github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-03-17 23:04:07 +01:00
Code Issues Packages Projects Releases Wiki Activity

added the base property and skipped adding the vulnerability or identifier to the suppressed collection if this is a base suppression rule

Browse Source 
Former-commit-id: a668d7d8b9345b6ad44bfff1ced4ab783a1f90d8
This commit is contained in:
Jeremy Long
2014-09-13 05:43:16 -04:00
parent e44ee3bfe1
commit 8fab2f58da
1 changed files with 26 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
dependency-check-core/src/main/java/org/owasp/dependencycheck/suppression/SuppressionRule.java
View File

@@ -266,6 +266,26 @@ public class SuppressionRule {
return gav != null; return gav != null;
} }
private boolean base;
/**
* Get the value of base
*
* @return the value of base
*/
public boolean isBase() {
return base;
}
/**
* Set the value of base
*
* @param base new value of base
*/
public void setBase(boolean base) {
this.base = base;
}
/** /**
* Processes a given dependency to determine if any CPE, CVE, CWE, or CVSS scores should be suppressed. If any * Processes a given dependency to determine if any CPE, CVE, CWE, or CVSS scores should be suppressed. If any
* should be, they are removed from the dependency. * should be, they are removed from the dependency.
@@ -300,7 +320,9 @@ public class SuppressionRule {
final Identifier i = itr.next(); final Identifier i = itr.next();
for (PropertyType c : this.cpe) { for (PropertyType c : this.cpe) {
if (identifierMatches("cpe", c, i)) { if (identifierMatches("cpe", c, i)) {
dependency.addSuppressedIdentifier(i); if (!isBase()) {
dependency.addSuppressedIdentifier(i);
}
itr.remove(); itr.remove();
break; break;
} }
@@ -339,7 +361,9 @@ public class SuppressionRule {
} }
} }
if (remove) { if (remove) {
dependency.addSuppressedVulnerability(v); if (!isBase()) {
dependency.addSuppressedVulnerability(v);
}
itr.remove(); itr.remove();
} }
} }