github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-15 00:03:43 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
034dd03d2d5aa25f796f6bb8fc899c5f9d2112e0
DependencyCheck/suppression.html
Jeremy Long 412ac1c084 version 1.0.8
2014-01-16 08:07:24 -05:00

207 lines
7.9 KiB
HTML
Raw Blame History

<!DOCTYPE html>
<!--
| Generated by Apache Maven Doxia at 2014-01-16
| Rendered using Apache Maven Fluido Skin 1.3.0
-->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta name="Date-Revision-yyyymmdd" content="20140116" />
<meta http-equiv="Content-Language" content="en" />
<title>dependency-check - Suppressing False Positives</title>
<link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" />
<link rel="stylesheet" href="./css/site.css" />
<link rel="stylesheet" href="./css/print.css" media="print" />
<script type="text/javascript" src="./js/apache-maven-fluido-1.3.0.min.js"></script>
<style type="text/css">#bannerLeft { margin-top:50px !important }</style>
</head>
<body class="topBarDisabled">
<a href="http://github.com/jeremylong/DependencyCheck">
<img style="position: absolute; top: 0; right: 0; border: 0; z-index: 10000;"
src="https://s3.amazonaws.com/github/ribbons/forkme_right_gray_6d6d6d.png"
alt="Fork me on GitHub">
</a>
<div class="container-fluid">
<div id="banner">
<div class="pull-left">
<div id="bannerLeft">
<h2>dependency-check</h2>
</div>
</div>
<div class="pull-right"> </div>
<div class="clear"><hr/></div>
</div>
<div id="breadcrumbs">
<ul class="breadcrumb">
<li class="">
<a href="#" title="">
</a>
</li>
<li class="divider ">/</li>
<li class="">Suppressing False Positives</li>
<li id="publishDate" class="pull-right">Last Published: 2014-01-16</li> <li class="divider pull-right">|</li>
<li id="projectVersion" class="pull-right">Version: 1.0.8</li>
</ul>
</div>
<div class="row-fluid">
<div id="leftColumn" class="span3">
<div class="well sidebar-nav">
<ul class="nav nav-list">
<li class="nav-header">Project Documentation</li>
<li>
<a href="project-info.html" title="Project Information">
<i class="icon-chevron-right"></i>
Project Information</a>
</li>
<li class="nav-header">General</li>
<li class="active">
<a href="#"><i class="none"></i>False Positives</a>
</li>
<li class="nav-header">Modules</li>
<li>
<a href="dependency-check-core/index.html" title="dependency-check-core">
<i class="none"></i>
dependency-check-core</a>
</li>
<li>
<a href="dependency-check-cli/installation.html" title="dependency-check-cli">
<i class="none"></i>
dependency-check-cli</a>
</li>
<li>
<a href="dependency-check-ant/installation.html" title="dependency-check-ant">
<i class="none"></i>
dependency-check-ant</a>
</li>
<li>
<a href="dependency-check-maven/usage.html" title="dependency-check-maven">
<i class="none"></i>
dependency-check-maven</a>
</li>
<li>
<a href="dependency-check-jenkins/index.html" title="dependency-check-jenkins">
<i class="none"></i>
dependency-check-jenkins</a>
</li>
</ul>
<hr class="divider" />
<div id="poweredBy">
<div class="clear"></div>
<div class="clear"></div>
<div id="twitter">
<a href="https://twitter.com/ctxt" class="twitter-follow-button" data-show-count="true" data-align="left" data-size="medium" data-show-screen-name="true" data-lang="en">Follow ctxt</a>
<script type="text/javascript">!function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0];if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src="//platform.twitter.com/widgets.js";fjs.parentNode.insertBefore(js,fjs);}}(document,"script","twitter-wjs");</script>
</div>
<div class="clear"></div>
<a href="http://maven.apache.org/" title="Built by Maven" class="poweredBy">
<img class="builtBy" alt="Built by Maven" src="./images/logos/maven-feather.png" />
</a>
</div>
</div>
</div>
<div id="bodyColumn" class="span9" >
<h1>Suppressing False Positives</h1>
<p>Due to how dependency-check identifies libraries false positives may occur (a CPE was identified that is incorrect). Suppressing these false positives is fairly easy using the HTML report. In the report next to each CPE identified (and on CVE entries) there is a suppress button. Clicking the suppression button will create a dialogue box which you can simple hit Control-C to copy the XML that you would place into a suppression XML file. If this is the first time you are creating the suppression file you should click the &#x201c;Complete XML Doc&#x201d; button on the top of the dialogue box to add the necessary schema elements.</p>
<p>A sample suppression file would look like:</p>
<div class="source">
<pre>&lt;?xml version=&quot;1.0&quot; encoding=&quot;UTF-8&quot;?&gt;
&lt;suppressions xmlns=&quot;https://www.owasp.org/index.php/OWASP_Dependency_Check_Suppression&quot;&gt;
&lt;suppress&gt;
&lt;notes&gt;&lt;![CDATA[
file name: some.jar
]]&gt;&lt;/notes&gt;
&lt;sha1&gt;66734244CE86857018B023A8C56AE0635C56B6A1&lt;/sha1&gt;
&lt;cpe&gt;cpe:/a:apache:struts:2.0.0&lt;/cpe&gt;
&lt;/suppress&gt;
&lt;/suppressions&gt;
</pre></div>
<p>The above XML file will suppress the cpe:/a:apache:struts:2.0.0 from any file with the a matching SHA1 hash.</p>
<p>The full schema for suppression files can be found here: <a class="externalLink" href="https://github.com/jeremylong/DependencyCheck/blob/master/dependency-check-core/src/main/resources/schema/suppression.xsd" title="Suppression Schema">suppression.xsd</a></p>
<p>Please see the appropriate configuration option in each interfaces configuration guide:</p>
<ul>
<li><a href="dependency-check-cli/arguments.html">Command Line Tool</a></li>
<li><a href="dependency-check-maven/configuration.html">Maven Plugin</a></li>
<li><a href="dependency-check-ant/configuration.html">Ant Task</a></li>
<li><a href="dependency-check-jenkins/index.html">Jenkins Plugin</a></li>
</ul>
</div>
</div>
</div>
<hr/>
<footer>
<div class="container-fluid">
<div class="row span12">Copyright &copy; 2012-2014
<a href="http://www.owasp.org">OWASP</a>.
All Rights Reserved.
</div>
</div>
</footer>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink