From a4beb58b54fa1b43cc480b0db5f14c790f098bcd Mon Sep 17 00:00:00 2001
From: Jeremy Long <jeremy.long@gmail.com>
Date: Mon, 20 Jan 2014 17:37:43 -0500
Subject: [PATCH] included pom.xml files in suppression analysis as the Jar
 analyzer may add these as part of fix for issue #11

Former-commit-id: 5bb2205d7f2dd1e7b6decf3a29110b6135bbb367
---
 .../owasp/dependencycheck/analyzer/FalsePositiveAnalyzer.java  | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/FalsePositiveAnalyzer.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/FalsePositiveAnalyzer.java
index 65b6579f8..b2f7d6552 100644
--- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/FalsePositiveAnalyzer.java
+++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/FalsePositiveAnalyzer.java
@@ -275,7 +275,8 @@ public class FalsePositiveAnalyzer extends AbstractAnalyzer {
                         || i.getValue().startsWith("cpe:/a:cvs:cvs")
                         || i.getValue().startsWith("cpe:/a:ftp:ftp")
                         || i.getValue().startsWith("cpe:/a:ssh:ssh"))
-                        && dependency.getFileName().toLowerCase().endsWith(".jar")) {
+                        && (dependency.getFileName().toLowerCase().endsWith(".jar")
+                        || dependency.getFileName().toLowerCase().endsWith("pom.xml"))) {
                     itr.remove();
                 } else if (i.getValue().startsWith("cpe:/a:apache:maven")
                         && !dependency.getFileName().toLowerCase().matches("maven-core-[\\d\\.]+\\.jar")) {