Update JarAnalyze to resolve issue #127

Updated JarAnalyzer to resolve issue #127 - duplicate package and package name evidence in the report. Former-commit-id: ed40398c0b00e5fd5065705772ad15afaf5c7e0c
2026-01-14 15:53:36 +01:00 · 2014-05-14 18:01:12 -04:00
parent ae09229107
commit 7a653abf22
1 changed files with 2 additions and 2 deletions
--- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java
+++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java
@@ -648,7 +648,7 @@ public class JarAnalyzer extends AbstractFileTypeAnalyzer {
                //TODO remove weighting
                vendor.addWeighting(entry.getKey());
                if (addPackagesAsEvidence && entry.getKey().length() > 1) {
-                    vendor.addEvidence("jar", "package", entry.getKey(), Confidence.LOW);
+                    vendor.addEvidence("jar", "package name", entry.getKey(), Confidence.LOW);
                }
            }
        }
@@ -657,7 +657,7 @@ public class JarAnalyzer extends AbstractFileTypeAnalyzer {
            if (ratio > 0.5) {
                product.addWeighting(entry.getKey());
                if (addPackagesAsEvidence && entry.getKey().length() > 1) {
-                    product.addEvidence("jar", "package", entry.getKey(), Confidence.LOW);
+                    product.addEvidence("jar", "package name", entry.getKey(), Confidence.LOW);
                }
            }
        }