Precondition

• I checked the issues list for existing open or closed reports of the same problem.

Describe the bug
The initialization process fails, if the libraries (core,utils) are packed in a fat jar, like in Spring services.
The problem is the resource loading of some resources in the core lib.

ERROR: Exception occurred initializing Vulnerability Suppression Analyzer
following DEBUG with more information:

• Error initializing the suppression analyzer: Unable to parse the base suppression data file
• Caused by: java.io.FileNotFoundException: nested:/app/app.jar/!BOOT-INF/lib/dependency-check-core-12.1.3.jar!/dependencycheck-base-suppression.xml (No such file or directory)

Version of dependency-check used
The problem occurs using version 12.1.3 of the core and utils (cli, gradle plugin, maven plugin, etc.)

Log file
When reporting errors, 99% of the time log file output is required. Please post the log file as a gist and provide a link in the new issue.

https://gist.github.com/Thomas-Bergmann/4a272d45cd9a052c2a2e1e86e0f1533f#file-gistfile1-txt

To Reproduce
Steps to reproduce the behavior:

• it's a resource loading problem, so no steps to repeat

Expected behavior
A clear and concise description of what you expected to happen.

• We would like to integrate your libraries in a fat jar like Spring applications doing it

Additional context

• we integrated the library in a service, to check former releases of our software
• our junit test are working, because these tests don't use the fat jar of the service
• many thanks for providing such a library