diff --git a/core/src/main/java/org/owasp/dependencycheck/analyzer/VersionFilterAnalyzer.java b/core/src/main/java/org/owasp/dependencycheck/analyzer/VersionFilterAnalyzer.java index f295e036ecd..1cd1ad432f2 100644 --- a/core/src/main/java/org/owasp/dependencycheck/analyzer/VersionFilterAnalyzer.java +++ b/core/src/main/java/org/owasp/dependencycheck/analyzer/VersionFilterAnalyzer.java @@ -165,8 +165,8 @@ protected void analyzeDependency(Dependency dependency, Engine engine) throws An LOGGER.debug("filtering evidence from {}", dependency.getFileName()); for (Evidence e : dependency.getEvidence(EvidenceType.VERSION)) { - if (!e.isFromHint() && - !(pomMatch && VERSION.equals(e.getName()) + if (!e.isFromHint() + && !(pomMatch && VERSION.equals(e.getName()) && (NEXUS.equals(e.getSource()) || CENTRAL.equals(e.getSource()) || POM.equals(e.getSource()))) && !(fileMatch && VERSION.equals(e.getName()) && FILE.equals(e.getSource())) && !(manifestMatch && MANIFEST.equals(e.getSource()) && IMPLEMENTATION_VERSION.equals(e.getName()))) { diff --git a/core/src/main/java/org/owasp/dependencycheck/dependency/Evidence.java b/core/src/main/java/org/owasp/dependencycheck/dependency/Evidence.java index 1aaff551ead..a726d613850 100644 --- a/core/src/main/java/org/owasp/dependencycheck/dependency/Evidence.java +++ b/core/src/main/java/org/owasp/dependencycheck/dependency/Evidence.java @@ -252,6 +252,7 @@ public int compareTo(@NotNull Evidence o) { */ @Override public String toString() { - return "Evidence{" + "name=" + name + ", source=" + source + ", value=" + value + ", confidence=" + confidence + ", fromHint=" + fromHint + '}'; + return "Evidence{" + "name=" + name + ", source=" + source + ", value=" + value + ", confidence=" + confidence + + ", fromHint=" + fromHint + '}'; } }