github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-03-24 01:51:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

added suppression notes

Browse Source
This commit is contained in:
Jeremy Long
2017-02-26 09:16:53 -05:00
parent b228d08843
commit e363e8109b
2 changed files with 20 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
dependency-check-core/src/test/java/org/owasp/dependencycheck/reporting/ReportGeneratorIntegrationTest.java
View File

@@ -123,6 +123,9 @@ public class ReportGeneratorIntegrationTest extends BaseDBTestCase {
f.mkdir(); f.mkdir();
} }
String writeTo = "target/test-reports/Report.xml"; String writeTo = "target/test-reports/Report.xml";
File suppressionFile = BaseTest.getResourceAsFile(this, "incorrectSuppressions.xml");
Settings.setString(Settings.KEYS.SUPPRESSION_FILE, suppressionFile.getAbsolutePath());
//File struts = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath()); //File struts = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
File struts = BaseTest.getResourceAsFile(this, "struts2-core-2.1.2.jar"); File struts = BaseTest.getResourceAsFile(this, "struts2-core-2.1.2.jar");

17
dependency-check-core/src/test/resources/incorrectSuppressions.xml Normal file
View File

@@ -0,0 +1,17 @@
<?xml version="1.0" encoding="UTF-8"?>
<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.1.xsd">
<suppress>
<notes><![CDATA[
Invalid suppression of CPE - just testing the notes.
]]></notes>
<gav regex="true">^jetty:org\.mortbay\.jetty:.*$</gav>
<cpe>cpe:/a:mortbay_jetty:jetty</cpe>
</suppress>
<suppress>
<notes><![CDATA[
Invalid suppression of CVE - just testing the notes.
]]></notes>
<gav regex="true">^org\.apache\.struts:struts2-core:.*$</gav>
<cve>CVE-2008-6504</cve>
</suppress>
</suppressions>