You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@myfaces.apache.org by lo...@apache.org on 2021/06/23 09:38:57 UTC
[myfaces-build-tools] 01/02: feat: CVE suppression for Tobago 5
This is an automated email from the ASF dual-hosted git repository.
lofwyr pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/myfaces-build-tools.git
commit 79d508232887430aa3a2c4863bb27ea54c67cbb7
Author: Udo Schnurpfeil <ud...@irian.eu>
AuthorDate: Wed Jun 9 16:02:00 2021 +0200
feat: CVE suppression for Tobago 5
further dependencies, but only used at build time
issue: TOBAGO-2084
---
.../tobago/dependency-check-suppression-for-tobago-5.x.xml | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/other/checkstyle-rules/src/main/resources/tobago/dependency-check-suppression-for-tobago-5.x.xml b/other/checkstyle-rules/src/main/resources/tobago/dependency-check-suppression-for-tobago-5.x.xml
index c4965d2..2acf5b9 100644
--- a/other/checkstyle-rules/src/main/resources/tobago/dependency-check-suppression-for-tobago-5.x.xml
+++ b/other/checkstyle-rules/src/main/resources/tobago/dependency-check-suppression-for-tobago-5.x.xml
@@ -7,4 +7,18 @@
<packageUrl regex="true">^pkg:npm/path\-parse@.*$</packageUrl>
<cve>CVE-2021-23343</cve>
</suppress>
+ <suppress>
+ <notes><![CDATA[ file name: glob-parent:6.0.0 ]]></notes>
+ <packageUrl regex="true">^pkg:npm/glob\-parent@.*$</packageUrl>
+ <vulnerabilityName>1751</vulnerabilityName>
+ </suppress>
+ <suppress>
+ <notes><![CDATA[ file name: trim-newlines:4.0.1 ]]></notes>
+ <packageUrl regex="true">^pkg:npm/trim\-newlines@.*$</packageUrl>
+ <vulnerabilityName>1753</vulnerabilityName>
+ </suppress> <suppress>
+ <notes><![CDATA[ file name: trim-newlines:1.0.0 ]]></notes>
+ <packageUrl regex="true">^pkg:npm/trim\-newlines@.*$</packageUrl>
+ <cpe>cpe:/a:trim-newlines_project:trim-newlines</cpe>
+ </suppress>
</suppressions>