Skip to content

Commit

Permalink
- Bump DependencyCheck, skip known CVE in plugin
Browse files Browse the repository at this point in the history
  • Loading branch information
nwithan8 committed Sep 29, 2023
1 parent 8dfc9ac commit 1f07335
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 3 deletions.
7 changes: 6 additions & 1 deletion dependency-check-suppressions.xml
Original file line number Diff line number Diff line change
Expand Up @@ -3,11 +3,16 @@
<suppress>
<!--
Below vulnerabilities are from outdated Protocol Buffers which is the dependency of Error Prone.
This will not affect our code
This will not affect our code.
-->
<vulnerabilityName>CVE-2022-3171</vulnerabilityName>
<vulnerabilityName>CVE-2022-3509</vulnerabilityName>
<vulnerabilityName>CVE-2022-3510</vulnerabilityName>
<vulnerabilityName>CVE-2023-2976</vulnerabilityName>
<!--
Vulnerability in the Dependency Check itself, used during testing.
Will not affect end-users.
Ref: https://github.com/jeremylong/DependencyCheck/issues/5943 -->
<vulnerabilityName>CVE-2023-4759</vulnerabilityName>
</suppress>
</suppressions>
2 changes: 0 additions & 2 deletions pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -334,8 +334,6 @@
<suppressionFile>dependency-check-suppressions.xml</suppressionFile>
<failBuildOnCVSS>7</failBuildOnCVSS>
<junitFailOnCVSS>7</junitFailOnCVSS>
<scanPlugins>false</scanPlugins>
<skipTestScope>true</skipTestScope>
</configuration>
<executions>
<execution>
Expand Down

0 comments on commit 1f07335

Please sign in to comment.