Nuspec tests and name normalization

added tests for the existing analyzer and normalized the name and set
the ecosystem.

dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/NuspecAnalyzer.java

@@ -41,7 +41,12 @@ import org.owasp.dependencycheck.exception.InitializationException;
  * @author colezlaw
  */
 public class NuspecAnalyzer extends AbstractFileTypeAnalyzer {
-
+    
+	/**
+     * A descriptor for the type of dependencies processed or added by this analyzer
+     */
+    public static final String DEPENDENCY_ECOSYSTEM = "NuGet";
+	
     /**
      * The logger.
      */
@@ -136,12 +141,15 @@ public class NuspecAnalyzer extends AbstractFileTypeAnalyzer {
                 throw new AnalysisException(ex);
             }
 
+            dependency.setEcosystem(DEPENDENCY_ECOSYSTEM);
             if (np.getOwners() != null) {
                 dependency.getVendorEvidence().addEvidence("nuspec", "owners", np.getOwners(), Confidence.HIGHEST);
             }
             dependency.getVendorEvidence().addEvidence("nuspec", "authors", np.getAuthors(), Confidence.HIGH);
             dependency.getVersionEvidence().addEvidence("nuspec", "version", np.getVersion(), Confidence.HIGHEST);
+            dependency.setVersion(np.getVersion());
             dependency.getProductEvidence().addEvidence("nuspec", "id", np.getId(), Confidence.HIGHEST);
+            dependency.setName(np.getId());
             if (np.getTitle() != null) {
                 dependency.getProductEvidence().addEvidence("nuspec", "title", np.getTitle(), Confidence.MEDIUM);
             }

dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/NuspecAnalyzerTest.java

@@ -23,6 +23,9 @@ import static org.junit.Assert.assertTrue;
 import org.junit.Before;
 import org.junit.Test;
 import org.owasp.dependencycheck.BaseTest;
+import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
+import org.owasp.dependencycheck.dependency.Dependency;
+import org.owasp.dependencycheck.dependency.Evidence;
 
 import java.io.File;
 
@@ -52,6 +55,33 @@ public class NuspecAnalyzerTest extends BaseTest {
     public void testGetAnalysisPhaze() {
         assertEquals(AnalysisPhase.INFORMATION_COLLECTION, instance.getAnalysisPhase());
     }
+    
+    @Test
+    public void testNuspecAnalysis() throws Exception {
+    	 
+        File file = BaseTest.getResourceAsFile(this, "nuspec/test.nuspec");
+        Dependency result = new Dependency(file);
+        instance.analyze(result, null);
+        
+        assertEquals(NuspecAnalyzer.DEPENDENCY_ECOSYSTEM,result.getEcosystem());
+        
+        //checking the owner field
+        assertTrue(result.getVendorEvidence().toString().toLowerCase().contains("bobsmack"));
+        
+        //checking the author field
+        assertTrue(result.getVendorEvidence().toString().toLowerCase().contains("brianfox"));
+        
+        //checking the id field
+        assertTrue(result.getProductEvidence().toString().contains("TestDepCheck"));
+        
+        //checking the title field
+        assertTrue(result.getProductEvidence().toString().contains("Test Package"));
+        
+        assertTrue(result.getVersionEvidence().toString().contains("1.0.0"));
+        assertEquals("1.0.0", result.getVersion());
+        assertEquals("TestDepCheck", result.getName());
+        assertEquals("TestDepCheck:1.0.0", result.getDisplayFileName());        
+    }    
 }
 
 // vim: cc=120:sw=4:ts=4:sts=4

dependency-check-core/src/test/resources/nuspec/test.nuspec

@@ -0,0 +1,17 @@
+<?xml version="1.0"?>
+<package xmlns="http://schemas.microsoft.com/packaging/2010/07/nuspec.xsd">
+  <metadata>
+    <version>1.0.0</version>
+    <authors>brianfox</authors>
+    <owners>bobsmack</owners>
+    <dependencies>
+      <dependency id="ClassLibrary" version="[1.0.0]" />
+    </dependencies>
+    <id>TestDepCheck</id>
+    <title>Test Package</title>
+    <requireLicenseAcceptance>false</requireLicenseAcceptance>
+    <description> Test package for Dependency Check Analyzer</description>
+    <summary />
+  </metadata>
+  <files/>
+</package>