Skip to content

Commit

Permalink
chore: update suppressions (#25)
Browse files Browse the repository at this point in the history
  • Loading branch information
zieka authored Dec 4, 2024
1 parent e6a3ec6 commit 2ce0a5f
Show file tree
Hide file tree
Showing 2 changed files with 38 additions and 1 deletion.
11 changes: 11 additions & 0 deletions build.gradle.kts
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,17 @@ import com.github.jengelman.gradle.plugins.shadow.tasks.ShadowJar
plugins {
id("org.openrewrite.build.recipe-library") version "latest.release"
id("com.github.johnrengelman.shadow") version "latest.release"
id("org.owasp.dependencycheck") version "latest.release"
}

dependencyCheck {
analyzers.assemblyEnabled = false
analyzers.nodeAuditEnabled = false
analyzers.nodeEnabled = false
failBuildOnCVSS = System.getenv("FAIL_BUILD_ON_CVSS")?.toFloatOrNull() ?: 9.0F
format = System.getenv("DEPENDENCY_CHECK_FORMAT") ?: "HTML"
nvd.apiKey = System.getenv("NVD_API_KEY")
suppressionFile = "suppressions.xml"
}

group = "org.openrewrite.recipe"
Expand Down
28 changes: 27 additions & 1 deletion suppressions.xml
Original file line number Diff line number Diff line change
Expand Up @@ -40,4 +40,30 @@
<packageUrl regex="true">^pkg:maven/org\.springframework/spring-webflux@.*$</packageUrl>
<vulnerabilityName>CVE-2024-38816</vulnerabilityName>
</suppress>
</suppressions>
<suppress until="2024-12-25Z">
<notes><![CDATA[
develocity and gradle
reason: using latest release of com.gradle.develocity and com.gradle.common-custom-user-data-gradle-plugin
]]></notes>
<cve>CVE-2019-11402</cve>
<cve>CVE-2019-11403</cve>
<cve>CVE-2019-15052</cve>
<cve>CVE-2020-11979</cve>
<cve>CVE-2021-29427</cve>
<cve>CVE-2021-29428</cve>
<cve>CVE-2021-32751</cve>
<cve>CVE-2021-41589</cve>
<cve>CVE-2022-25364</cve>
<cve>CVE-2023-35947</cve>
<cve>CVE-2023-45161</cve>
<cve>CVE-2023-45163</cve>
<cve>CVE-2023-49238</cve>
<cve>CVE-2023-5964</cve>
</suppress>
<suppress until="2024-12-25Z">
<notes><![CDATA[
Spring Web
]]></notes>
<cve>CVE-2016-1000027</cve>
</suppress>
</suppressions>

0 comments on commit 2ce0a5f

Please sign in to comment.