Ignore false positive on static analysis tools

Until 2023-01-01Z !
This commit is contained in:
Benoit Marty 2022-03-29 19:38:10 +02:00
parent 587948c1b9
commit 963b2dfa57
2 changed files with 24 additions and 0 deletions

View File

@ -35,6 +35,13 @@ plugins {
// https://github.com/jeremylong/DependencyCheck
apply plugin: 'org.owasp.dependencycheck'
dependencyCheck {
// See https://jeremylong.github.io/DependencyCheck/general/suppression.html
suppressionFiles = [
"./tools/dependencycheck/suppressions.xml"
]
}
allprojects {
apply plugin: "org.jlleitschuh.gradle.ktlint"

View File

@ -0,0 +1,17 @@
<?xml version="1.0" encoding="UTF-8"?>
<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
<suppress until="2023-01-01Z">
<notes><![CDATA[
file name: ktlint-reporter-checkstyle-0.45.1.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/com\.pinterest\.ktlint/ktlint\-reporter\-checkstyle@.*$</packageUrl>
<cve>CVE-2019-10782</cve>
</suppress>
<suppress until="2023-01-01Z">
<notes><![CDATA[
file name: ktlint-reporter-checkstyle-0.45.1.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/com\.pinterest\.ktlint/ktlint\-reporter\-checkstyle@.*$</packageUrl>
<cve>CVE-2019-9658</cve>
</suppress>
</suppressions>