Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Detected outdated suppressions #4840

Closed
Jurrie opened this issue Sep 13, 2022 · 2 comments
Closed

Detected outdated suppressions #4840

Jurrie opened this issue Sep 13, 2022 · 2 comments
Labels
enhancement

Comments

@Jurrie
Copy link

Jurrie commented Sep 13, 2022

We are using the OWASP Dependency Check for a while now, and the suppression file has grown. Suppressions get outdated when we bump a dependency to a newer version, or when we bump the version of Dependency Check itself. As a consequence, our suppressions file has some stale suppressions. I would like to clean it up.

I could do that manually, but that would be a lot of tedious work.

Could the OWASP Dependency Check plugin track which suppression it has hit, and when it is done report all suppressions it did not hit? Those suppressions are candidate for removal.
@mprins
Copy link
Contributor

mprins commented Sep 13, 2022

This is available in the current release: #4685

You just need to run with debug logging enabled, with Maven use -X as a commandline option

@Jurrie
Copy link
Author

Jurrie commented Sep 13, 2022

Aah, I totally missed this! Thanks!

@Jurrie Jurrie closed this as completed Sep 13, 2022
@chadlwilson chadlwilson mentioned this issue Oct 6, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mprins @Jurrie