fix: don't trigger BuildProject init during source-string analysis

`codajv -s <source>` crashed with ExceptionInInitializerError/NPE: analyze()
called BuildProject.cleanLibraryDependencies() unconditionally, and merely
referencing BuildProject runs its static initializer, which resolves a
gradle/maven command via new File(projectRootPom) — null in source mode.
Guard the cleanup so it runs only in project mode, where dependencies are
actually downloaded. Caught by the new PyPI release smoke test.

Author: rahlk

src/main/java/com/ibm/cldk/CodeAnalyzer.java

@@ -226,8 +226,13 @@ private static void analyze() throws Exception {
                 combinedJsonObject.add("call_graph", gson.toJsonTree(sdgEdges));
             }
         }
-        // Cleanup library dependencies directory
-        BuildProject.cleanLibraryDependencies();
+        // Cleanup library dependencies directory. Source-string analysis (-s) never
+        // downloads dependencies, so skip it: touching BuildProject would run its
+        // static initializer, which resolves a build command against the (null)
+        // project root and throws.
+        if (sourceAnalysis == null) {
+            BuildProject.cleanLibraryDependencies();
+        }
 
         // Convert the JavaCompilationUnit to JSON and add to consolidated json object
         String symbolTableJSONString = gson.toJson(symbolTable);