github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-03-22 09:09:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

added more suppression rules for false positives

Browse Source
This commit is contained in:
Jeremy Long
2017-02-25 06:31:34 -05:00
parent d08357a1c2
commit 03559fd106
1 changed files with 22 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
dependency-check-core/src/main/resources/dependencycheck-base-suppression.xml
View File

@@ -508,6 +508,28 @@
<cpe>cpe:/a:shim:shim</cpe> <cpe>cpe:/a:shim:shim</cpe>
<cpe>cpe:/a:python:python</cpe> <cpe>cpe:/a:python:python</cpe>
</suppress> </suppress>
<suppress base="true">
<notes><![CDATA[
checkpoint firewall is not at the application layer.
]]></notes>
<filePath regex="true">.*</filePath>
<cpe>cpe:/a:checkpoint:check_point</cpe>
</suppress>
<suppress base="true">
<notes><![CDATA[
Bouncy Castle Time Stamp Protocol is not related to openpgp.
]]></notes>
<gav regex="true">^org\.bouncycastle:bctsp.*$</gav>
<cpe>cpe:/a:openpgp:openpgp</cpe>
<cpe>cpe:/a:pgp:openpgp</cpe>
</suppress>
<suppress base="true">
<notes><![CDATA[
Apache XML Graphics is used by Batik - but should not be identified as batik.
]]></notes>
<gav regex="true">^org\.apache\.xmlgraphics:xmlgraphics-commons:.*$</gav>
<cpe>cpe:/a:apache:batik</cpe>
</suppress>
<suppress base="true"> <suppress base="true">
<notes><![CDATA[ <notes><![CDATA[
False positive suppression per issue #664 for JJWT - A Java and Android JSON Web Token library False positive suppression per issue #664 for JJWT - A Java and Android JSON Web Token library