added the base property and skipped adding the vulnerability or identifier to the suppressed collection if this is a base suppression rule

Former-commit-id: a668d7d8b9345b6ad44bfff1ced4ab783a1f90d8
2026-01-14 07:43:40 +01:00 · 2014-09-13 05:43:16 -04:00
parent e44ee3bfe1
commit 8fab2f58da
1 changed files with 26 additions and 2 deletions
--- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/suppression/SuppressionRule.java
+++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/suppression/SuppressionRule.java
@@ -266,6 +266,26 @@ public class SuppressionRule {
        return gav != null;
    }

+    private boolean base;
+
+    /**
+     * Get the value of base
+     *
+     * @return the value of base
+     */
+    public boolean isBase() {
+        return base;
+    }
+
+    /**
+     * Set the value of base
+     *
+     * @param base new value of base
+     */
+    public void setBase(boolean base) {
+        this.base = base;
+    }
+
    /**
     * Processes a given dependency to determine if any CPE, CVE, CWE, or CVSS scores should be suppressed. If any
     * should be, they are removed from the dependency.
@@ -300,7 +320,9 @@ public class SuppressionRule {
                final Identifier i = itr.next();
                for (PropertyType c : this.cpe) {
                    if (identifierMatches("cpe", c, i)) {
-                        dependency.addSuppressedIdentifier(i);
+                        if (!isBase()) {
+                            dependency.addSuppressedIdentifier(i);
+                        }
                        itr.remove();
                        break;
                    }
@@ -339,7 +361,9 @@ public class SuppressionRule {
                    }
                }
                if (remove) {
-                    dependency.addSuppressedVulnerability(v);
+                    if (!isBase()) {
+                        dependency.addSuppressedVulnerability(v);
+                    }
                    itr.remove();
                }
            }