Issue #730: Allow multiple suppression files in Maven

The core has been extended to handle multiple suppression files
Extended the Ant test to cover multiple suppression files
NOTE: This change is breaking for users of the Maven plugin

dependency-check-ant/src/test/resources/build.xml

@@ -92,6 +92,9 @@
             <fileset dir="${project.build.directory}/test-classes/jars">
                 <include name="axis-1.4.jar"/>
             </fileset>
+            <filelist
+                    dir="${project.build.directory}/test-classes/list"
+                    files="jetty-6.1.0.jar,org.mortbay.jetty.jar"/>
         </dependency-check>
     </target>
 </project>

dependency-check-ant/src/test/resources/test-suppression1.xml

@@ -1,10 +1,26 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<!-- Test suppression file for the DependencyCheckTaskTest#testSuppressingCVE() test -->
+<!--
+This file is part of dependency-check-core.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+Copyright (c) 2017 The OWASP Foundation. All Rights Reserved.
+-->
 <suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.1.xsd">
     <suppress>
         <notes><![CDATA[
-      file name: axis-1.4.jar
-      ]]></notes>
+   file name: axis-1.4.jar
+   ]]></notes>
         <gav regex="true">^org\.apache\.axis:axis:.*$</gav>
         <cpe>cpe:/a:apache:axis</cpe>
     </suppress>

dependency-check-ant/src/test/resources/test-suppression2.xml

@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+This file is part of dependency-check-core.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+Copyright (c) 2017 The OWASP Foundation. All Rights Reserved.
+-->
+<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.1.xsd">
+    <suppress>
+        <notes><![CDATA[
+   file name: org.mortbay.jetty.jar
+   ]]></notes>
+        <gav regex="true">^jetty:org\.mortbay\.jetty:.*$</gav>
+        <cpe>cpe:/a:jetty:jetty</cpe>
+    </suppress>
+    <suppress>
+        <notes><![CDATA[
+         file name: org.mortbay.jetty.jar
+         ]]></notes>
+        <gav regex="true">^jetty:org\.mortbay\.jetty:.*$</gav>
+        <cpe>cpe:/a:mortbay:jetty</cpe>
+    </suppress>
+    <suppress>
+        <notes><![CDATA[
+   file name: org.mortbay.jetty.jar
+   ]]></notes>
+        <gav regex="true">^jetty:org\.mortbay\.jetty:.*$</gav>
+        <cpe>cpe:/a:mortbay_jetty:jetty</cpe>
+    </suppress>
+</suppressions>