You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@myfaces.apache.org by lo...@apache.org on 2021/06/23 09:38:56 UTC

[myfaces-build-tools] branch master updated (9501058 -> 0622927)

This is an automated email from the ASF dual-hosted git repository.

lofwyr pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/myfaces-build-tools.git.


    from 9501058  [maven-release-plugin] prepare for next development iteration
     new 79d5082  feat: CVE suppression for Tobago 5
     new 0622927  feat: CVE suppression for Tobago 5

The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 .../dependency-check-suppression-for-tobago-5.x.xml   | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

[myfaces-build-tools] 02/02: feat: CVE suppression for Tobago 5

Posted by lo...@apache.org.

This is an automated email from the ASF dual-hosted git repository.

lofwyr pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/myfaces-build-tools.git

commit 06229274fe6b5b56e4d4252349a2c80e888426b9
Author: Udo Schnurpfeil <ud...@irian.eu>
AuthorDate: Wed Jun 23 11:38:20 2021 +0200

    feat: CVE suppression for Tobago 5
    
    further dependencies, but only used at build time
    
    issue: TOBAGO-2084
---
 .../resources/tobago/dependency-check-suppression-for-tobago-5.x.xml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/other/checkstyle-rules/src/main/resources/tobago/dependency-check-suppression-for-tobago-5.x.xml b/other/checkstyle-rules/src/main/resources/tobago/dependency-check-suppression-for-tobago-5.x.xml
index 2acf5b9..148e747 100644
--- a/other/checkstyle-rules/src/main/resources/tobago/dependency-check-suppression-for-tobago-5.x.xml
+++ b/other/checkstyle-rules/src/main/resources/tobago/dependency-check-suppression-for-tobago-5.x.xml
@@ -3,6 +3,11 @@
               xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
               xsi:schemaLocation="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
   <suppress>
+    <notes><![CDATA[ file name: jdom2-2.0.6.jar ]]></notes>
+    <packageUrl regex="true">^pkg:maven/org\.jdom/jdom2@.*$</packageUrl>
+    <cve>CVE-2021-33813</cve>
+  </suppress>
+  <suppress>
     <notes><![CDATA[ file name: path-parse:1.0.6 ]]></notes>
     <packageUrl regex="true">^pkg:npm/path\-parse@.*$</packageUrl>
     <cve>CVE-2021-23343</cve>

[myfaces-build-tools] 01/02: feat: CVE suppression for Tobago 5

Posted by lo...@apache.org.

This is an automated email from the ASF dual-hosted git repository.

lofwyr pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/myfaces-build-tools.git

commit 79d508232887430aa3a2c4863bb27ea54c67cbb7
Author: Udo Schnurpfeil <ud...@irian.eu>
AuthorDate: Wed Jun 9 16:02:00 2021 +0200

    feat: CVE suppression for Tobago 5
    
    further dependencies, but only used at build time
    
    issue: TOBAGO-2084
---
 .../tobago/dependency-check-suppression-for-tobago-5.x.xml | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/other/checkstyle-rules/src/main/resources/tobago/dependency-check-suppression-for-tobago-5.x.xml b/other/checkstyle-rules/src/main/resources/tobago/dependency-check-suppression-for-tobago-5.x.xml
index c4965d2..2acf5b9 100644
--- a/other/checkstyle-rules/src/main/resources/tobago/dependency-check-suppression-for-tobago-5.x.xml
+++ b/other/checkstyle-rules/src/main/resources/tobago/dependency-check-suppression-for-tobago-5.x.xml
@@ -7,4 +7,18 @@
     <packageUrl regex="true">^pkg:npm/path\-parse@.*$</packageUrl>
     <cve>CVE-2021-23343</cve>
   </suppress>
+  <suppress>
+    <notes><![CDATA[ file name: glob-parent:6.0.0 ]]></notes>
+    <packageUrl regex="true">^pkg:npm/glob\-parent@.*$</packageUrl>
+    <vulnerabilityName>1751</vulnerabilityName>
+  </suppress>
+  <suppress>
+    <notes><![CDATA[ file name: trim-newlines:4.0.1 ]]></notes>
+    <packageUrl regex="true">^pkg:npm/trim\-newlines@.*$</packageUrl>
+    <vulnerabilityName>1753</vulnerabilityName>
+  </suppress>  <suppress>
+    <notes><![CDATA[ file name: trim-newlines:1.0.0 ]]></notes>
+    <packageUrl regex="true">^pkg:npm/trim\-newlines@.*$</packageUrl>
+    <cpe>cpe:/a:trim-newlines_project:trim-newlines</cpe>
+  </suppress>
 </suppressions>