This analyzer ensures dependencies that should be grouped together, to remove excess noise from the report, are grouped. An example would be Spring, Spring Beans, Spring MVC, etc. If they are all for the same version and have the same relative path then these should be grouped into a single dependency under the core/main library.
Note, this grouping only works on dependencies with identified CVE entries
@author Jeremy Long
|
|