added ftp:ftp as a false positive for Java projects

Former-commit-id: dbc2c6dc2d2d2b439f0e148f5c8ad17fe6ee4a11
2026-01-15 00:03:43 +01:00 · 2013-10-13 14:03:52 -04:00
parent 623c2cb9f1
commit 8fd6f7add9
1 changed files with 1 additions and 0 deletions
--- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/FalsePositiveAnalyzer.java
+++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/FalsePositiveAnalyzer.java
@@ -279,6 +279,7 @@ public class FalsePositiveAnalyzer extends AbstractAnalyzer {
                        || i.getValue().startsWith("cpe:/a:file:file")
                        || i.getValue().startsWith("cpe:/a:mozilla:mozilla")
                        || i.getValue().startsWith("cpe:/a:cvs:cvs")
+                        || i.getValue().startsWith("cpe:/a:ftp:ftp")
                        || i.getValue().startsWith("cpe:/a:ssh:ssh"))
                        && dependency.getFileName().toLowerCase().endsWith(".jar")) {
                    itr.remove();