations.Nullable;
-
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
@@ -958,7 +957,7 @@ public Settings(final Properties properties) {
*
* @param propertiesFilePath the path to the base properties file to load
*/
- public Settings(@NotNull final String propertiesFilePath) {
+ public Settings(@NonNull final String propertiesFilePath) {
initialize(propertiesFilePath);
}
@@ -967,7 +966,7 @@ public Settings(@NotNull final String propertiesFilePath) {
*
* @param propertiesFilePath the path to the settings property file
*/
- private void initialize(@NotNull final String propertiesFilePath) {
+ private void initialize(@NonNull final String propertiesFilePath) {
props = new Properties();
try (InputStream in = FileUtils.getResourceAsStream(propertiesFilePath)) {
props.load(in);
@@ -1009,7 +1008,7 @@ public synchronized void cleanup(boolean deleteTemporary) {
* @return true if the key is for a sensitive property value;
* otherwise false
*/
- private boolean isKeyMasked(@NotNull String key) {
+ private boolean isKeyMasked(@NonNull String key) {
if (maskedKeys == null || maskedKeys.isEmpty()) {
initMaskedKeys();
}
@@ -1024,7 +1023,7 @@ private boolean isKeyMasked(@NotNull String key) {
* @param value the property value
* @return the printable value
*/
- String getPrintableValue(@NotNull String key, String value) {
+ String getPrintableValue(@NonNull String key, String value) {
String printableValue = null;
if (value != null) {
printableValue = isKeyMasked(key) ? "********" : value;
@@ -1056,7 +1055,7 @@ void initMaskedKeys() {
* @param header the header to print with the log message
* @param properties the properties to log
*/
- private void logProperties(@NotNull final String header, @NotNull final Properties properties) {
+ private void logProperties(@NonNull final String header, @NonNull final Properties properties) {
if (LOGGER.isDebugEnabled()) {
initMaskedKeys();
final StringWriter sw = new StringWriter();
@@ -1082,7 +1081,7 @@ private void logProperties(@NotNull final String header, @NotNull final Properti
* @param key the key for the property
* @param value the value for the property
*/
- public void setString(@NotNull final String key, @NotNull final String value) {
+ public void setString(@NonNull final String key, @NonNull final String value) {
props.setProperty(key, value);
LOGGER.debug("Setting: {}='{}'", key, getPrintableValue(key, value));
}
@@ -1093,7 +1092,7 @@ public void setString(@NotNull final String key, @NotNull final String value) {
* @param key the key for the property
* @param value the value for the property
*/
- public void setStringIfNotNull(@NotNull final String key, @Nullable final String value) {
+ public void setStringIfNotNull(@NonNull final String key, @Nullable final String value) {
if (null != value) {
setString(key, value);
}
@@ -1105,7 +1104,7 @@ public void setStringIfNotNull(@NotNull final String key, @Nullable final String
* @param key the key for the property
* @param value the value for the property
*/
- public void setStringIfNotEmpty(@NotNull final String key, @Nullable final String value) {
+ public void setStringIfNotEmpty(@NonNull final String key, @Nullable final String value) {
if (null != value && !value.isEmpty()) {
setString(key, value);
}
@@ -1117,7 +1116,7 @@ public void setStringIfNotEmpty(@NotNull final String key, @Nullable final Strin
* @param key the key for the property
* @param value the value for the property
*/
- public void setArrayIfNotEmpty(@NotNull final String key, @Nullable final String[] value) {
+ public void setArrayIfNotEmpty(@NonNull final String key, @Nullable final String[] value) {
if (null != value && value.length > 0) {
try {
setString(key, objectMapper.writeValueAsString(value));
@@ -1133,7 +1132,7 @@ public void setArrayIfNotEmpty(@NotNull final String key, @Nullable final String
* @param key the key for the property
* @param value the value for the property
*/
- public void setArrayIfNotEmpty(@NotNull final String key, @Nullable final List value) {
+ public void setArrayIfNotEmpty(@NonNull final String key, @Nullable final List value) {
if (null != value && !value.isEmpty()) {
try {
setString(key, objectMapper.writeValueAsString(value));
@@ -1149,7 +1148,7 @@ public void setArrayIfNotEmpty(@NotNull final String key, @Nullable final List