TOBAGO-1756: Adding CVE check of OWASP to the release process (Tobago 2.x)
* retrying release 8
diff --git a/other/checkstyle-rules/pom.xml b/other/checkstyle-rules/pom.xml
index 3b6a587..01edac3 100644
--- a/other/checkstyle-rules/pom.xml
+++ b/other/checkstyle-rules/pom.xml
@@ -35,7 +35,7 @@
<groupId>org.apache.myfaces.buildtools</groupId>
<artifactId>checkstyle-rules</artifactId>
<packaging>jar</packaging>
- <version>9-SNAPSHOT</version>
+ <version>8-SNAPSHOT</version>
<name>checkstyle-rules</name>
<url>http://maven.apache.org</url>
diff --git a/other/checkstyle-rules/src/main/resources/tobago/dependency-check-suppression-for-tobago-2.0.xml b/other/checkstyle-rules/src/main/resources/tobago/dependency-check-suppression-for-tobago-2.0.xml
index ed5d8fe..a973e7d 100644
--- a/other/checkstyle-rules/src/main/resources/tobago/dependency-check-suppression-for-tobago-2.0.xml
+++ b/other/checkstyle-rules/src/main/resources/tobago/dependency-check-suppression-for-tobago-2.0.xml
@@ -4,7 +4,7 @@
xsi:schemaLocation="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.1.xsd https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.1.xsd">
<suppress>
<notes><![CDATA[ subject of CVE is myfaces-core version, but not Tobago version ]]></notes>
- <gav regex="true">^org\.apache\.myfaces\.tobago:*:.*$</gav>
+ <gav regex="true">^org\.apache\.myfaces\.tobago:.*:.*$</gav>
<cve>CVE-2011-4367</cve>
</suppress>
<suppress>
@@ -25,7 +25,7 @@
</suppress>
<suppress>
<notes><![CDATA[ subject of CVE is Trinidad version, but not Tobago version ]]></notes>
- <gav regex="true">^org\.apache\.myfaces\.tobago:tobago-tool-annotation:.*$</gav>
+ <gav regex="true">^org\.apache\.myfaces\.tobago:.*:.*$</gav>
<cve>CVE-2016-5019</cve>
</suppress>
</suppressions>
