bug fixes

Former-commit-id: a415f5e84dbe7c887a20a8acd18403655c82f9be

src/main/java/org/codesecure/dependencycheck/analyzer/JarAnalyzer.java

@@ -186,6 +186,7 @@ public class JarAnalyzer extends AbstractAnalyzer {
             parseManifest(dependency);
             analyzePackageNames(dependency);
             analyzePOM(dependency);
+            addPredefinedData(dependency);
         } catch (IOException ex) {
             throw new AnalysisException("Exception occured reading the JAR file.", ex);
         } catch (JAXBException ex) {
@@ -615,4 +616,15 @@ public class JarAnalyzer extends AbstractAnalyzer {
         sb.append(text.substring(end + 1));
         return interpolateString(sb.toString(), properties); //yes yes, this should be a loop...
     }
+
+    private void addPredefinedData(Dependency dependency) {
+        Evidence spring = new Evidence("Manifest",
+                "Implementation-Title",
+                "Spring Framework",
+                Evidence.Confidence.HIGH);
+
+        if (dependency.getProductEvidence().getEvidence().contains(spring)) {
+            dependency.getVendorEvidence().addEvidence("a priori", "vendor", "SpringSource", Evidence.Confidence.HIGH);
+        }
+    }
 }