Skip to content
This repository was archived by the owner on Apr 22, 2025. It is now read-only.

Commit 623cb41

Browse files
bestbeforetodaybestbeforetoday
authored
Update dependency-check plugin to avoid false positives (#149)
Signed-off-by: Mark S. Lewis <[email protected]>
1 parent 68c517f commit 623cb41

File tree

2 files changed

+1
-15
lines changed

2 files changed

+1
-15
lines changed

dependency-suppressions.xml

Lines changed: 0 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -34,18 +34,4 @@
3434
<packageUrl regex="true">^pkg:maven/org\.yaml/snakeyaml@.*$</packageUrl>
3535
<vulnerabilityName>CVE-2022-1471</vulnerabilityName>
3636
</suppress>
37-
<suppress>
38-
<notes><![CDATA[
39-
Vulnerability in gopkg.in/yaml.v3 Golang module, not SnakeYaml
40-
]]></notes>
41-
<packageUrl regex="true">^pkg:maven/org\.yaml/snakeyaml@.*$</packageUrl>
42-
<cve>CVE-2022-3064</cve>
43-
</suppress>
44-
<suppress>
45-
<notes><![CDATA[
46-
Vulnerability in gopkg.in/yaml.v3 Golang module, not SnakeYaml
47-
]]></notes>
48-
<packageUrl regex="true">^pkg:maven/org\.yaml/snakeyaml@.*$</packageUrl>
49-
<cve>CVE-2021-4235</cve>
50-
</suppress>
5137
</suppressions>

pom.xml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -342,7 +342,7 @@
342342
<plugin>
343343
<groupId>org.owasp</groupId>
344344
<artifactId>dependency-check-maven</artifactId>
345-
<version>7.4.4</version>
345+
<version>8.1.2</version>
346346
<configuration>
347347
<skipProvidedScope>true</skipProvidedScope>
348348
<skipTestScope>true</skipTestScope>

0 commit comments

Comments
 (0)