added file analyzer documentation

Former-commit-id: c0c29021cd1197f26942ff36c8b63220d1267c21

src/site/markdown/archive-analyzer.md

@@ -0,0 +1,16 @@
+Archive Analyzer
+==============
+
+Dependency-check includes an analyzer an archive analyzer that will attempt
+to extract files from the archive that are supported by the other file type
+analyzers.
+
+Files Types Scanned: ZIP, EAR, WAR, JAR, SAR, APK, NUPKG, TAR, GZ, TGZ
+
+Additional file extensions for ZIP archives can be added, see the configuration
+section in the Maven, Ant, or CLI interfaces for more information on configuration.
+
+Note, since this analyzer does examine the contents of a JAR file there are times
+that you may see additional entries in the report and/or warnings in the log file (if used)
+for DLL or EXE files contained within the JAR file. In almost all cases these can
+be ignored as it is fairly rare to have a .NET dll or exe within a JAR file.

src/site/markdown/assembly-analyzer.md

@@ -0,0 +1,11 @@
+Jar Analyzer
+==============
+
+Dependency-check includes an analyzer that scans JAR files and collect as
+much information it can about the file as it can. The information collected
+is internally referred to as evidence and is grouped into vendor, product, and version
+buckets. Other analyzers later use this evidence to identify any Common Platform
+Enumeration (CPE) identifiers that apply. Additionally, if a POM is present
+the analyzer will add the Maven group, artifact, and version (GAV).
+
+Files Types Scanned: JAR, WAR

src/site/markdown/jar-analyzer.md

@@ -0,0 +1,10 @@
+Assembly Analyzer
+==============
+
+Dependency-check includes an analyzer that scans .NET dll and exe files and collect as
+much information it can about the files as it can. The information collected
+is internally referred to as evidence and is grouped into vendor, product, and version
+buckets. Other analyzers later use this evidence to identify any Common Platform
+Enumeration (CPE) identifiers that apply.
+
+Files Types Scanned: EXE, DLL

src/site/markdown/nexus-analyzer.md

@@ -1,7 +1,7 @@
 Nexus Analyzer
 ==============
 
-Dependency Check includes an analyzer which will check for the Maven GAV
+Dependency-check includes an analyzer that will check for the Maven GAV
 (Group/Artifact/Version) information for artifacts in the scanned area. By
 default the information comes from [Maven Central][1], but can be configured to
 use a local repository if necessary. If the artifact's hash is found in the

src/site/markdown/nuspec-analyzer.md

@@ -0,0 +1,13 @@
+Nuspec Analyzer
+==============
+
+Dependency-check includes an analyzer that will scan NuGet's Nuspec file to
+collect information about the component being used. The evidence collected
+is used by other analyzers to determine if there are any known vulnerabilities
+associated with the component.
+
+Note, the Nuspec Analyzer does not scan dependencies defined. However, if
+the dependencies have been downloaded and may be included in the scan depending
+on configuration.
+
+Files Types Scanned: NUSPEC

src/site/site.xml

@@ -84,9 +84,23 @@ Copyright (c) 2013 Jeremy Long. All Rights Reserved.
             <item name="Sample Report" href="./SampleReport.html">
                 <description>Sample Report</description>
             </item>
+        </menu>
+        <menu name="File Type Analyzers">
+            <item name="Archive Analyzer" href="./archive-analyzer.html">
+                <description>Archive Analyzer</description>
+            </item>
+            <item name="Jar Analyzer" href="./jar-analyzer.html">
+                <description>Jar Analyzer</description>
+            </item>
             <item name="Nexus Analyzer" href="./nexus-analyzer.html">
                 <description>Nexus Analyzer</description>
             </item>
+            <item name="Assembly Analyzer" href="./assembly-analyzer.html">
+                <description>Assembly Analyzer</description>
+            </item>
+            <item name="Nuspec Analyzer" href="./nuspec-analyzer.html">
+                <description>Nuspec Analyzer</description>
+            </item>
         </menu>
         <menu name="Modules">
             <item name="dependency-check-core" href="./dependency-check-core/index.html">