From e106ab5505b08a75f8196b42d6218514d7853170 Mon Sep 17 00:00:00 2001
From: Jeremy Long <jeremy.long@gmail.com>
Date: Sun, 13 Oct 2013 13:19:56 -0400
Subject: [PATCH] fixed bug 24 - short package names are no longer added as
 evvidence

Former-commit-id: 01bb31d35e58b624c31918f4a48fa2e5f584a8c5
---
 .../java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java  | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java
index 3410cf387..cab7efca5 100644
--- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java
+++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java
@@ -515,7 +515,7 @@ public class JarAnalyzer extends AbstractAnalyzer implements Analyzer {
             if (ratio > 0.5) {
                 //TODO remove weighting
                 vendor.addWeighting(entry.getKey());
-                if (addPackagesAsEvidence) {
+                if (addPackagesAsEvidence && entry.getKey().length() > 1) {
                     vendor.addEvidence("jar", "package", entry.getKey(), Evidence.Confidence.LOW);
                 }
             }
@@ -524,7 +524,7 @@ public class JarAnalyzer extends AbstractAnalyzer implements Analyzer {
             final float ratio = entry.getValue() / (float) classCount;
             if (ratio > 0.5) {
                 product.addWeighting(entry.getKey());
-                if (addPackagesAsEvidence) {
+                if (addPackagesAsEvidence && entry.getKey().length() > 1) {
                     product.addEvidence("jar", "package", entry.getKey(), Evidence.Confidence.LOW);
                 }
             }