Home Explore Help
Register Sign In
coolbeer
/
cryptomator
mirror of https://github.com/cryptomator/cryptomator.git
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

Update dependency-check plugin and exclude false positive

(cherry picked from commit ebcd0adf78b12dd9883a2bab20a3a8349c12ca2d)
Armin Schrenk 2 years ago
parent
fd76c89393
commit
8e902877a3
2 changed files with 4 additions and 2 deletions
Split View Show Diff Stats
  1. 1 1
      pom.xml
  2. 3 1
      suppression.xml

+ 1 - 1
pom.xml
View File 

@@ -58,7 +58,7 @@
 
 
 		<!-- build-time dependencies -->
 
 		<jetbrains.annotations.version>23.0.0</jetbrains.annotations.version>
 
-		<dependency-check.version>7.2.1</dependency-check.version>
 
+		<dependency-check.version>7.4.0</dependency-check.version>
 
 		<jacoco.version>0.8.8</jacoco.version>
 
 	</properties>

+ 3 - 1
suppression.xml
View File 

@@ -35,13 +35,15 @@
 
 		<cve>CVE-2022-25366</cve>
 
 	</suppress>
 
 
+	<!-- Apache Commons-cli false positives below -->
 
 	<suppress>
 
 		<notes><![CDATA[
 
 			False positive for commons-cli due, see https://github.com/jeremylong/DependencyCheck/pull/4148
 
 		]]></notes>
 
 		<gav regex="true">^commons\-cli:commons\-cli:.*$</gav>
 
 		<cpe>cpe:/a:apache:james</cpe>
 
-		<!-- while we are at it exclude also this fp -->
 
+		<!-- while we are at it exclude also these fp -->
 
 		<cpe>cpe:/a:spirit-project:spirit</cpe>
 
+		<cpe>cpe:/a:apache:commons_net</cpe>
 
 	</suppress>
 
 </suppressions>