diff options
| author | Eric Hartmann <hartmann.eric@gmail.com> | 2017-10-23 16:51:57 +0200 |
|---|---|---|
| committer | Eric Hartmann <hartmann.eric@gmail.Com> | 2017-10-23 18:12:53 +0200 |
| commit | 95d91e6fff76d8561e5d9dd71379dde8bc6258fa (patch) | |
| tree | bdb1427d740c4cffd6aaac5e6af32e67c2608332 /sonar-application | |
| parent | fd159be5511c32622ea4db04ddb6cb854fe7a205 (diff) | |
| download | sonarqube-95d91e6fff76d8561e5d9dd71379dde8bc6258fa.tar.gz sonarqube-95d91e6fff76d8561e5d9dd71379dde8bc6258fa.zip | |
SONAR-10018 Upgrade JJWT to 0.9.0
Diffstat (limited to 'sonar-application')
| -rw-r--r-- | sonar-application/dependency-check-suppressions.xml | 178 |
1 files changed, 178 insertions, 0 deletions
diff --git a/sonar-application/dependency-check-suppressions.xml b/sonar-application/dependency-check-suppressions.xml new file mode 100644 index 00000000000..28e626eabd7 --- /dev/null +++ b/sonar-application/dependency-check-suppressions.xml @@ -0,0 +1,178 @@ +<?xml version="1.0" encoding="UTF-8"?> +<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.1.xsd"> + <!-- + TODO : Remove this snippet when sonar-plugin-api-deps is removed + --> + <suppress> + <notes><![CDATA[ + file name: sonar-core-6.7-SNAPSHOT.jar: sonar-plugin-api-deps.jar/META-INF/maven/org.apache.commons/commons-email/pom.xml + ]]></notes> + <gav regex="true">^org\.apache\.commons:commons-email:.*$</gav> + <cpe>cpe:/a:apache:commons_email</cpe> + </suppress> + <suppress> + <notes><![CDATA[ + file name: sonar-core-6.7-SNAPSHOT.jar: sonar-plugin-api-deps.jar/META-INF/maven/ch.qos.logback/logback-core/pom.xml + ]]></notes> + <gav regex="true">^ch\.qos\.logback:logback-core:.*$</gav> + <cpe>cpe:/a:logback:logback</cpe> + </suppress> + <suppress> + <notes><![CDATA[ + file name: sonar-core-6.7-SNAPSHOT.jar: sonar-plugin-api-deps.jar/META-INF/maven/ch.qos.logback/logback-classic/pom.xml + ]]></notes> + <gav regex="true">^ch\.qos\.logback:logback-classic:.*$</gav> + <cpe>cpe:/a:logback:logback</cpe> + </suppress> + <!-- + End of TODO + --> + + <!-- False positive --> + + <!-- Protobuf (issue on C++ side) --> + <suppress> + <notes><![CDATA[ + file name: sonar-scanner-engine-shaded-6.7-SNAPSHOT.jar/META-INF/maven/com.google.protobuf/protobuf-java/pom.xml + file name: sonar-csharp-plugin-6.4.1.3596.jar: protobuf-java-3.1.0.jar + ]]></notes> + <gav regex="true">^com\.google\.protobuf:protobuf-java:.*$</gav> + <cpe>cpe:/a:google:protobuf</cpe> + </suppress> + <suppress> + <notes><![CDATA[ + file name: sonar-csharp-plugin-6.4.1.3596.jar: SonarAnalyzer-6.4.1.3596.zip: Google.Protobuf.dll + ]]></notes> + <filePath regex="true">^.*Google.Protobuf.dll$</filePath> + <cve>CVE-2015-5237</cve> + </suppress> + + <!-- Tomcat --> + <suppress> + <notes><![CDATA[ + file name: tomcat-annotations-api-8.5.23.jar + ]]></notes> + <gav regex="true">^org\.apache\.tomcat:tomcat-annotations-api:.*$</gav> + <cpe>cpe:/a:apache:tomcat</cpe> + <cpe>cpe:/a:apache_software_foundation:tomcat</cpe> + <cpe>cpe:/a:apache_tomcat:apache_tomcat</cpe> + </suppress> + + + <!-- MsSQL --> + <suppress> + <notes><![CDATA[ + file name: mssql-jdbc-6.2.2.jre8.jar + ]]></notes> + <gav regex="true">^com\.microsoft\.sqlserver:mssql-jdbc:.*$</gav> + <cpe>cpe:/a:microsoft:sql_server:6.2.2.jre8</cpe> + <cpe>cpe:/a:microsoft:project_server:6.2.2.jre8</cpe> + <cpe>cpe:/a:microsoft:server:6.2.2.jre8</cpe> + </suppress> + + <!-- MySQL Driver --> + <suppress> + <notes><![CDATA[ + file name: mysql-connector-java-5.1.44.jar + ]]></notes> + <gav regex="true">^mysql:mysql-connector-java:.*$</gav> + <cpe>cpe:/a:oracle:mysql_connectors</cpe> + <cpe>cpe:/a:mysql:mysql:5.1.44</cpe> + <cpe>cpe:/a:oracle:connector/j:5.1.44</cpe> + <cpe>cpe:/a:oracle:mysql:5.1.44</cpe> + <cpe>cpe:/a:sun:mysql_connector/j:5.1.44</cpe> + </suppress> + + <!-- Flex plugin --> + <suppress> + <notes><![CDATA[ + file name: sonar-flex-plugin-2.3.jar/META-INF/maven/org.sonarsource.flex/flex-checks/pom.xml + ]]></notes> + <gav regex="true">^org\.sonarsource\.flex:flex-checks:.*$</gav> + <cpe>cpe:/a:flex_project:flex</cpe> + </suppress> + <suppress> + <notes><![CDATA[ + file name: sonar-flex-plugin-2.3.jar + ]]></notes> + <gav regex="true">^org\.sonarsource\.flex:sonar-flex-plugin:.*$</gav> + <cpe>cpe:/a:flex_project:flex</cpe> + </suppress> + + <!-- PHP plugin --> + <suppress> + <notes><![CDATA[ + file name: sonar-php-plugin-2.10.0.2087.jar + ]]></notes> + <gav regex="true">^org\.sonarsource\.php:sonar-php-plugin:.*$</gav> + <cpe>cpe:/a:php:php</cpe> + </suppress> + <suppress> + <notes><![CDATA[ + file name: php-checks-2.10.0.2087.jar + ]]></notes> + <gav regex="true">^org\.sonarsource\.php:php-checks:.*$</gav> + <cpe>cpe:/a:php:php</cpe> + </suppress> + <suppress> + <notes><![CDATA[ + file name: php-frontend-2.10.0.2087.jar + ]]></notes> + <gav regex="true">^org\.sonarsource\.php:php-frontend:.*$</gav> + <cpe>cpe:/a:php:php</cpe> + </suppress> + + <!-- Python plugin --> + <suppress> + <notes><![CDATA[ + file name: sonar-python-plugin-1.8.0.1496.jar + ]]></notes> + <gav regex="true">^org\.sonarsource\.python:sonar-python-plugin:.*$</gav> + <cpe>cpe:/a:python:python</cpe> + <cpe>cpe:/a:python_software_foundation:python</cpe> + </suppress> + <suppress> + <notes><![CDATA[ + file name: sonar-python-plugin-1.8.0.1496.jar/META-INF/maven/org.sonarsource.python/python-checks/pom.xml + ]]></notes> + <gav regex="true">^org\.sonarsource\.python:python-checks:.*$</gav> + <cpe>cpe:/a:python:python</cpe> + <cpe>cpe:/a:python_software_foundation:python</cpe> + </suppress> + + <!-- Git plugin --> + <suppress> + <notes><![CDATA[ + file name: sonar-scm-git-plugin-1.3.0.869.jar + ]]></notes> + <gav regex="true">^org\.sonarsource\.scm\.git:sonar-scm-git-plugin:.*$</gav> + <cpe>cpe:/a:git:git</cpe> + <cpe>cpe:/a:git_project:git</cpe> + <cpe>cpe:/a:git-scm:git</cpe> + </suppress> + + <!-- SVN plugin --> + <suppress> + <notes><![CDATA[ + file name: sonar-scm-svn-plugin-1.6.0.860.jar + ]]></notes> + <gav regex="true">^org\.sonarsource\.scm\.svn:sonar-scm-svn-plugin:.*$</gav> + <cpe>cpe:/a:subversion:subversion</cpe> + </suppress> + <suppress> + <notes><![CDATA[ + file name: sonar-scm-svn-plugin-1.6.0.860.jar: sqljet-1.1.10.jar + ]]></notes> + <gav regex="true">^org\.tmatesoft\.sqljet:sqljet:.*$</gav> + <cpe>cpe:/a:sqlite:sqlite</cpe> + </suppress> + + <!-- Squid plugin --> + <suppress> + <notes><![CDATA[ + file name: sonar-xml-plugin-1.4.3.1027.jar: xml-squid-1.4.3.1027.jar + ]]></notes> + <gav regex="true">^org\.sonarsource\.xml:xml-squid:.*$</gav> + <cpe>cpe:/a:squid:squid</cpe> + </suppress> +</suppressions> |