Normalize Ruby analyzers

dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/RubyBundlerAnalyzer.java

@@ -53,7 +53,10 @@ public class RubyBundlerAnalyzer extends RubyGemspecAnalyzer {
      * The name of the analyzer.
      */
     private static final String ANALYZER_NAME = "Ruby Bundler Analyzer";
-
+    /**
+     * The types of files on which this will work.
+     */
+    static final String DEPENDENCY_ECOSYSTEM = "Ruby.Bundle";
     /**
      * Folder name that contains .gemspec files created by "bundle install"
      */
@@ -97,7 +100,7 @@ public class RubyBundlerAnalyzer extends RubyGemspecAnalyzer {
     protected void analyzeDependency(Dependency dependency, Engine engine)
             throws AnalysisException {
         super.analyzeDependency(dependency, engine);
-
+        dependency.setDependencyEcosystem(DEPENDENCY_ECOSYSTEM);
         //find the corresponding gem folder for this .gemspec stub by "bundle install --deployment"
         final File gemspecFile = dependency.getActualFile();
         final String gemFileName = gemspecFile.getName();

dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/RubyGemspecAnalyzer.java

@@ -56,7 +56,10 @@ public class RubyGemspecAnalyzer extends AbstractFileTypeAnalyzer {
      * The name of the analyzer.
      */
     private static final String ANALYZER_NAME = "Ruby Gemspec Analyzer";
-
+    /**
+     * The Dependency's ecosystem.
+     */
+    static final String DEPENDENCY_ECOSYSTEM = "Ruby.Bundle";
     /**
      * The phase that this analyzer is intended to run in.
      */
@@ -132,6 +135,7 @@ public class RubyGemspecAnalyzer extends AbstractFileTypeAnalyzer {
     @Override
     protected void analyzeDependency(Dependency dependency, Engine engine)
             throws AnalysisException {
+    	    dependency.setDependencyEcosystem(DEPENDENCY_ECOSYSTEM);
         String contents;
         try {
             contents = FileUtils.readFileToString(dependency.getActualFile(), Charset.defaultCharset());
@@ -148,6 +152,7 @@ public class RubyGemspecAnalyzer extends AbstractFileTypeAnalyzer {
             final EvidenceCollection product = dependency.getProductEvidence();
             final String name = addStringEvidence(product, contents, blockVariable, "name", "name", Confidence.HIGHEST);
             if (!name.isEmpty()) {
+            		dependency.setName(name);
                 vendor.addEvidence(GEMSPEC, "name_project", name + "_project", Confidence.LOW);
             }
             addStringEvidence(product, contents, blockVariable, "summary", "summary", Confidence.LOW);
@@ -158,10 +163,14 @@ public class RubyGemspecAnalyzer extends AbstractFileTypeAnalyzer {
             addStringEvidence(vendor, contents, blockVariable, "license", "licen[cs]es?", Confidence.HIGHEST);
 
             final String value = addStringEvidence(dependency.getVersionEvidence(), contents,
-                    blockVariable, "version", "version", Confidence.HIGHEST);
+                    blockVariable, "version", "version", Confidence.HIGHEST);            
             if (value.length() < 1) {
                 addEvidenceFromVersionFile(dependency.getActualFile(), dependency.getVersionEvidence());
             }
+            else
+            {
+            		dependency.setVersion(value);
+            }
         }
 
         setPackagePath(dependency);