diff --git a/build.gradle.kts b/build.gradle.kts
index 6670b6a..fcd26b8 100644
--- a/build.gradle.kts
+++ b/build.gradle.kts
@@ -3,6 +3,17 @@ import com.github.jengelman.gradle.plugins.shadow.tasks.ShadowJar
plugins {
id("org.openrewrite.build.recipe-library") version "latest.release"
id("com.github.johnrengelman.shadow") version "latest.release"
+ id("org.owasp.dependencycheck") version "latest.release"
+}
+
+dependencyCheck {
+ analyzers.assemblyEnabled = false
+ analyzers.nodeAuditEnabled = false
+ analyzers.nodeEnabled = false
+ failBuildOnCVSS = System.getenv("FAIL_BUILD_ON_CVSS")?.toFloatOrNull() ?: 9.0F
+ format = System.getenv("DEPENDENCY_CHECK_FORMAT") ?: "HTML"
+ nvd.apiKey = System.getenv("NVD_API_KEY")
+ suppressionFile = "suppressions.xml"
}
group = "org.openrewrite.recipe"
diff --git a/suppressions.xml b/suppressions.xml
index 142eecd..d6740c5 100644
--- a/suppressions.xml
+++ b/suppressions.xml
@@ -40,4 +40,30 @@
^pkg:maven/org\.springframework/spring-webflux@.*$
CVE-2024-38816
-
\ No newline at end of file
+
+
+ CVE-2019-11402
+ CVE-2019-11403
+ CVE-2019-15052
+ CVE-2020-11979
+ CVE-2021-29427
+ CVE-2021-29428
+ CVE-2021-32751
+ CVE-2021-41589
+ CVE-2022-25364
+ CVE-2023-35947
+ CVE-2023-45161
+ CVE-2023-45163
+ CVE-2023-49238
+ CVE-2023-5964
+
+
+
+ CVE-2016-1000027
+
+