'[struts] branch master updated: Fixes suppression file'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       struts-dev
Subject:    [struts] branch master updated: Fixes suppression file
From:       lukaszlenart () apache ! org
Date:       2018-02-26 8:27:31
Message-ID: 151963365160.14475.14032651048904013508 () gitbox ! apache ! org
[Download RAW message or body]

This is an automated email from the ASF dual-hosted git repository.

lukaszlenart pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/struts.git


The following commit(s) were added to refs/heads/master by this push:
     new b4ca6ce  Fixes suppression file
b4ca6ce is described below

commit b4ca6ceec9cd35c858252e4cc852d845404cda69
Author: Lukasz Lenart <lukaszlenart@apache.org>
AuthorDate: Mon Feb 26 09:27:26 2018 +0100

    Fixes suppression file
---
 pom.xml                         |  2 +-
 src/etc/project-suppression.xml | 21 ++++++++++++++-------
 2 files changed, 15 insertions(+), 8 deletions(-)

diff --git a/pom.xml b/pom.xml
index 9907694..738ddc7 100644
--- a/pom.xml
+++ b/pom.xml
@@ -314,7 +314,7 @@
                     <version>3.1.1</version>
                     <configuration>
                         <suppressionFiles>
-                            \
<suppressionFile>${project.basedir}/src/etc/project-suppression.xml</suppressionFile> \
+                            \
<suppressionFile>src/etc/project-suppression.xml</suppressionFile>  \
</suppressionFiles>  <failBuildOnCVSS>7</failBuildOnCVSS>
                         <skipProvidedScope>true</skipProvidedScope>
diff --git a/src/etc/project-suppression.xml b/src/etc/project-suppression.xml
index 1373966..19454e3 100644
--- a/src/etc/project-suppression.xml
+++ b/src/etc/project-suppression.xml
@@ -22,15 +22,22 @@
         <notes><![CDATA[
         This suppresses false positives identified on Struts Annotations.
         ]]></notes>
-        <gav regex="true">org\.apache\.struts:struts\-annotations\:1\.0\.6</gav>
+        <gav regex="true">org\.apache\.struts:struts\-annotations\:1\.0\.6.*$</gav>
         <cpe>cpe:/a:apache:struts:1.0.6</cpe>
     </suppress>
     <suppress>
-        <notes><![CDATA[
-        This suppresses false positives identified on Struts 1.
-        ]]></notes>
-        <gav regex="true">org\.apache\.struts\:struts\-*:1\.3\.8</gav>
-        <cpe>cpe:/a:apache:struts:1.3.8</cpe>
-        <cpe>cpe:/a:apache:tiles:1.3.8</cpe>
+        <notes><![CDATA[file name: struts-core-1.3.8.jar]]></notes>
+        <gav regex="true">^org\.apache\.struts:struts\-core\:1\.3\.8.*$</gav>
+        <cpe>cpe:/a:apache:struts</cpe>
+    </suppress>
+    <suppress>
+        <notes><![CDATA[file name: struts-tiles-1.3.8.jar]]></notes>
+        <gav regex="true">^org\.apache\.struts:struts\-tiles\:1\.3\.8.*$</gav>
+        <cpe>cpe:/a:apache:struts</cpe>
+    </suppress>
+    <suppress>
+        <notes><![CDATA[file name: struts-taglib-1.3.8.jar]]></notes>
+        <gav regex="true">^org\.apache\.struts:struts\-taglib\:1\.3\.8.*$</gav>
+        <cpe>cpe:/a:apache:struts</cpe>
     </suppress>
 </suppressions>
\ No newline at end of file

-- 
To stop receiving notification emails like this one, please contact
lukaszlenart@apache.org.


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic