]> source.dussan.org Git - sonarqube.git/commitdiff
Suppress false positive match of alm-gallery-client
authorMalena Ebert <malena.ebert@sonarsource.com>
Fri, 2 Oct 2020 14:31:29 +0000 (16:31 +0200)
committersonartech <sonartech@sonarsource.com>
Mon, 5 Oct 2020 20:07:41 +0000 (20:07 +0000)
owasp-suppressions.xml

index f4e3114039a87cd86ed573fcd2fb6bedb1ef4434..96f7512c91fe1beca9188ba819fa94f28be54910 100644 (file)
     <packageUrl regex="true">pkg:maven/com\.jcraft/jsch\.agentproxy\..*@0.0.7</packageUrl>
     <cve>CVE-2016-5725</cve>
   </suppress>
+
+  <suppress>
+    <notes>
+      <![CDATA[
+        file name: alm-gallery-client-1.0.2.jar will be matched to a wrong cpe string
+      ]]>
+    </notes>
+    <packageUrl regex="true">^pkg:maven/com\.sonarsource\.vsts/alm\-gallery\-client@.*$</packageUrl>
+    <cpe>cpe:/a:gallery:gallery</cpe>
+  </suppress>
 </suppressions>