Skip to content

Commit 2eb9cc1

Browse files
authored
fix: improve Java 17+ compatibility by removing jdiagnostics (dependency-check#8565)
2 parents 78c8b10 + d1d8b99 commit 2eb9cc1

5 files changed

Lines changed: 55 additions & 59 deletions

File tree

core/pom.xml

Lines changed: 0 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -161,10 +161,6 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
161161
<groupId>io.github.jeremylong</groupId>
162162
<artifactId>open-vulnerability-clients</artifactId>
163163
</dependency>
164-
<dependency>
165-
<groupId>org.anarres.jdiagnostics</groupId>
166-
<artifactId>jdiagnostics</artifactId>
167-
</dependency>
168164
<dependency>
169165
<groupId>com.kichik.pecoff4j</groupId>
170166
<artifactId>pecoff4j</artifactId>

core/src/main/java/org/owasp/dependencycheck/data/cache/DataCacheFactory.java

Lines changed: 6 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -17,12 +17,6 @@
1717
*/
1818
package org.owasp.dependencycheck.data.cache;
1919

20-
import java.io.File;
21-
import java.io.IOException;
22-
import java.io.InputStream;
23-
import java.util.List;
24-
import java.util.Properties;
25-
2620
import io.github.jeremylong.jcs3.slf4j.Slf4jAdapter;
2721
import org.apache.commons.jcs3.JCS;
2822
import org.apache.commons.jcs3.access.CacheAccess;
@@ -37,6 +31,12 @@
3731
import org.slf4j.Logger;
3832
import org.slf4j.LoggerFactory;
3933

34+
import java.io.File;
35+
import java.io.IOException;
36+
import java.io.InputStream;
37+
import java.util.List;
38+
import java.util.Properties;
39+
4040
/**
4141
* Factory to instantiate cache repositories.
4242
*
@@ -140,7 +140,6 @@ public DataCache<List<Advisory>> getNodeAuditCache() {
140140
if (ex instanceof CacheException) {
141141
throw ex;
142142
}
143-
//TODO we may want to instrument w/ jdiagnostics per #2509
144143
LOGGER.debug("Error constructing cache for node audit files", ex);
145144
throw new CacheException(ex);
146145
}
@@ -165,7 +164,6 @@ public DataCache<Model> getPomCache() {
165164
if (ex instanceof CacheException) {
166165
throw ex;
167166
}
168-
//TODO we may want to instrument w/ jdiagnostics per #2509
169167
LOGGER.debug("Error constructing cache for POM files", ex);
170168
throw new CacheException(ex);
171169
}
@@ -190,7 +188,6 @@ public DataCache<List<MavenArtifact>> getCentralCache() {
190188
if (ex instanceof CacheException) {
191189
throw ex;
192190
}
193-
//TODO we may want to instrument w/ jdiagnostics per #2509
194191
LOGGER.debug("Error constructing cache for Central files", ex);
195192
throw new CacheException(ex);
196193
}

core/src/main/java/org/owasp/dependencycheck/data/nvdcve/CveDB.java

Lines changed: 37 additions & 27 deletions
Original file line numberDiff line numberDiff line change
@@ -22,12 +22,35 @@
2222
import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
2323
import io.github.jeremylong.openvulnerability.client.nvd.Config;
2424
import io.github.jeremylong.openvulnerability.client.nvd.CpeMatch;
25+
import io.github.jeremylong.openvulnerability.client.nvd.CvssV2;
26+
import io.github.jeremylong.openvulnerability.client.nvd.CvssV2Data;
27+
import io.github.jeremylong.openvulnerability.client.nvd.CvssV3;
28+
import io.github.jeremylong.openvulnerability.client.nvd.CvssV3Data;
29+
import io.github.jeremylong.openvulnerability.client.nvd.CvssV4;
30+
import io.github.jeremylong.openvulnerability.client.nvd.CvssV4Data;
31+
import io.github.jeremylong.openvulnerability.client.nvd.DefCveItem;
32+
import io.github.jeremylong.openvulnerability.client.nvd.LangString;
33+
import io.github.jeremylong.openvulnerability.client.nvd.Node;
34+
import io.github.jeremylong.openvulnerability.client.nvd.Reference;
35+
import io.github.jeremylong.openvulnerability.client.nvd.Weakness;
2536
import org.apache.commons.collections4.map.ReferenceMap;
37+
import org.owasp.dependencycheck.analyzer.exception.LambdaExceptionWrapper;
38+
import org.owasp.dependencycheck.analyzer.exception.UnexpectedAnalysisException;
39+
import org.owasp.dependencycheck.data.update.cpe.CpeEcosystemCache;
40+
import org.owasp.dependencycheck.data.update.cpe.CpePlus;
2641
import org.owasp.dependencycheck.dependency.Vulnerability;
2742
import org.owasp.dependencycheck.dependency.VulnerableSoftware;
28-
import org.owasp.dependencycheck.utils.*;
43+
import org.owasp.dependencycheck.dependency.VulnerableSoftwareBuilder;
44+
import org.owasp.dependencycheck.utils.InvalidSettingException;
45+
import org.owasp.dependencycheck.utils.Pair;
46+
import org.owasp.dependencycheck.utils.Settings;
2947
import org.slf4j.Logger;
3048
import org.slf4j.LoggerFactory;
49+
import us.springett.parsers.cpe.Cpe;
50+
import us.springett.parsers.cpe.CpeBuilder;
51+
import us.springett.parsers.cpe.CpeParser;
52+
import us.springett.parsers.cpe.exceptions.CpeParsingException;
53+
import us.springett.parsers.cpe.exceptions.CpeValidationException;
3154

3255
import javax.annotation.concurrent.ThreadSafe;
3356
import java.io.IOException;
@@ -40,34 +63,23 @@
4063
import java.sql.ResultSet;
4164
import java.sql.SQLException;
4265
import java.sql.Statement;
43-
import java.util.*;
66+
import java.util.ArrayList;
67+
import java.util.Collections;
68+
import java.util.Comparator;
69+
import java.util.HashMap;
70+
import java.util.HashSet;
71+
import java.util.List;
72+
import java.util.Map;
73+
import java.util.MissingResourceException;
74+
import java.util.Optional;
75+
import java.util.Properties;
76+
import java.util.ResourceBundle;
77+
import java.util.Set;
4478
import java.util.stream.Collectors;
45-
import org.anarres.jdiagnostics.DefaultQuery;
4679

4780
import static org.apache.commons.collections4.map.AbstractReferenceMap.ReferenceStrength.HARD;
4881
import static org.apache.commons.collections4.map.AbstractReferenceMap.ReferenceStrength.SOFT;
49-
import org.owasp.dependencycheck.analyzer.exception.LambdaExceptionWrapper;
50-
import org.owasp.dependencycheck.analyzer.exception.UnexpectedAnalysisException;
51-
import io.github.jeremylong.openvulnerability.client.nvd.DefCveItem;
5282
import static org.owasp.dependencycheck.data.nvdcve.CveDB.PreparedStatementCveDb.*;
53-
import org.owasp.dependencycheck.data.update.cpe.CpeEcosystemCache;
54-
import org.owasp.dependencycheck.data.update.cpe.CpePlus;
55-
import io.github.jeremylong.openvulnerability.client.nvd.CvssV2;
56-
import io.github.jeremylong.openvulnerability.client.nvd.CvssV2Data;
57-
import io.github.jeremylong.openvulnerability.client.nvd.CvssV3;
58-
import io.github.jeremylong.openvulnerability.client.nvd.CvssV3Data;
59-
import io.github.jeremylong.openvulnerability.client.nvd.CvssV4;
60-
import io.github.jeremylong.openvulnerability.client.nvd.CvssV4Data;
61-
import io.github.jeremylong.openvulnerability.client.nvd.LangString;
62-
import io.github.jeremylong.openvulnerability.client.nvd.Node;
63-
import io.github.jeremylong.openvulnerability.client.nvd.Reference;
64-
import io.github.jeremylong.openvulnerability.client.nvd.Weakness;
65-
import org.owasp.dependencycheck.dependency.VulnerableSoftwareBuilder;
66-
import us.springett.parsers.cpe.Cpe;
67-
import us.springett.parsers.cpe.CpeBuilder;
68-
import us.springett.parsers.cpe.CpeParser;
69-
import us.springett.parsers.cpe.exceptions.CpeParsingException;
70-
import us.springett.parsers.cpe.exceptions.CpeValidationException;
7183

7284
/**
7385
* The database holding information about the NVD CVE data. This class is safe
@@ -120,7 +132,7 @@ public final class CveDB implements AutoCloseable {
120132

121133
/**
122134
* Utility to extract information from
123-
* {@linkplain org.owasp.dependencycheck.data.nvd.json.DefCveItem}.
135+
* {@linkplain DefCveItem}.
124136
*/
125137
private final CveItemOperator cveItemConverter;
126138
/**
@@ -155,8 +167,6 @@ public int updateEcosystemCache() {
155167
}
156168
} catch (IOException ex) {
157169
throw new DatabaseException("Unable to update the ecosystem cache", ex);
158-
} catch (LinkageError ex) {
159-
LOGGER.debug(new DefaultQuery(ex).call().toString());
160170
}
161171
return updateCount;
162172
}

core/src/main/java/org/owasp/dependencycheck/data/nvdcve/DatabaseManager.java

Lines changed: 12 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -18,31 +18,31 @@
1818
package org.owasp.dependencycheck.data.nvdcve;
1919

2020
import com.google.common.io.Resources;
21+
import org.apache.commons.dbcp2.BasicDataSource;
22+
import org.apache.commons.io.IOUtils;
23+
import org.owasp.dependencycheck.utils.DBUtils;
24+
import org.owasp.dependencycheck.utils.DependencyVersion;
25+
import org.owasp.dependencycheck.utils.DependencyVersionUtil;
26+
import org.owasp.dependencycheck.utils.FileUtils;
27+
import org.owasp.dependencycheck.utils.Settings;
28+
import org.slf4j.Logger;
29+
import org.slf4j.LoggerFactory;
30+
31+
import javax.annotation.concurrent.ThreadSafe;
2132
import java.io.File;
2233
import java.io.IOException;
2334
import java.io.InputStream;
2435
import java.net.URL;
2536
import java.nio.charset.StandardCharsets;
26-
import java.sql.PreparedStatement;
2737
import java.sql.Connection;
2838
import java.sql.Driver;
2939
import java.sql.DriverManager;
40+
import java.sql.PreparedStatement;
3041
import java.sql.ResultSet;
3142
import java.sql.SQLException;
3243
import java.sql.Statement;
3344
import java.util.Locale;
3445
import java.util.ResourceBundle;
35-
import javax.annotation.concurrent.ThreadSafe;
36-
import org.anarres.jdiagnostics.DefaultQuery;
37-
import org.apache.commons.dbcp2.BasicDataSource;
38-
import org.apache.commons.io.IOUtils;
39-
import org.owasp.dependencycheck.utils.DBUtils;
40-
import org.owasp.dependencycheck.utils.DependencyVersion;
41-
import org.owasp.dependencycheck.utils.DependencyVersionUtil;
42-
import org.owasp.dependencycheck.utils.FileUtils;
43-
import org.owasp.dependencycheck.utils.Settings;
44-
import org.slf4j.Logger;
45-
import org.slf4j.LoggerFactory;
4646

4747
/**
4848
* Loads the configured database driver and returns the database connection. If
@@ -386,8 +386,6 @@ private void createTables(Connection conn) throws DatabaseException {
386386
}
387387
} catch (IOException ex) {
388388
throw new DatabaseException("Unable to create database schema", ex);
389-
} catch (LinkageError ex) {
390-
LOGGER.debug(new DefaultQuery(ex).call().toString());
391389
}
392390
}
393391

pom.xml

Lines changed: 0 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -914,11 +914,6 @@ Copyright (c) 2012 - Jeremy Long
914914
<artifactId>open-vulnerability-clients</artifactId>
915915
<version>9.0.5</version>
916916
</dependency>
917-
<dependency>
918-
<groupId>org.anarres.jdiagnostics</groupId>
919-
<artifactId>jdiagnostics</artifactId>
920-
<version>1.0.7</version>
921-
</dependency>
922917
<dependency>
923918
<groupId>org.apache.commons</groupId>
924919
<artifactId>commons-jcs3-core</artifactId>

0 commit comments

Comments
 (0)