From a70cbcc9d3e77e58b0368c58e1bec43683e73117 Mon Sep 17 00:00:00 2001
From: Jeremy Long <jeremy.long@gmail.com>
Date: Fri, 3 May 2013 20:23:42 -0400
Subject: [PATCH] improved pom analysis

Former-commit-id: d1f81329c4de99873e83f65a9abc0bef1e3c4552
---
 .../java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java    | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java b/src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java
index 4a0f92336..1f5f017d2 100644
--- a/src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java
+++ b/src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java
@@ -294,6 +294,7 @@ public class JarAnalyzer extends AbstractAnalyzer implements Analyzer {
             if (artifactid != null) {
                 foundSomething = true;
                 dependency.getProductEvidence().addEvidence("pom", "artifactid", artifactid, Evidence.Confidence.HIGH);
+                dependency.getVendorEvidence().addEvidence("pom", "artifactid", artifactid, Evidence.Confidence.LOW);
             }
             //version
             final String version = interpolateString(pom.getVersion(), pomProperties);
@@ -313,6 +314,7 @@ public class JarAnalyzer extends AbstractAnalyzer implements Analyzer {
             if (pomName != null) {
                 foundSomething = true;
                 dependency.getProductEvidence().addEvidence("pom", "name", pomName, Evidence.Confidence.HIGH);
+                dependency.getVendorEvidence().addEvidence("pom", "name", pomName, Evidence.Confidence.HIGH);
             }
 
             //Description