| commit | c69ef100106125ba39b919d489e7724390efe243 | [log] [tgz] |
|---|---|---|
| author | Udo Schnurpfeil <udo.schnurpfeil@irian.eu> | Wed Apr 27 12:38:34 2022 +0200 |
| committer | Udo Schnurpfeil <udo.schnurpfeil@irian.eu> | Wed Apr 27 12:38:39 2022 +0200 |
| tree | a9be7d2fe8a12dfc4faf7e371653e345a6f2644d | |
| parent | 503c7b994a3ba2f5da6587a2cfa273ea966fe3a1 [diff] |
build: snappy seems to be a false positive
diff --git a/other/checkstyle-rules/src/main/resources/tobago/dependency-check-suppression-for-tobago-2.x.xml b/other/checkstyle-rules/src/main/resources/tobago/dependency-check-suppression-for-tobago-2.x.xml index fd9f580..148e940 100644 --- a/other/checkstyle-rules/src/main/resources/tobago/dependency-check-suppression-for-tobago-2.x.xml +++ b/other/checkstyle-rules/src/main/resources/tobago/dependency-check-suppression-for-tobago-2.x.xml
@@ -68,4 +68,9 @@ <gav regex="true">^org\.slf4j/log4j\-over\-slf4j.*$</gav> <cve>CVE-2020-9488</cve> </suppress> + <suppress> + <notes><![CDATA[ file name: snappy-0.4.jar ]]></notes> + <packageUrl regex="true">^pkg:maven/org\.iq80\.snappy/snappy@.*$</packageUrl> + <cve>CVE-2018-6353</cve> + </suppress> </suppressions>