From b05f13d82bb02f495080d40fb1b9e3e9e5a0b358 Mon Sep 17 00:00:00 2001
From: Jeremy Long <jeremy.long@gmail.com>
Date: Sat, 25 Jan 2014 06:42:45 -0500
Subject: [PATCH] added javadoc comments and corrected a typo in pom.xml file
 names

Former-commit-id: a066b9343c8895ad2ee7b7b419fdb0d6dd0d8cfe
---
 .../analyzer/DependencyBundlingAnalyzer.java        | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/DependencyBundlingAnalyzer.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/DependencyBundlingAnalyzer.java
index 5335bfac6..acff9d256 100644
--- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/DependencyBundlingAnalyzer.java
+++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/DependencyBundlingAnalyzer.java
@@ -390,12 +390,21 @@ public class DependencyBundlingAnalyzer extends AbstractAnalyzer implements Anal
         return dependency1.getSha1sum().equals(dependency2.getSha1sum());
     }
 
+    /**
+     * Determines if the jar is shaded and the created pom.xml identified the same CPE as the jar - if so, the pom.xml
+     * dependency should be removed.
+     *
+     * @param dependency a dependency to check
+     * @param nextDependency another dependency to check
+     * @return true if on of the dependencies is a pom.xml and the identifiers between the two collections match;
+     * otherwise false
+     */
     private boolean isShadedJar(Dependency dependency, Dependency nextDependency) {
         final String mainName = dependency.getFileName().toLowerCase();
         final String nextName = nextDependency.getFileName().toLowerCase();
-        if (mainName.endsWith(".jar") && nextName.endsWith("pomx.xml")) {
+        if (mainName.endsWith(".jar") && nextName.endsWith("pom.xml")) {
             return dependency.getIdentifiers().containsAll(nextDependency.getIdentifiers());
-        } else if (nextName.endsWith(".jar") && mainName.endsWith("pomx.xml")) {
+        } else if (nextName.endsWith(".jar") && mainName.endsWith("pom.xml")) {
             return nextDependency.getIdentifiers().containsAll(dependency.getIdentifiers());
         }
         return false;